Vulnerabilities > Siemens > Scalance Sc632 2C Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-18 CVE-2022-30065 Use After Free vulnerability in multiple products
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
local
low complexity
busybox siemens CWE-416
7.8
2022-03-25 CVE-2018-25032 Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
7.5
2021-10-18 CVE-2021-41991 Integer Overflow or Wraparound vulnerability in multiple products
The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries.
network
low complexity
strongswan debian fedoraproject siemens CWE-190
7.5
2021-03-15 CVE-2021-25667 Stack-based Buffer Overflow vulnerability in Siemens products
A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2).
low complexity
siemens CWE-121
8.8