Vulnerabilities > Siemens

DATE CVE VULNERABILITY TITLE RISK
2016-12-17 CVE-2016-9160 7PK - Security Features vulnerability in Siemens Simatic PCS 7 and Simatic Wincc
A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.
network
low complexity
siemens CWE-254
8.1
2016-12-17 CVE-2016-9159 Information Exposure vulnerability in Siemens products
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl.
network
high complexity
siemens CWE-200
5.9
2016-12-17 CVE-2016-9158 Improper Input Validation vulnerability in Siemens products
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl.
network
low complexity
siemens CWE-20
7.5
2016-12-05 CVE-2016-9157 Improper Access Control vulnerability in Siemens Sicam Pas/Pqs
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by sending specially crafted packets to port 19234/TCP.
network
low complexity
siemens CWE-284
critical
9.8
2016-12-05 CVE-2016-9156 Improper Access Control vulnerability in Siemens Sicam Pas/Pqs
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP.
network
low complexity
siemens CWE-284
7.3
2016-11-23 CVE-2016-8673 Cross-Site Request Forgery (CSRF) vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl.
network
low complexity
siemens CWE-352
8.8
2016-11-23 CVE-2016-8672 Information Exposure vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl.
network
low complexity
siemens CWE-200
5.3
2016-11-22 CVE-2016-9155 Improper Access Control vulnerability in Siemens products
The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; CCID1445-DN18, CCID1445-DN28, CCID1145-DN36, CFIS1425, CCIS1425, CFMS2025, CCMS2025, CVMS2025-IR, CFMW1025, CCMW1025 prior to version v2635_SP1 could allow an attacker with network access to the web server to obtain administrative credentials under certain circumstances.
network
low complexity
siemens CWE-284
critical
9.8
2016-11-18 CVE-2016-8562 Unspecified vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28).
network
high complexity
siemens
7.5
2016-11-18 CVE-2016-8561 Permissions, Privileges, and Access Controls vulnerability in Siemens Simatic CP 1543-1 Firmware
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28).
network
high complexity
siemens CWE-264
6.6