VYPR

Vendor CVEs

Siemens Foundation

All CVEs

2,020 total · sorted by risk
  • CVE-2017-9940HigAug 8, 2017
    risk 0.53cvss 8.1epss 0.01

    A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file system of the SiPass integrated server over the network.

  • CVE-2017-6868HigJul 7, 2017
    risk 0.53cvss 8.1epss 0.04

    An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port…

  • CVE-2017-2683HigFeb 27, 2017
    risk 0.53cvss 8.2epss 0.01

    A non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtaining administrative permissions.

  • CVE-2016-9160HigDec 17, 2016
    risk 0.53cvss 8.1epss 0.01

    A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking…

  • CVE-2025-12659HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Siemens Simcenter Femap contains a memory corruption vulnerability while parsing specially crafted IPT files. This could allow an attacker to execute code in the context of the current process.

  • CVE-2026-44412HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the…

  • CVE-2026-44411HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the…

  • CVE-2026-25656HigFeb 10, 2026
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3), User Management Component (UMC) (All versions < V2.15.2.1). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load…

  • CVE-2025-40936HigNov 17, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V29.0.258), Simcenter Femap (All versions < V2512.0003), Solid Edge (All versions < V226.00 Update 03). The affected applications contains an out of bounds read vulnerability while…

  • CVE-2025-40827HigNov 11, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Siemens Software Center (All versions < V3.5), Solid Edge SE2025 (All versions < V225.0 Update 10). The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a crafted DLL…

  • CVE-2024-32010HigNov 11, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to extraction of database credentials via a world-readable credential file. This allows an attacker to connect to the database as privileged…

  • CVE-2024-32009HigNov 11, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to a local privilege escalation due to wrongly set permissions to a binary which allows any local attacker to gain administrative privileges.

  • CVE-2024-32008HigNov 11, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as…

  • CVE-2025-40759HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 V17 (All versions < V17 Update 9), SIMATIC STEP 7 V18 (All versions), SIMATIC STEP 7 V19 (All versions < V19 Update 4), SIMATIC STEP 7 V20 (All versions < V20 Update 4), SIMATIC WinCC V17…

  • CVE-2024-49849HigDec 10, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 9), SIMATIC STEP 7 Safety V18 (All versions), SIMATIC STEP 7 Safety…

  • CVE-2024-49894HigOct 21, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_translate_curve_to_degamma_hw_format` function. The issue could occur when the…

  • CVE-2024-41981HigOct 8, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (All versions). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted BDF files. This could…

  • CVE-2024-41170HigSep 10, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0015), Tecnomatix Plant Simulation V2404 (All versions < V2404.0004). The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files.…

  • CVE-2024-37997HigJul 9, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), Teamcenter Visualization V14.2 (All versions < V14.2.0.13), Teamcenter Visualization V14.3 (All versions < V14.3.0.11), Teamcenter…

  • CVE-2022-45147HigJul 9, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP 7 V16 (All versions), SIMATIC STEP 7 V17 (All versions), SIMATIC STEP 7 V18 (All versions < V18 Update 2). Affected applications do not properly restrict the .NET BinaryFormatter when…

  • CVE-2024-35303HigJun 11, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0012), Tecnomatix Plant Simulation V2404 (All versions < V2404.0001). The affected applications contain a type confusion vulnerability while parsing specially crafted MODEL files. This…

  • CVE-2024-32639HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0011). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted MODEL file. This could allow an attacker to…

  • CVE-2024-31484HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in CPC80 Central Processing/Communication (All versions < V16.41), CPCI85 Central Processing/Communication (All versions < V5.30), CPCX26 Central Processing/Communication (All versions < V06.02), ETA4 Ethernet Interface IEC60870-5-104 (All…

  • CVE-2020-8177HigDec 14, 2020
    risk 0.51cvss 7.8epss 0.01

    curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.

