Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens wincc vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2013-0679
Directory traversal vulnerability in the web server in Siemens WinCC prior to 7.2, as used in SIMATIC PCS7 prior to 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname.
Siemens Wincc 7.0
Siemens Wincc 6.0
Siemens Wincc
Siemens Wincc 5.0
Siemens Simatic Pcs7 7.1
Siemens Simatic Pcs7
3.5
CVSSv2
CVE-2013-0672
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.
Siemens Wincc Tia Portal 11.0
4.6
CVSSv2
CVE-2011-4515
Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access.
Siemens Wincc Tia Portal 11.0
4.3
CVSSv2
CVE-2013-0667
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Siemens Wincc Tia Portal 11.0
4.3
CVSSv2
CVE-2013-0668
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Siemens Wincc Tia Portal 11.0
4.3
CVSSv2
CVE-2013-0670
CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
Siemens Wincc Tia Portal 11.0
4
CVSSv2
CVE-2013-0671
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.
Siemens Wincc Tia Portal 11.0
4
CVSSv2
CVE-2013-0669
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.
Siemens Wincc Tia Portal 11.0
6.8
CVSSv2
CVE-2012-3028
Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and previous versions, as used in SIMATIC PCS7 and other products, allows remote malicious users to hijack the authentication of arbitrary users for requests that modify data or cause a denia...
Siemens Simatic Pcs7 8.0
Siemens Wincc 6.0
Siemens Wincc 7.0
Siemens Wincc 5.0
Siemens Wincc
5
CVSSv2
CVE-2012-3030
WebNavigator in Siemens WinCC 7.0 SP3 and previous versions, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote malicious users to read a (1) log file or (2) configuration file via a di...
Siemens Wincc 6.0
Siemens Simatic Pcs7 8.0
Siemens Wincc
Siemens Wincc 7.0
Siemens Wincc 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »