Filtered by vendor Siemens
Subscribe
Search
Total
1276 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22930 | 4 Debian, Netapp, Nodejs and 1 more | 4 Debian Linux, Nextgen Api, Node.js and 1 more | 2024-01-05 | 7.5 HIGH | 9.8 CRITICAL |
| Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior. | |||||
| CVE-2021-22931 | 4 Netapp, Nodejs, Oracle and 1 more | 10 Active Iq Unified Manager, Nextgen Api, Oncommand Insight and 7 more | 2024-01-05 | 7.5 HIGH | 9.8 CRITICAL |
| Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. | |||||
| CVE-2021-3672 | 6 C-ares Project, Fedoraproject, Nodejs and 3 more | 17 C-ares, Fedora, Node.js and 14 more | 2024-01-05 | 6.8 MEDIUM | 5.6 MEDIUM |
| A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability. | |||||
| CVE-2021-22940 | 5 Debian, Netapp, Nodejs and 2 more | 7 Debian Linux, Nextgen Api, Node.js and 4 more | 2024-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior. | |||||
| CVE-2023-45794 | 1 Siemens | 1 Mendix | 2023-12-28 | N/A | 8.1 HIGH |
| A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.4.0), Mendix Applications using Mendix 7 (All versions < V7.23.37), Mendix Applications using Mendix 8 (All versions < V8.18.27), Mendix Applications using Mendix 9 (All versions < V9.24.10). A capture-replay flaw in the platform could have an impact to apps built with the platform, if certain preconditions are met that depend on the app's model and access control design. This could allow authenticated attackers to access or modify objects without proper authorization, or escalate privileges in the context of the vulnerable app. | |||||
| CVE-2023-38531 | 1 Siemens | 2 Parasolid, Teamcenter Visualization | 2023-12-27 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-38532 | 1 Siemens | 2 Parasolid, Teamcenter Visualization | 2023-12-22 | N/A | 5.5 MEDIUM |
| A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition. | |||||
| CVE-2023-46156 | 1 Siemens | 145 Simatic Drive Controller Cpu 1504d Tf, Simatic Drive Controller Cpu 1504d Tf Firmware, Simatic Drive Controller Cpu 1507d Tf and 142 more | 2023-12-18 | N/A | 7.5 HIGH |
| Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations. | |||||
| CVE-2023-38380 | 1 Siemens | 18 6ag1543-1ax00-2xe0, 6ag1543-1ax00-2xe0 Firmware, 6gk7243-8rx30-0xe0 and 15 more | 2023-12-18 | N/A | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1543-1 (All versions), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS NET CP 1543-1 (All versions). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product. | |||||
| CVE-2022-47375 | 1 Siemens | 18 6ag1414-3em07-7ab0, 6ag1414-3em07-7ab0 Firmware, 6ag1416-3es07-7ab0 and 15 more | 2023-12-18 | N/A | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly. This could allow an attacker to create a buffer overflow and create a denial of service condition for the device. | |||||
| CVE-2022-47374 | 1 Siemens | 18 6ag1414-3em07-7ab0, 6ag1414-3em07-7ab0 Firmware, 6ag1416-3es07-7ab0 and 15 more | 2023-12-18 | N/A | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly. This could allow an attacker to exhaust system resources and create a denial of service condition for the device. | |||||
| CVE-2022-42784 | 1 Siemens | 32 6ag1052-1cc08-7ba1, 6ag1052-1cc08-7ba1 Firmware, 6ag1052-1fb08-7ba1 and 29 more | 2023-12-18 | N/A | 6.8 MEDIUM |
| A vulnerability has been identified in LOGO! 12/24RCE (All versions >= V8.3), LOGO! 12/24RCEo (All versions >= V8.3), LOGO! 230RCE (All versions >= V8.3), LOGO! 230RCEo (All versions >= V8.3), LOGO! 24CE (All versions >= V8.3), LOGO! 24CEo (All versions >= V8.3), LOGO! 24RCE (All versions >= V8.3), LOGO! 24RCEo (All versions >= V8.3), SIPLUS LOGO! 12/24RCE (All versions >= V8.3), SIPLUS LOGO! 12/24RCEo (All versions >= V8.3), SIPLUS LOGO! 230RCE (All versions >= V8.3), SIPLUS LOGO! 230RCEo (All versions >= V8.3), SIPLUS LOGO! 24CE (All versions >= V8.3), SIPLUS LOGO! 24CEo (All versions >= V8.3), SIPLUS LOGO! 24RCE (All versions >= V8.3), SIPLUS LOGO! 24RCEo (All versions >= V8.3). Affected devices are vulnerable to an electromagnetic fault injection. This could allow an attacker to dump and debug the firmware, including the manipulation of memory. Further actions could allow to inject public keys of custom created key pairs which are then signed by the product CA. The generation of a custom certificate allows communication with, and impersonation of, any device of the same version. | |||||
