Vulnerabilities > Siemens > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-03-30 CVE-2021-25150 Command Injection vulnerability in multiple products
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below.
network
low complexity
arubanetworks siemens CWE-77
critical
 9.0
9.0
2021-03-30 CVE-2021-25146 Command Injection vulnerability in multiple products
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below.
network
low complexity
arubanetworks siemens CWE-77
critical
 9.0
9.0
2021-03-29 CVE-2021-25144 Classic Buffer Overflow vulnerability in multiple products
A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below.
network
low complexity
arubanetworks siemens CWE-120
critical
 9.0
9.0
2021-03-29 CVE-2020-24636 OS Command Injection vulnerability in multiple products
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below.
network
low complexity
arubanetworks siemens CWE-78
critical
 10.0
10
2021-03-29 CVE-2020-24635 OS Command Injection vulnerability in multiple products
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below.
network
low complexity
arubanetworks siemens CWE-78
critical
 9.0
9.0
2021-03-11 CVE-2016-20009 Out-of-bounds Write vulnerability in multiple products
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7.
network
low complexity
windriver siemens CWE-787
critical
 9.8
9.8
2021-02-09 CVE-2020-15798 Missing Authentication for Critical Function vulnerability in Siemens products
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl.
network
low complexity
siemens CWE-306
critical
 9.8
9.8
2021-01-12 CVE-2020-25226 Heap-based Buffer Overflow vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200 switch family (incl.
network
low complexity
siemens CWE-122
critical
 10.0
10
2021-01-12 CVE-2020-15800 Heap-based Buffer Overflow vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200 switch family (incl.
network
siemens CWE-122
critical
 9.3
9.3
2020-12-14 CVE-2020-25228 Missing Authentication for Critical Function vulnerability in Siemens Logo! 8 BM Firmware
A vulnerability has been identified in LOGO! 8 BM (incl.
network
low complexity
siemens CWE-306
critical
 10.0
10