Vulnerabilities > Siemens > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-37372 SQL Injection vulnerability in Siemens Ruggedcom Crossbow 5.2/5.3
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4).
network
low complexity
siemens CWE-89
critical
 9.8
9.8
2023-07-11 CVE-2023-29130 Unspecified vulnerability in Siemens Simatic CN 4100
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5).
network
low complexity
siemens
critical
 10.0
10
2023-07-11 CVE-2023-29131 Incorrect Default Permissions vulnerability in Siemens Simatic CN 4100
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5).
network
low complexity
siemens CWE-276
critical
 10.0
10
2023-05-09 CVE-2023-27407 OS Command Injection vulnerability in Siemens Scalance Lpe9403 Firmware 2.0
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1).
network
low complexity
siemens CWE-78
critical
 9.9
9.9
2023-04-11 CVE-2023-28489 Command Injection vulnerability in Siemens Cp-8031 Firmware and Cp-8050 Firmware
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05).
network
low complexity
siemens CWE-77
critical
 9.8
9.8
2023-02-14 CVE-2023-24482 Classic Buffer Overflow vulnerability in Siemens Comos
A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4 (All versions < V10.3.3.4.6), COMOS V10.4.0.0 (All versions < V10.4.0.0.31), COMOS V10.4.1.0 (All versions < V10.4.1.0.32), COMOS V10.4.2.0 (All versions < V10.4.2.0.25).
network
low complexity
siemens CWE-120
critical
 9.8
9.8
2023-01-10 CVE-2022-43514 Path Traversal vulnerability in Siemens Automation License Manager
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4), TeleControl Server Basic V3 (All versions < V3.1.2).
network
low complexity
siemens CWE-22
critical
 9.8
9.8
2022-12-13 CVE-2022-43724 Cleartext Transmission of Sensitive Information vulnerability in Siemens Sicam Pas/Pqs
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0).
network
low complexity
siemens CWE-319
critical
 9.8
9.8
2022-12-05 CVE-2022-35255 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc.
network
low complexity
nodejs siemens debian CWE-338
critical
 9.1
9.1
2022-10-21 CVE-2022-43400 Improper Authentication vulnerability in Siemens Siveillance Video Mobile Server
A vulnerability has been identified in Siveillance Video Mobile Server V2022 R2 (All versions < V22.2a (80)).
network
low complexity
siemens CWE-287
critical
 9.8
9.8