Vulnerabilities > Siemens
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-28 | CVE-2021-31337 | Unspecified vulnerability in Siemens products The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. | 9.8 |
| 2021-06-17 | CVE-2021-32936 | An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. | 7.8 |
| 2021-06-17 | CVE-2021-32938 | Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. | 7.1 |
| 2021-06-17 | CVE-2021-32940 | An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data. | 7.1 |
| 2021-06-17 | CVE-2021-32944 | Use After Free vulnerability in multiple products A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. | 7.8 |
| 2021-06-17 | CVE-2021-32948 | An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. | 7.8 |
| 2021-06-17 | CVE-2021-32950 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. | 7.1 |
| 2021-06-17 | CVE-2021-32952 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of user-supplied data. | 7.8 |
| 2021-06-17 | CVE-2021-32946 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-supplied data. | 7.8 |
| 2021-06-16 | CVE-2020-27339 | Improper Input Validation vulnerability in multiple products In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. | 6.7 |