Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens simatic wincc 7.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-0675
Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC prior to 7.2, as used in SIMATIC PCS7 prior to 8.0 SP1 and other products, allows remote malicious users to cause a denial of service via a crafted packet.
Siemens Wincc 7.0
Siemens Simatic Pcs7 7.1
Siemens Wincc 6.0
Siemens Wincc 5.0
Siemens Wincc
Siemens Simatic Pcs7
NA
CVE-2013-0676
Siemens WinCC prior to 7.2, as used in SIMATIC PCS7 prior to 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query.
Siemens Wincc 7.0
Siemens Wincc 6.0
Siemens Wincc
Siemens Wincc 5.0
Siemens Simatic Pcs7 7.1
Siemens Simatic Pcs7
NA
CVE-2013-0677
The web server in Siemens WinCC prior to 7.2, as used in SIMATIC PCS7 prior to 8.0 SP1 and other products, allows remote malicious users to obtain sensitive information or cause a denial of service via a crafted project file.
Siemens Wincc 6.0
Siemens Simatic Pcs7
Siemens Simatic Pcs7 7.1
Siemens Wincc 5.0
Siemens Wincc 7.0
Siemens Wincc
NA
CVE-2013-0679
Directory traversal vulnerability in the web server in Siemens WinCC prior to 7.2, as used in SIMATIC PCS7 prior to 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname.
Siemens Wincc 7.0
Siemens Wincc 6.0
Siemens Wincc
Siemens Wincc 5.0
Siemens Simatic Pcs7 7.1
Siemens Simatic Pcs7
7.8
CVSSv3
CVE-2010-2772
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.
Siemens Simatic Wincc 6.2
Siemens Simatic Wincc 7.0
Siemens Simatic Pcs 7 7.1
Siemens Simatic Pcs 7 6.0
Siemens Simatic Pcs 7 6.1
Siemens Simatic Pcs 7 7.0
2 Github repositories
NA
CVE-2014-8551
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote malicious users to execute arbitrary code via crafted packets.
Siemens Simatic Pcs7 7.1
Siemens Simatic Wincc 7.0
Siemens Simatic Pcs7 8.0
Siemens Simatic Wincc 7.3
Siemens Simatic Wincc 7.2
Siemens Simatic Pcs 7 7.1
Siemens Simatic Pcs7 8.1
Siemens Simatic Tiaportal 13.0
NA
CVE-2014-8552
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote malicious users to read arbitrary files via crafted packets.
Siemens Simatic Wincc 7.2
Siemens Simatic Pcs7 7.1
Siemens Simatic Pcs 7 7.1
Siemens Simatic Pcs7 8.0
Siemens Simatic Wincc 7.3
Siemens Simatic Pcs7 8.1
Siemens Simatic Tiaportal 13.0
Siemens Simatic Wincc 7.0
NA
CVE-2013-0678
Siemens WinCC prior to 7.2, as used in SIMATIC PCS7 prior to 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query.
Siemens Simatic Pcs7
Siemens Wincc 7.0
Siemens Wincc
NA
CVE-2012-3028
Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and previous versions, as used in SIMATIC PCS7 and other products, allows remote malicious users to hijack the authentication of arbitrary users for requests that modify data or cause a denia...
Siemens Simatic Pcs7 8.0
Siemens Wincc 6.0
Siemens Wincc 7.0
Siemens Wincc 5.0
Siemens Wincc
NA
CVE-2012-3030
WebNavigator in Siemens WinCC 7.0 SP3 and previous versions, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote malicious users to read a (1) log file or (2) configuration file via a di...
Siemens Wincc 6.0
Siemens Simatic Pcs7 8.0
Siemens Wincc
Siemens Wincc 7.0
Siemens Wincc 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »