Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens wincc 11.0 vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2013-4912
Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 prior to 12 SP1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product.
Siemens Wincc 12.0
Siemens Wincc 11.0
6.8
CVSSv2
CVE-2013-4911
Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA Portal) 11 and 12 prior to 12 SP1 allows remote malicious users to hijack the authentication of unspecified victims by leveraging improper configuration of SIMATIC HMI panels by the WinCC product.
Siemens Wincc 12.0
Siemens Wincc 11.0
3.5
CVSSv2
CVE-2013-0672
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.
Siemens Wincc Tia Portal 11.0
4.6
CVSSv2
CVE-2011-4515
Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access.
Siemens Wincc Tia Portal 11.0
4
CVSSv2
CVE-2013-0671
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.
Siemens Wincc Tia Portal 11.0
4.3
CVSSv2
CVE-2013-0667
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Siemens Wincc Tia Portal 11.0
4.3
CVSSv2
CVE-2013-0668
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Siemens Wincc Tia Portal 11.0
4
CVSSv2
CVE-2013-0669
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.
Siemens Wincc Tia Portal 11.0
4.3
CVSSv2
CVE-2013-0670
CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
Siemens Wincc Tia Portal 11.0
4.4
CVSSv2
CVE-2018-11454
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All version...
Siemens Simatic Wincc \\(tia Portal\\) 11.0
Siemens Simatic Wincc \\(tia Portal\\) 12.0
Siemens Simatic Wincc \\(tia Portal\\) 13.0
Siemens Simatic Wincc \\(tia Portal\\) 10.0
Siemens Simatic Step 7 \\(tia Portal\\) 11.0
Siemens Simatic Step 7 \\(tia Portal\\) 13.0
Siemens Simatic Step 7 \\(tia Portal\\) 14.0
Siemens Simatic Step 7 \\(tia Portal\\) 15.0
Siemens Simatic Wincc \\(tia Portal\\) 14.0
Siemens Simatic Wincc \\(tia Portal\\) 15.0
Siemens Simatic Step 7 \\(tia Portal\\) 10.0
Siemens Simatic Step 7 \\(tia Portal\\) 12.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »