Vulnerabilities > Siemens > Simatic Step 7 TIA Portal > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-10 CVE-2021-37172 Improper Authentication vulnerability in Siemens products
A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl.
network
low complexity
siemens CWE-287
7.5
7.5
2018-08-07 CVE-2018-11454 Incorrect Permission Assignment for Critical Resource vulnerability in Siemens products
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions < V15 Update 2).
local
low complexity
siemens CWE-732
8.6
8.6
2018-08-07 CVE-2018-11453 Incorrect Permission Assignment for Critical Resource vulnerability in Siemens products
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions < V15 Update 2).
local
low complexity
siemens CWE-732
7.8
7.8