Vulnerabilities > Siemens > Desigo CC

DATE CVE VULNERABILITY TITLE RISK
2022-06-21 CVE-2022-33139 Use of Client-Side Authentication vulnerability in Siemens products
A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration).
network
low complexity
siemens CWE-603
critical
 9.8
9.8
2021-09-14 CVE-2021-31891 OS Command Injection vulnerability in Siemens products
A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions).
network
low complexity
siemens CWE-78
critical
 10.0
10
2021-09-14 CVE-2021-37181 Deserialization of Untrusted Data vulnerability in Siemens Cerberus Dms, Desigo CC and Desigo CC Compact
A vulnerability has been identified in Cerberus DMS V4.0 (All versions), Cerberus DMS V4.1 (All versions), Cerberus DMS V4.2 (All versions), Cerberus DMS V5.0 (All versions < v5.0 QU1), Desigo CC Compact V4.0 (All versions), Desigo CC Compact V4.1 (All versions), Desigo CC Compact V4.2 (All versions), Desigo CC Compact V5.0 (All versions < V5.0 QU1), Desigo CC V4.0 (All versions), Desigo CC V4.1 (All versions), Desigo CC V4.2 (All versions), Desigo CC V5.0 (All versions < V5.0 QU1).
network
low complexity
siemens CWE-502
7.5
7.5