| CVE-2023-49691 | 1 Siemens | 40 6gk5615-0aa00-2aa2, 6gk5615-0aa00-2aa2 Firmware, 6gk5615-0aa01-2aa2 and 37 more | 2023-12-18 | N/A | 6.7 MEDIUM |
| A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V8.0), SCALANCE M804PB (All versions < V8.0), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (All versions < V8.0), SCALANCE M874-2 (All versions < V8.0), SCALANCE M874-3 (All versions < V8.0), SCALANCE M876-3 (EVDO) (All versions < V8.0), SCALANCE M876-3 (ROK) (All versions < V8.0), SCALANCE M876-4 (All versions < V8.0), SCALANCE M876-4 (EU) (All versions < V8.0), SCALANCE M876-4 (NAM) (All versions < V8.0), SCALANCE MUM853-1 (EU) (All versions < V8.0), SCALANCE MUM856-1 (EU) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (All versions < V8.0), SCALANCE S615 (All versions < V8.0), SCALANCE S615 EEC (All versions < V8.0). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the handling of the DDNS configuration. This could allow malicious local administrators to issue commands on system level after a successful IP address update. | |||||
| CVE-2023-49692 | 1 Siemens | 40 6gk5615-0aa00-2aa2, 6gk5615-0aa00-2aa2 Firmware, 6gk5615-0aa01-2aa2 and 37 more | 2023-12-18 | N/A | 6.7 MEDIUM |
| A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2.2), SCALANCE M804PB (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.2.2), SCALANCE M874-2 (All versions < V7.2.2), SCALANCE M874-3 (All versions < V7.2.2), SCALANCE M876-3 (EVDO) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (All versions < V7.2.2), SCALANCE M876-4 (All versions < V7.2.2), SCALANCE M876-4 (EU) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (All versions < V7.2.2), SCALANCE S615 (All versions < V7.2.2), SCALANCE S615 EEC (All versions < V7.2.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established. | |||||
| CVE-2022-46141 | 1 Siemens | 1 Simatic Step 7 | 2023-12-15 | N/A | 5.5 MEDIUM |
| A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware configuration of the affected application. | |||||
| CVE-2023-48427 | 1 Siemens | 1 Sinec Ins | 2023-12-14 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected products do not properly validate the certificate of the configured UMC server. This could allow an attacker to intercept credentials that are sent to the UMC server as well as to manipulate responses, potentially allowing an attacker to escalate privileges. | |||||
| CVE-2023-48428 | 1 Siemens | 1 Sinec Ins | 2023-12-14 | N/A | 7.2 HIGH |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level. | |||||
| CVE-2023-48429 | 1 Siemens | 1 Sinec Ins | 2023-12-14 | N/A | 2.7 LOW |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automatically restart. | |||||
| CVE-2023-48430 | 1 Siemens | 1 Sinec Ins | 2023-12-14 | N/A | 2.7 LOW |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically restart. | |||||
| CVE-2023-48431 | 1 Siemens | 1 Sinec Ins | 2023-12-14 | N/A | 8.6 HIGH |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected software does not correctly validate the response received by an UMC server. An attacker can use this to crash the affected software by providing and configuring a malicious UMC server or by manipulating the traffic from a legitimate UMC server (i.e. leveraging CVE-2023-48427). | |||||
| CVE-2023-44322 | 1 Siemens | 142 6ag1206-2bb00-7ac2, 6ag1206-2bb00-7ac2 Firmware, 6ag1206-2bs00-7ac2 and 139 more | 2023-12-12 | N/A | 5.9 MEDIUM |
| A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected devices can be configured to send emails when certain events occur on the device. When presented with an invalid response from the SMTP server, the device triggers an error that disrupts email sending. An attacker with access to the network can use this to do disable notification of users when certain events occur. | |||||
