Vulnerabilities > Siemens

DATE CVE VULNERABILITY TITLE RISK
2018-06-26 CVE-2018-4859 OS Command Injection vulnerability in Siemens Scalance M875 Firmware
A vulnerability has been identified in SCALANCE M875 (All versions).
network
low complexity
siemens CWE-78
critical
9.0
2018-06-26 CVE-2018-4846 Use of Hard-coded Credentials vulnerability in Siemens products
A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products).
network
low complexity
siemens CWE-798
critical
10.0
2018-06-26 CVE-2018-4845 Improper Privilege Management vulnerability in Siemens products
A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products).
network
low complexity
siemens CWE-269
8.8
2018-06-26 CVE-2018-11449 Unspecified vulnerability in Siemens Scalance M875 Firmware
A vulnerability has been identified in SCALANCE M875 (All versions).
local
low complexity
siemens
2.1
2018-06-26 CVE-2018-11448 Cross-site Scripting vulnerability in Siemens Scalance M875 Firmware
A vulnerability has been identified in SCALANCE M875 (All versions).
network
siemens CWE-79
3.5
2018-06-26 CVE-2018-11447 Cross-Site Request Forgery (CSRF) vulnerability in Siemens Scalance M875 Firmware
A vulnerability has been identified in SCALANCE M875 (All versions).
network
siemens CWE-352
6.8
2018-06-14 CVE-2018-4848 Cross-site Scripting vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200 switch family (incl.
network
low complexity
siemens CWE-79
6.1
2018-06-14 CVE-2018-4842 Cross-site Scripting vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200IRT switch family (incl.
network
low complexity
siemens CWE-79
4.8
2018-06-14 CVE-2018-4833 Improper Input Validation vulnerability in Siemens products
A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl.
low complexity
siemens CWE-20
5.8
2018-06-04 CVE-2016-9042 Improper Input Validation vulnerability in multiple products
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9.
network
high complexity
ntp freebsd hpe siemens CWE-20
5.9