Vulnerabilities > Siemens > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-18 CVE-2024-52572 Out-of-bounds Write vulnerability in Siemens Tecnomatix Plant Simulation
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007).
local
low complexity
siemens CWE-787
7.8
2024-11-12 CVE-2024-29119 Unspecified vulnerability in Siemens Spectrum Power 7 2.20/2.30/23Q3
A vulnerability has been identified in Spectrum Power 7 (All versions < V24Q3).
local
low complexity
siemens
7.8
2024-11-12 CVE-2024-46892 Insufficient Session Expiration vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3).
network
low complexity
siemens CWE-613
8.1
2024-11-12 CVE-2024-47783 Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Siport
A vulnerability has been identified in SIPORT (All versions < V3.4.0).
local
low complexity
siemens CWE-732
7.8
2024-11-12 CVE-2024-47940 Out-of-bounds Read vulnerability in Siemens Solid Edge Se2024
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9).
local
low complexity
siemens CWE-125
7.8
2024-11-12 CVE-2024-47941 Out-of-bounds Read vulnerability in Siemens Solid Edge Se2024
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9).
local
low complexity
siemens CWE-125
7.8
2024-11-12 CVE-2024-47942 Uncontrolled Search Path Element vulnerability in Siemens Solid Edge Se2024
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9).
local
low complexity
siemens CWE-427
7.3
2024-11-12 CVE-2024-50310 Incorrect Authorization vulnerability in Siemens Simatic CP 1543-1 Firmware
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50).
network
low complexity
siemens CWE-863
7.5
2024-11-12 CVE-2024-50572 Command Injection vulnerability in Siemens products
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2).
network
low complexity
siemens CWE-77
7.2
2024-10-23 CVE-2024-47904 Unspecified vulnerability in Siemens products
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)).
local
low complexity
siemens
7.8