Vulnerabilities > Siemens > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-09 CVE-2020-12358 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.
local
low complexity
intel siemens netapp CWE-787
4.4
2021-06-09 CVE-2020-24486 Improper Input Validation vulnerability in multiple products
Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel netapp siemens CWE-20
5.5
2021-06-09 CVE-2020-24506 Out-of-bounds Read vulnerability in multiple products
Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel siemens CWE-125
4.4
2021-06-09 CVE-2020-24507 Improper Initialization vulnerability in multiple products
Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel siemens CWE-665
4.4
2021-06-09 CVE-2020-24513 Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel debian siemens
6.5
2021-06-09 CVE-2020-8670 Race Condition vulnerability in multiple products
Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
high complexity
intel siemens netapp CWE-362
6.4
2021-06-09 CVE-2020-8703 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp siemens CWE-119
6.7
2021-06-09 CVE-2020-8704 Race Condition vulnerability in multiple products
Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.
local
high complexity
intel siemens CWE-362
6.4
2021-05-27 CVE-2021-27492 When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers.
local
low complexity
luxion datakit siemens
5.5
2021-05-12 CVE-2019-19276 Unspecified vulnerability in Siemens products
A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl.
network
low complexity
siemens
5.3