Vulnerabilities > Siemens

DATE CVE VULNERABILITY TITLE RISK
2018-12-12 CVE-2018-11458 Unspecified vulnerability in Siemens products
A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).
network
high complexity
siemens
8.1
2018-12-12 CVE-2018-11457 Unspecified vulnerability in Siemens products
A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).
network
high complexity
siemens
8.1
2018-10-10 CVE-2018-13805 Resource Exhaustion vulnerability in Siemens products
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 incl.
network
low complexity
siemens CWE-400
7.5
2018-10-10 CVE-2018-13802 Improper Privilege Management vulnerability in Siemens ROX II Firmware
A vulnerability has been identified in ROX II (All versions < V2.12.1).
network
low complexity
siemens CWE-269
7.2
2018-10-10 CVE-2018-13801 Improper Privilege Management vulnerability in Siemens ROX II Firmware
A vulnerability has been identified in ROX II (All versions < V2.12.1).
network
low complexity
siemens CWE-269
8.8
2018-10-10 CVE-2018-13800 Cross-Site Request Forgery (CSRF) vulnerability in Siemens Simatic S7-1200 V4 Firmware
A vulnerability has been identified in SIMATIC S7-1200 CPU family version 4 (All versions < V4.2.3).
network
low complexity
siemens CWE-352
7.3
2018-09-12 CVE-2018-3658 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
network
low complexity
siemens intel CWE-772
5.3
2018-09-12 CVE-2018-3657 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
local
low complexity
siemens intel CWE-119
6.7
2018-09-12 CVE-2018-3616 Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
network
high complexity
intel siemens
5.9
2018-09-12 CVE-2018-13807 Improper Input Validation vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X300 (All versions < V4.0.0), SCALANCE X408 (All versions < V4.0.0), SCALANCE X414 (All versions).
network
low complexity
siemens CWE-20
8.6