Vulnerabilities > Siemens > Simatic Step 7 > 12.0

DATE CVE VULNERABILITY TITLE RISK
2023-12-12 CVE-2022-46141 Cleartext Storage of Sensitive Information vulnerability in Siemens Simatic Step 7
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19).
local
low complexity
siemens CWE-312
5.5
2020-07-14 CVE-2020-7581 Unspecified vulnerability in Siemens products
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1).
local
low complexity
siemens
6.7
2019-08-13 CVE-2019-10929 Unspecified vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
network
high complexity
siemens
5.9
2016-10-13 CVE-2016-7960 Information Exposure vulnerability in Siemens Simatic Step 7
Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.
local
high complexity
siemens CWE-200
2.5
2016-10-13 CVE-2016-7959 7PK - Security Features vulnerability in Siemens Simatic Step 7
Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.
local
high complexity
siemens CWE-254
4.7