  • CVE-2018-13806HigSep 12, 2018
    risk 0.51cvss 7.8epss 0.01

    A vulnerability has been identified in SIEMENS TD Keypad Designer (All versions). A DLL hijacking vulnerability exists in all versions of SIEMENS TD Keypad Designer which could allow an attacker to execute code with the permission of the user running TD Designer. The attacker…

  • CVE-2018-11453HigAug 7, 2018
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions…

  • CVE-2018-4858HigJul 9, 2018
    risk 0.51cvss 7.8epss 0.02

    A vulnerability has been identified in IEC 61850 system configurator (All versions < V5.80), DIGSI 5 (affected as IEC 61850 system configurator is incorporated) (All versions < V7.80), DIGSI 4 (All versions < V4.93), SICAM PAS/PQS (All versions < V8.11), SICAM PQ Analyzer (All…

  • CVE-2018-11449HigJun 26, 2018
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the local file system. A successful attack could allow…

  • CVE-2017-5711HigNov 21, 2017
    risk 0.51cvss 7.8epss 0.01

    Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

  • CVE-2017-9946HigOct 23, 2017
    risk 0.51cvss 7.5epss 0.25

    A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from…

  • CVE-2017-9942HigAug 8, 2017
    risk 0.51cvss 7.8epss 0.00

    A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems.

  • CVE-2016-8566HigFeb 13, 2017
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Siemens SICAM PAS before 8.00. Because of Storing Passwords in a Recoverable Format, an authenticated local attacker with certain privileges could possibly reconstruct the passwords of users for accessing the database.

  • CVE-2016-6486HigAug 8, 2016
    risk 0.51cvss 7.8epss 0.00

    Siemens SINEMA Server uses weak permissions for the application folder, which allows local users to gain privileges via unspecified vectors.

  • CVE-2015-7974HigJan 26, 2016
    risk 0.51cvss 7.7epss 0.06

    NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

  • CVE-2010-2772HigJul 22, 2010
    risk 0.51cvss 7.8epss 0.01

    Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.

  • CVE-2025-40591HigJun 10, 2025
    risk 0.50cvss 7.7epss 0.01

    A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < V2.16.5), RUGGEDCOM ROX RX1500 (All versions < V2.16.5), RUGGEDCOM ROX RX1501 (All versions < V2.16.5),…

  • CVE-2016-4954HigJul 5, 2016
    risk 0.50cvss 7.5epss 0.13

    The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an…

  • CVE-2016-4953HigJul 5, 2016
    risk 0.50cvss 7.5epss 0.17

    ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

  • CVE-2026-46749HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application uses a password hashing implementation with a static, hardcoded salt shared across all users and installations, and is configured with an insufficient number of…

  • CVE-2026-33893HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All versions < V2506.0005), Teamcenter V2512 (All versions). The affected…

  • CVE-2026-22925HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application is susceptible to resource exhaustion when subjected to high volume of TCP SYN packets This could allow an attacker to render the service unavailable and cause…

  • CVE-2025-40947HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1),…

  • CVE-2026-27664HigMar 26, 2026
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), SICORE Base system (All versions < V26.10.0). The affected application contains an out-of-bounds write vulnerability while parsing specially crafted XML inputs. This could…

  • CVE-2025-40587HigFeb 10, 2026
    risk 0.49cvss 7.6epss 0.00

    A vulnerability has been identified in Polarion V2404 (All versions < V2404.5), Polarion V2410 (All versions < V2410.2). The affected application allows arbitrary JavaScript code be included in document titles. This could allow an authenticated remote attacker to conduct a…

  • CVE-2025-40944HigJan 13, 2026
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) (All versions), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0) (All versions >= V4.2.0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0) (All versions), SIMATIC ET 200SP IM 155-6…

  • CVE-2025-40744HigNov 11, 2025
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 11). Affected applications do not properly validate client certificates to connect to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle…

  • CVE-2011-20001HigOct 14, 2025
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) (All versions < V2.0.3), SIMATIC S7-1200 CPU V2 family (incl. SIPLUS variants) (All versions < V2.0.3). The web server interface of affected devices improperly processes incoming…

  • CVE-2025-40798HigSep 9, 2025
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions < V6.0 SP1 Update 1), User Management Component (UMC) (All versions < V2.15.1.3). Affected products contain a out-of-bounds read…

  • CVE-2025-40797HigSep 9, 2025
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions < V6.0 SP1 Update 1), User Management Component (UMC) (All versions < V2.15.1.3). Affected products contain a out-of-bounds read…

  • CVE-2025-40796HigSep 9, 2025
    risk 0.49cvss 7.5epss 0.00

    A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions < V6.0 SP1 Update 1), User Management Component (UMC) (All versions < V2.15.1.3). Affected products contain a out-of-bounds read…

Page 3 of 41