Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens wincc 11.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4911
Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA Portal) 11 and 12 prior to 12 SP1 allows remote malicious users to hijack the authentication of unspecified victims by leveraging improper configuration of SIMATIC HMI panels by the WinCC product.
Siemens Wincc 12.0
Siemens Wincc 11.0
NA
CVE-2013-4912
Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 prior to 12 SP1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product.
Siemens Wincc 12.0
Siemens Wincc 11.0
NA
CVE-2011-4515
Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access.
Siemens Wincc Tia Portal 11.0
NA
CVE-2013-0669
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.
Siemens Wincc Tia Portal 11.0
NA
CVE-2013-0667
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Siemens Wincc Tia Portal 11.0
NA
CVE-2013-0668
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Siemens Wincc Tia Portal 11.0
NA
CVE-2013-0670
CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
Siemens Wincc Tia Portal 11.0
NA
CVE-2013-0671
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.
Siemens Wincc Tia Portal 11.0
NA
CVE-2013-0672
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.
Siemens Wincc Tia Portal 11.0
7.8
CVSSv3
CVE-2018-11453
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All version...
Siemens Simatic Step 7 \\(tia Portal\\) 13.0
Siemens Simatic Wincc \\(tia Portal\\) 10.0
Siemens Simatic Wincc \\(tia Portal\\) 11.0
Siemens Simatic Wincc \\(tia Portal\\) 12.0
Siemens Simatic Wincc \\(tia Portal\\) 13.0
Siemens Simatic Wincc \\(tia Portal\\) 15.0
Siemens Simatic Step 7 \\(tia Portal\\) 11.0
Siemens Simatic Step 7 \\(tia Portal\\) 12.0
Siemens Simatic Step 7 \\(tia Portal\\) 14.0
Siemens Simatic Wincc \\(tia Portal\\) 14.0
Siemens Simatic Step 7 \\(tia Portal\\) 10.0
Siemens Simatic Step 7 \\(tia Portal\\) 15.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »