Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens simatic wincc 7.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-5744
Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote malicious users to read arbitrary WinCC station files via crafted packets.
Siemens Simatic Wincc 7.2
Siemens Simatic Wincc 7.0
6.8
CVSSv2
CVE-2014-4686
The Project administration application in Siemens SIMATIC WinCC prior to 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote malicious users to obtain sensitive information by extracting this key from another product installation and then ...
Siemens Wincc 7.1
Siemens Wincc
Siemens Wincc 6.0
Siemens Simatic Pcs7
Siemens Simatic Pcs7 7.1
Siemens Wincc 5.0
Siemens Wincc 7.0
Siemens Simatic Pcs7 8.0
5
CVSSv2
CVE-2014-4682
The WebNavigator server in Siemens SIMATIC WinCC prior to 7.3, as used in PCS7 and other products, allows remote malicious users to obtain sensitive information via an HTTP request.
Siemens Simatic Pcs7
Siemens Simatic Pcs7 8.0
Siemens Wincc 7.1
Siemens Wincc
Siemens Wincc 6.0
Siemens Wincc 7.0
Siemens Simatic Pcs7 7.1
Siemens Wincc 5.0
4.9
CVSSv2
CVE-2014-4683
The WebNavigator server in Siemens SIMATIC WinCC prior to 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request.
Siemens Simatic Pcs7
Siemens Wincc 7.1
Siemens Wincc
Siemens Wincc 6.0
Siemens Wincc 7.0
Siemens Simatic Pcs7 8.0
Siemens Wincc 5.0
Siemens Simatic Pcs7 7.1
6
CVSSv2
CVE-2014-4684
The database server in Siemens SIMATIC WinCC prior to 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433.
Siemens Simatic Pcs7
Siemens Wincc 7.1
Siemens Wincc
Siemens Wincc 6.0
Siemens Simatic Pcs7 7.1
Siemens Wincc 5.0
Siemens Wincc 7.0
Siemens Simatic Pcs7 8.0
4.6
CVSSv2
CVE-2014-4685
Siemens SIMATIC WinCC prior to 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control.
Siemens Simatic Pcs7
Siemens Wincc 7.1
Siemens Wincc
Siemens Wincc 6.0
Siemens Simatic Pcs7 8.0
Siemens Wincc 5.0
Siemens Wincc 7.0
Siemens Simatic Pcs7 7.1
4
CVSSv2
CVE-2013-3959
The Web Navigator in Siemens WinCC prior to 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and previous versions and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerat...
Siemens Wincc 7.0
Siemens Wincc 7.1
Siemens Wincc
Siemens Simatic Pcs7 8.0
Siemens Simatic Pcs7
7.5
CVSSv2
CVE-2013-3957
SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC prior to 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and previous versions and other products, allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Siemens Wincc 7.0
Siemens Wincc
Siemens Wincc 7.1
Siemens Simatic Pcs7 8.0
Siemens Simatic Pcs7
7.5
CVSSv2
CVE-2013-3958
The login implementation in the Web Navigator in Siemens WinCC prior to 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and previous versions and other products, has a hardcoded account, which makes it easier for remote malicious users to obtain access via an unspecified request.
Siemens Simatic Pcs7 8.0
Siemens Simatic Pcs7
Siemens Wincc
Siemens Wincc 7.0
Siemens Wincc 7.1
4
CVSSv2
CVE-2013-0676
Siemens WinCC prior to 7.2, as used in SIMATIC PCS7 prior to 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query.
Siemens Wincc 7.0
Siemens Wincc 6.0
Siemens Wincc
Siemens Wincc 5.0
Siemens Simatic Pcs7 7.1
Siemens Simatic Pcs7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »