Vulnerabilities > Siemens > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-14 | CVE-2019-12262 | Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. | 9.8 |
| 2019-08-09 | CVE-2019-12261 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). | 9.8 |
| 2019-08-09 | CVE-2019-12260 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). | 9.8 |
| 2019-08-09 | CVE-2019-12255 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). | 9.8 |
| 2019-08-09 | CVE-2019-12256 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. | 9.8 |
| 2019-08-02 | CVE-2019-10938 | Unspecified vulnerability in Siemens Siprotec 5 Digsi Device Driver A vulnerability has been identified in SIPROTEC 5 devices with CPU variants CP200 (All versions < V7.59), SIPROTEC 5 devices with CPU variants CP300 and CP100 (All versions < V8.01), Siemens Power Meters Series 9410 (All versions < V2.2.1), Siemens Power Meters Series 9810 (All versions). | 9.8 |
| 2019-07-19 | CVE-2019-12815 | Improper Handling of Exceptional Conditions vulnerability in multiple products An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306. | 9.8 |
| 2019-06-12 | CVE-2019-6580 | Missing Authorization vulnerability in Siemens products A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). | 9.8 |
| 2019-05-16 | CVE-2019-0708 | Use After Free vulnerability in multiple products A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | 9.8 |
| 2019-05-14 | CVE-2019-6572 | Use of Hard-coded Credentials vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). | 9.1 |