Vulnerabilities > Siemens > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-23 | CVE-2017-9946 | Improper Authentication vulnerability in Siemens products A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. | 7.5 |
| 2017-08-30 | CVE-2017-12735 | Man-in-the-Middle vulnerability in Siemens Logo! 8 BM Firmware A vulnerability has been identified in LOGO! 8 BM (incl. | 7.4 |
| 2017-08-30 | CVE-2017-12734 | SFP Primary Cluster: Information Leak vulnerability in Siemens Logo!8 BM Fs-05 Firmware 1.81.1 A vulnerability has been identified in LOGO! 8 BM (incl. | 7.5 |
| 2017-08-30 | CVE-2017-12069 | XXE vulnerability in multiple products An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. | 8.2 |
| 2017-08-08 | CVE-2017-9942 | Unspecified vulnerability in Siemens Sipass Integrated 2.65 A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems. | 7.8 |
| 2017-08-08 | CVE-2017-9941 | Unspecified vulnerability in Siemens Sipass Integrated 2.65 A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker in a Man-in-the-Middle position between the SiPass integrated server and SiPass integrated clients to read or modify the network communication. | 7.4 |
| 2017-08-08 | CVE-2017-9940 | Improper Privilege Management vulnerability in Siemens Sipass Integrated 2.65 A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file system of the SiPass integrated server over the network. | 8.1 |
| 2017-08-08 | CVE-2017-9938 | Improper Input Validation vulnerability in Siemens Simatic Logon 1.5 A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. | 7.5 |
| 2017-08-08 | CVE-2017-6873 | Unspecified vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack on the integrated web server on port 443/tcp. | 7.4 |
| 2017-08-08 | CVE-2017-6870 | Unspecified vulnerability in Siemens Simatic Wincc Sm@Rtclient 1.0/1.0.2.1 A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2). | 7.4 |