Vulnerabilities > Siemens
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-02-03 | CVE-2011-4509 | Permissions, Privileges, and Access Controls vulnerability in Siemens products The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the administrator account, which makes it easier for remote attackers to obtain access via a brute-force approach involving many HTTP requests. | 10.0 |
2012-02-03 | CVE-2011-4508 | Improper Authentication vulnerability in Siemens products The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime generates predictable authentication tokens for cookies, which makes it easier for remote attackers to bypass authentication via a crafted cookie. | 9.3 |
2012-01-08 | CVE-2011-4532 | Path Traversal vulnerability in Siemens Automation License Manager 5.1 Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd2 allows remote attackers to overwrite arbitrary files via the Save method. | 5.0 |
2012-01-08 | CVE-2011-4531 | Improper Input Validation vulnerability in Siemens Automation License Manager 5.1 Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command. | 5.0 |
2012-01-08 | CVE-2011-4530 | Improper Input Validation vulnerability in Siemens Automation License Manager 5.1 Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service (exception and daemon crash) via long fields, as demonstrated by fields to the (1) open_session->workstation->NAME or (2) grant->VERSION function. | 5.0 |
2012-01-08 | CVE-2011-4529 | Buffer Errors vulnerability in Siemens Automation License Manager 5.1 Multiple buffer overflows in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allow remote attackers to execute arbitrary code via a long serialid field in an _licensekey command, as demonstrated by the (1) check_licensekey or (2) read_licensekey command. | 7.5 |
2012-01-08 | CVE-2011-4056 | Unspecified vulnerability in Siemens Tecnomatix Factorylink 6.6.1/7.5.217/8.0.2.54 An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to create or overwrite arbitrary files via the save method. network siemens | 5.8 |
2012-01-08 | CVE-2011-4055 | Buffer Errors vulnerability in Siemens Tecnomatix Factorylink 6.6.1/7.5.217/8.0.2.54 Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a long string in a parameter associated with the location URL. | 9.3 |
2011-09-16 | CVE-2011-3321 | Buffer Errors vulnerability in Siemens products Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC flexible Runtime and SIMATIC WinCC (TIA Portal) Runtime Advanced, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted packet to TCP port 2308. | 9.3 |
2010-07-22 | CVE-2010-2772 | Use of Hard-coded Credentials vulnerability in Siemens Simatic PCS 7 and Simatic Wincc Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568. | 7.8 |