Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens simatic step 7 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2015-1602
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 prior to 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these...
Siemens Simatic Step 7 12.0
Siemens Simatic Step 7
Siemens Simatic Step 7 13.0
2.1
CVSSv2
CVE-2015-1355
Siemens SIMATIC STEP 7 (TIA Portal) prior to 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting a brute-force attack.
Siemens Simatic Step 7
1.9
CVSSv2
CVE-2016-7959
Siemens SIMATIC STEP 7 (TIA Portal) prior to 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.
Siemens Simatic Step 7
1.9
CVSSv2
CVE-2016-7960
Siemens SIMATIC STEP 7 (TIA Portal) prior to 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.
Siemens Simatic Step 7
NA
CVE-2023-46280
A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC PDM V9.2 (...
NA
CVE-2022-46141
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local malicious user to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate...
Siemens Simatic Step 7
NA
CVE-2023-25910
A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All versions < V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management ...
Siemens Simatic Pcs 7
Siemens Simatic S7-pm
Siemens Simatic Step 7
NA
CVE-2022-43552
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl...
Haxx Curl
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
NA
CVE-2023-0215
The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receive...
Openssl Openssl
Stormshield Stormshield Management Center
2 Github repositories
NA
CVE-2023-0286
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Stormshield Management Center
4 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »