Vulnerabilities > Siemens > Simatic Logon > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-03-25 CVE-2021-3449 NULL Pointer Dereference vulnerability in multiple products
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client.
5.9
2017-08-08 CVE-2017-9938 Improper Input Validation vulnerability in Siemens Simatic Logon
A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition.
network
low complexity
siemens CWE-20
5.0
2017-02-22 CVE-2017-2684 Authentication Bypass vulnerability in Siemens Simatic Logon 1.5
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.
network
siemens
6.8