Vulnerabilities > Siemens > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-11 | CVE-2023-23588 | Improper Certificate Validation vulnerability in multiple products A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC647D (All versions), SIMATIC IPC647E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC847D (All versions), SIMATIC IPC847E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows). | 6.3 |
| 2023-03-14 | CVE-2023-27462 | Unspecified vulnerability in Siemens Ruggedcom Crossbow 5.2 A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). | 4.3 |
| 2023-01-10 | CVE-2022-38773 | Unspecified vulnerability in Siemens products Affected devices do not contain an Immutable Root of Trust in Hardware. low complexity siemens | 6.8 |
| 2022-12-13 | CVE-2022-44575 | Cross-site Scripting vulnerability in Siemens PLM Help Server 4.2 A vulnerability has been identified in PLM Help Server V4.2 (All versions). | 6.1 |
| 2022-12-13 | CVE-2022-44731 | Unspecified vulnerability in Siemens Simatic Wincc OA A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions < V3.15 P038), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035), SIMATIC WinCC OA V3.17 (All versions < V3.17 P024), SIMATIC WinCC OA V3.18 (All versions < V3.18 P014). | 5.4 |
| 2022-12-13 | CVE-2022-45937 | Unspecified vulnerability in Siemens products A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). | 6.5 |
| 2022-12-13 | CVE-2022-46350 | Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). | 6.1 |
| 2022-12-13 | CVE-2022-46351 | Resource Exhaustion vulnerability in Siemens products A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). | 5.5 |
| 2022-12-13 | CVE-2022-46354 | Unspecified vulnerability in Siemens products A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). | 5.3 |
| 2022-12-05 | CVE-2022-35256 | HTTP Request Smuggling vulnerability in multiple products The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. | 6.5 |