Filtered by vendor Siemens
Subscribe
Total
1983 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-30900 | 1 Siemens | 1 Xpedition Layout Browser | 2023-10-16 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Xpedition Layout Browser (All versions < VX.2.14). Affected application contains a stack overflow vulnerability when parsing a PCB file. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2018-4858 | 1 Siemens | 11 Digsi 4, Digsi 4 Firmware, Digsi 5 and 8 more | 2023-10-16 | 9.3 HIGH | 7.8 HIGH |
| A vulnerability has been identified in IEC 61850 system configurator (All versions < V5.80), DIGSI 5 (affected as IEC 61850 system configurator is incorporated) (All versions < V7.80), DIGSI 4 (All versions < V4.93), SICAM PAS/PQS (All versions < V8.11), SICAM PQ Analyzer (All versions < V3.11), SICAM SCC (All versions < V9.02 HF3). A service of the affected products listening on all of the host's network interfaces on either port 4884/TCP, 5885/TCP, or port 5886/TCP could allow an attacker to either exfiltrate limited data from the system or to execute code with Microsoft Windows user permissions. Successful exploitation requires an attacker to be able to send a specially crafted network request to the vulnerable service and a user interacting with the service's client application on the host. In order to execute arbitrary code with Microsoft Windows user permissions, an attacker must be able to plant the code in advance on the host by other means. The vulnerability has limited impact to confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens confirms the security vulnerability and provides mitigations to resolve the security issue. | |||||
| CVE-2023-43625 | 1 Siemens | 1 Simcenter Amesim | 2023-10-13 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in Simcenter Amesim (All versions < V2021.1). The affected application contains a SOAP endpoint that could allow an unauthenticated remote attacker to perform DLL injection and execute arbitrary code in the context of the affected application process. | |||||
| CVE-2023-45601 | 1 Siemens | 2 Parasolid, Tecnomatix | 2023-10-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262), Parasolid V35.1 (All versions < V35.1.250), Parasolid V36.0 (All versions < V36.0.169), Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a stack overflow vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21290) | |||||
| CVE-2023-45204 | 1 Siemens | 1 Tecnomatix | 2023-10-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a type confusion vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21268) | |||||
| CVE-2023-44087 | 1 Siemens | 1 Tecnomatix | 2023-10-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-44086 | 1 Siemens | 1 Tecnomatix | 2023-10-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-44085 | 1 Siemens | 1 Tecnomatix | 2023-10-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-44082 | 1 Siemens | 1 Tecnomatix | 2023-10-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-44083 | 1 Siemens | 1 Tecnomatix | 2023-10-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-44084 | 1 Siemens | 1 Tecnomatix | 2023-10-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-44081 | 1 Siemens | 1 Tecnomatix | 2023-10-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2020-27632 | 1 Siemens | 4 Simatic Mv420, Simatic Mv420 Firmware, Simatic Mv440 and 1 more | 2023-10-10 | 5.0 MEDIUM | 7.5 HIGH |
| In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions. | |||||
| CVE-2022-25311 | 1 Siemens | 2 Sinec Network Management System, Sinema Server | 2023-10-10 | 6.5 MEDIUM | 7.3 HIGH |
| A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This could allow an authenticated low privileged user to achieve privilege escalation. | |||||
| CVE-2022-24282 | 1 Siemens | 1 Sinec Network Management System | 2023-10-10 | 6.5 MEDIUM | 7.2 HIGH |
| A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a maliciously crafted serialized Java object. This could allow the attacker to execute arbitrary code on the device with root privileges. | |||||
| CVE-2023-39950 | 1 Siemens | 1 Efibootguard | 2023-08-22 | N/A | 5.2 MEDIUM |
| efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into `bg_setenv`) or programs using `libebgenv`. This is triggered when the affected components try to modify a manipulated environment, in particular its user variables. Furthermore, `bg_printenv` may crash over invalid read accesses or report invalid results. Not affected by this issue is EFI Boot Guard's bootloader EFI binary. EFI Boot Guard release v0.15 contains required patches to sanitize and validate the bootloader environment prior to processing it in userspace. Its library and tools should be updated, so should programs statically linked against it. An update of the bootloader EFI executable is not required. The only way to prevent the issue with an unpatched EFI Boot Guard version is to avoid accesses to user variables, specifically modifications to them. | |||||
| CVE-2018-3657 | 2 Intel, Siemens | 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more | 2023-08-17 | 7.2 HIGH | 6.7 MEDIUM |
| Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access. | |||||
| CVE-2018-3616 | 2 Intel, Siemens | 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more | 2023-08-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. | |||||
| CVE-2018-3658 | 2 Intel, Siemens | 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more | 2023-08-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access. | |||||
| CVE-2021-41544 | 1 Siemens | 1 Software Center | 2023-08-15 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Siemens Software Center (All versions < V3.0). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path. | |||||