Wincc Open Architecture

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-21	CVE-2022-33139	Use of Client-Side Authentication vulnerability in Siemens products A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). network low complexity siemens CWE-603 critical	9.8
2014-04-07	CVE-2014-0160	Out-of-bounds Read vulnerability in multiple products The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. network low complexity openssl filezilla-project siemens intellian mitel opensuse canonical fedoraproject redhat debian ricon broadcom splunk CWE-125	7.5