Vulnerabilities > Siemens > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-43505 | Improper Access Control vulnerability in Siemens Comos A vulnerability has been identified in COMOS (All versions). | 6.5 |
| 2023-11-14 | CVE-2023-44318 | Use of Hard-coded Cryptographic Key vulnerability in Siemens products Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. | 4.9 |
| 2023-11-14 | CVE-2023-44319 | Reversible One-Way Hash vulnerability in Siemens products Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. | 4.9 |
| 2023-11-14 | CVE-2023-44320 | Forced Browsing vulnerability in Siemens products Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator. | 4.3 |
| 2023-11-14 | CVE-2023-44321 | Resource Exhaustion vulnerability in Siemens products Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. | 6.5 |
| 2023-11-14 | CVE-2023-44322 | Unchecked Return Value vulnerability in Siemens products Affected devices can be configured to send emails when certain events occur on the device. | 5.9 |
| 2023-11-14 | CVE-2023-46096 | Missing Authentication for Critical Function vulnerability in Siemens Simatic PCS NEO 3.0 A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). | 6.5 |
| 2023-11-14 | CVE-2023-46099 | Cross-site Scripting vulnerability in Siemens Simatic PCS NEO 3.0 A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). | 4.8 |
| 2023-10-10 | CVE-2023-37194 | Improper Access Control vulnerability in Siemens products A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). | 6.7 |
| 2023-10-10 | CVE-2023-37195 | Resource Exhaustion vulnerability in Siemens products A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). | 4.4 |