Vulnerabilities > Siemens > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-11 CVE-2023-36748 Inadequate Encryption Strength vulnerability in Siemens products
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0).
network
high complexity
siemens CWE-326
6.8
2023-06-13 CVE-2023-27465 Information Exposure vulnerability in Siemens products
A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D445-2 DP/PN (All versions >= V5.4), SIMOTION D445-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D455-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION P320-4 E (All versions >= V5.4), SIMOTION P320-4 S (All versions >= V5.4).
low complexity
siemens CWE-200
4.6
2023-06-13 CVE-2023-30757 Unspecified vulnerability in Siemens Totally Integrated Automation Portal
A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions).
local
low complexity
siemens
5.5
2023-06-13 CVE-2023-31238 Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Q200 Firmware
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60).
network
high complexity
siemens CWE-732
4.8
2023-06-13 CVE-2023-33121 NULL Pointer Dereference vulnerability in Siemens Jt2Go and Teamcenter Visualization
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3).
local
low complexity
siemens CWE-476
5.5
2023-06-13 CVE-2023-33122 Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3).
local
low complexity
siemens CWE-125
5.5
2023-06-13 CVE-2023-33920 Use of Hard-coded Credentials vulnerability in Siemens Cpci85 Firmware
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05).
low complexity
siemens CWE-798
6.8
2023-06-13 CVE-2023-33921 Unspecified vulnerability in Siemens Cpci85 Firmware
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05).
low complexity
siemens
6.8
2023-05-09 CVE-2023-29103 Use of Hard-coded Password vulnerability in Siemens 6Gk1411-1Ac00 Firmware and 6Gk1411-5Ac00 Firmware
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1).
network
low complexity
siemens CWE-259
4.3
2023-05-09 CVE-2023-29107 Files or Directories Accessible to External Parties vulnerability in Siemens 6Gk1411-1Ac00 Firmware and 6Gk1411-5Ac00 Firmware
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1).
network
low complexity
siemens CWE-552
5.3