Vulnerabilities > Siemens > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-05-14 CVE-2019-10922 Unspecified vulnerability in Siemens Simatic PCS 7 and Simatic Wincc
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions).
network
low complexity
siemens
critical
9.8
2019-05-14 CVE-2019-10919 Missing Authentication for Critical Function vulnerability in Siemens Logo!8 BM Firmware
A vulnerability has been identified in LOGO! 8 BM (incl.
network
low complexity
siemens CWE-306
critical
9.4
2019-05-10 CVE-2018-7084 OS Command Injection vulnerability in multiple products
A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system.
network
low complexity
arubanetworks siemens CWE-78
critical
9.8
2019-04-17 CVE-2019-6579 Unspecified vulnerability in Siemens Spectrum Power 4
A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal).
network
low complexity
siemens
critical
9.8
2019-04-17 CVE-2018-13808 Information Exposure vulnerability in Siemens CP 1604 Firmware and CP 1616 Firmware
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions).
network
low complexity
siemens CWE-200
critical
9.1
2019-03-26 CVE-2019-6569 Expected Behavior Violation vulnerability in Siemens products
The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port into the mirrored network.
network
low complexity
siemens CWE-440
critical
9.1
2019-03-08 CVE-2019-8275 UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users.
network
low complexity
uvnc siemens
critical
9.8
2019-03-08 CVE-2019-8274 Out-of-bounds Write vulnerability in multiple products
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can potentially in result code execution.
network
low complexity
uvnc siemens CWE-787
critical
9.8
2019-03-08 CVE-2019-8273 Out-of-bounds Write vulnerability in multiple products
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution.
network
low complexity
uvnc siemens CWE-787
critical
9.8
2019-03-08 CVE-2019-8272 Off-by-one Error vulnerability in multiple products
UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution.
network
low complexity
uvnc siemens CWE-193
critical
9.8