Vulnerabilities > Siemens > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-03 | CVE-2021-32803 | Link Following vulnerability in multiple products The npm package "tar" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. | 8.1 |
| 2021-08-03 | CVE-2021-32804 | Path Traversal vulnerability in multiple products The npm package "tar" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. | 8.1 |
| 2021-07-13 | CVE-2020-28400 | Allocation of Resources Without Limits or Throttling vulnerability in Siemens products Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. | 7.5 |
| 2021-07-13 | CVE-2021-31892 | Improper Certificate Validation vulnerability in Siemens products A vulnerability has been identified in SINUMERIK Analyse MyCondition (All versions), SINUMERIK Analyze MyPerformance (All versions), SINUMERIK Analyze MyPerformance /OEE-Monitor (All versions), SINUMERIK Analyze MyPerformance /OEE-Tuning (All versions), SINUMERIK Integrate Client 02 (All versions >= V02.00.12 < 02.00.18), SINUMERIK Integrate Client 03 (All versions >= V03.00.12 < 03.00.18), SINUMERIK Integrate Client 04 (V04.00.02 and all versions >= V04.00.15 < 04.00.18), SINUMERIK Integrate for Production 4.1 (All versions < V4.1 SP10 HF3), SINUMERIK Integrate for Production 5.1 (V5.1), SINUMERIK Manage MyMachines (All versions), SINUMERIK Manage MyMachines /Remote (All versions), SINUMERIK Manage MyMachines /Spindel Monitor (All versions), SINUMERIK Manage MyPrograms (All versions), SINUMERIK Manage MyResources /Programs (All versions), SINUMERIK Manage MyResources /Tools (All versions), SINUMERIK Manage MyTools (All versions), SINUMERIK Operate V4.8 (All versions < V4.8 SP8), SINUMERIK Operate V4.93 (All versions < V4.93 HF7), SINUMERIK Operate V4.94 (All versions < V4.94 HF5), SINUMERIK Optimize MyProgramming /NX-Cam Editor (All versions). | 7.4 |
| 2021-07-13 | CVE-2021-31893 | Classic Buffer Overflow vulnerability in Siemens products A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). | 7.8 |
| 2021-07-13 | CVE-2021-31894 | Incorrect Permission Assignment for Critical Resource vulnerability in Siemens products A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). | 8.8 |
| 2021-07-13 | CVE-2021-34291 | Out-of-bounds Write vulnerability in Siemens Jt2Go and Teamcenter Visualization A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). | 7.8 |
| 2021-07-13 | CVE-2021-34292 | Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). | 7.8 |
| 2021-07-13 | CVE-2021-34293 | Out-of-bounds Write vulnerability in Siemens Jt2Go and Teamcenter Visualization A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). | 7.8 |
| 2021-07-13 | CVE-2021-34294 | Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). | 7.8 |