Vulnerabilities > Siemens > Simatic HMI Comfort Panels Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-11 | CVE-2022-40227 | Improper Input Validation vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. | 7.5 |
| 2021-05-12 | CVE-2019-19276 | Out-of-bounds Write vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. | 5.3 |
| 2021-02-09 | CVE-2020-15798 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. | 9.8 |
| 2020-09-09 | CVE-2020-15786 | Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl. | 9.8 |
| 2020-07-14 | CVE-2020-7592 | Cleartext Transmission of Sensitive Information vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. | 6.5 |
| 2019-05-14 | CVE-2019-6577 | Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). | 5.4 |
| 2019-05-14 | CVE-2019-6576 | Cryptographic Issues vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). | 7.5 |
| 2019-05-14 | CVE-2019-6572 | Use of Hard-coded Credentials vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). | 9.1 |
| 2019-04-17 | CVE-2019-6568 | Out-of-bounds Read vulnerability in Siemens products The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. | 7.5 |
| 2018-12-13 | CVE-2018-13814 | Improper Input Validation vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V14), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V14), SIMATIC WinCC Runtime Advanced (All versions < V14), SIMATIC WinCC Runtime Professional (All versions < V14), SIMATIC WinCC (TIA Portal) (All versions < V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). | 8.8 |