Vulnerabilities > Siemens > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-10 CVE-2019-10936 Resource Exhaustion vulnerability in Siemens products
Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.
network
low complexity
siemens CWE-400
7.5
7.5
2019-10-10 CVE-2019-10923 Resource Exhaustion vulnerability in Siemens products
An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.
network
low complexity
siemens CWE-400
7.5
7.5
2019-10-09 CVE-2019-16905 Integer Overflow or Wraparound vulnerability in multiple products
OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key.
local
low complexity
openbsd netapp siemens CWE-190
7.8
7.8
2019-09-13 CVE-2019-10937 Improper Input Validation vulnerability in Siemens Simatic TDC Cp51M1 Firmware
A vulnerability has been identified in SIMATIC TDC CP51M1 (All versions < V1.1.7).
network
low complexity
siemens CWE-20
7.5
7.5
2019-08-13 CVE-2019-10943 Missing Support for Integrity Check vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
network
low complexity
siemens CWE-353
7.5
7.5
2019-08-13 CVE-2019-10942 Resource Exhaustion vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200 switch family (incl.
network
low complexity
siemens CWE-400
8.6
8.6
2019-08-09 CVE-2019-12258 Session Fixation vulnerability in multiple products
Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component.
network
low complexity
windriver sonicwall siemens netapp belden CWE-384
7.5
7.5
2019-08-09 CVE-2019-12263 Out-of-bounds Write vulnerability in multiple products
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4).
network
high complexity
windriver sonicwall siemens netapp belden CWE-787
8.1
8.1
2019-08-09 CVE-2019-12259 NULL Pointer Dereference vulnerability in multiple products
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component.
network
low complexity
windriver sonicwall siemens belden CWE-476
7.5
7.5
2019-08-09 CVE-2019-12257 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. 		8.8
8.8