Vulnerabilities > Siemens > Simatic HMI Comfort Panels Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-02-09 CVE-2020-15798 Missing Authentication for Critical Function vulnerability in Siemens products
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl.
network
low complexity
siemens CWE-306
critical
 9.8
9.8
2020-09-09 CVE-2020-15786 Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens products
A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl.
network
low complexity
siemens CWE-307
critical
 9.8
9.8
2019-05-14 CVE-2019-6572 Use of Hard-coded Credentials vulnerability in Siemens products
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions).
network
low complexity
siemens CWE-798
critical
 9.1
9.1