Vulnerabilities > Siemens > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-13 | CVE-2018-13812 | Path Traversal vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). | 5.0 |
| 2018-12-12 | CVE-2018-11464 | Unspecified vulnerability in Siemens products A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). network siemens | 4.3 |
| 2018-12-12 | CVE-2018-11463 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Siemens products A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). | 4.6 |
| 2018-12-12 | CVE-2018-11461 | Unspecified vulnerability in Siemens products A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). | 4.6 |
| 2018-10-10 | CVE-2018-13805 | Resource Exhaustion vulnerability in Siemens products A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 incl. | 5.0 |
| 2018-10-10 | CVE-2018-13800 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens Simatic S7-1200 V4 Firmware A vulnerability has been identified in SIMATIC S7-1200 CPU family version 4 (All versions < V4.2.3). | 4.9 |
| 2018-09-12 | CVE-2018-3658 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access. | 5.3 |
| 2018-09-12 | CVE-2018-3657 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access. | 6.7 |
| 2018-09-12 | CVE-2018-3616 | Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. | 5.9 |
| 2018-09-12 | CVE-2018-13799 | Unspecified vulnerability in Siemens Simatic Wincc Open Architecture A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). | 6.4 |