| CVE-2020-25244 | 1 Siemens | 1 Logo\! Soft Comfort | 2023-12-12 | 7.2 HIGH | 8.4 HIGH |
| A vulnerability has been identified in LOGO! Soft Comfort (All versions < V8.4). The software insecurely loads libraries which makes it vulnerable to DLL hijacking. Successful exploitation by a local attacker could lead to a takeover of the system where the software is installed. | |||||
| CVE-2020-25236 | 1 Siemens | 2 Logo\! 8 Bm, Logo\! 8 Bm Firmware | 2023-12-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in LOGO! 12/24RCE (All versions), LOGO! 12/24RCEo (All versions), LOGO! 230RCE (All versions), LOGO! 230RCEo (All versions), LOGO! 24CE (All versions), LOGO! 24CEo (All versions), LOGO! 24RCE (All versions), LOGO! 24RCEo (All versions), SIPLUS LOGO! 12/24RCE (All versions), SIPLUS LOGO! 12/24RCEo (All versions), SIPLUS LOGO! 230RCE (All versions), SIPLUS LOGO! 230RCEo (All versions), SIPLUS LOGO! 24CE (All versions), SIPLUS LOGO! 24CEo (All versions), SIPLUS LOGO! 24RCE (All versions), SIPLUS LOGO! 24RCEo (All versions). The control logic (CL) the LOGO! 8 executes could be manipulated in a way that could cause the device executing the CL to improperly handle the manipulation and crash. After successful execution of the attack, the device needs to be manually reset. | |||||
| CVE-2023-44317 | 1 Siemens | 138 Scalance Xb205-3 \(sc\, Pn\), Scalance Xb205-3 \(sc\, Pn\) Firmware, Scalance Xb205-3 \(st\, E\/ip\) and 135 more | 2023-12-12 | N/A | 7.2 HIGH |
| A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device. | |||||
| CVE-2023-44318 | 1 Siemens | 142 6ag1206-2bb00-7ac2, 6ag1206-2bb00-7ac2 Firmware, 6ag1206-2bs00-7ac2 and 139 more | 2023-12-12 | N/A | 4.9 MEDIUM |
| A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the exported file. | |||||
| CVE-2023-44320 | 1 Siemens | 142 6ag1206-2bb00-7ac2, 6ag1206-2bb00-7ac2 Firmware, 6ag1206-2bs00-7ac2 and 139 more | 2023-12-12 | N/A | 4.3 MEDIUM |
| A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator. | |||||
| CVE-2023-28831 | 1 Siemens | 156 Simatic Cloud Connect 7 Cc712, Simatic Cloud Connect 7 Cc712 Firmware, Simatic Cloud Connect 7 Cc716 and 153 more | 2023-12-12 | N/A | 7.5 HIGH |
| The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. | |||||
| CVE-2021-42019 | 1 Siemens | 54 Ruggedcom I800, Ruggedcom I801, Ruggedcom I802 and 51 more | 2023-12-12 | 7.5 HIGH | 5.9 MEDIUM |
| A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Within a third-party component, the process to allocate partition size fails to check memory boundaries. Therefore, if a large amount is requested by an attacker, due to an integer-wrap around, it could result in a small size being allocated instead. | |||||
| CVE-2021-42017 | 1 Siemens | 54 Ruggedcom I800, Ruggedcom I801, Ruggedcom I802 and 51 more | 2023-12-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i801, RUGGEDCOM i802, RUGGEDCOM i803, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM RMC30, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RP110, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600T, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS401, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000H, RUGGEDCOM RS8000T, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900L, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS969, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSL910, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. A new variant of the POODLE attack has left a third-party component vulnerable due to the implementation flaws of the CBC encryption mode in TLS 1.0 to 1.2. If an attacker were to exploit this, they could act as a man-in-the-middle and eavesdrop on encrypted communications. | |||||
| CVE-2023-44374 | 1 Siemens | 142 6ag1206-2bb00-7ac2, 6ag1206-2bb00-7ac2 Firmware, 6ag1206-2bs00-7ac2 and 139 more | 2023-12-12 | N/A | 8.8 HIGH |
| A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user allowing her to escalate her privileges. | |||||
| CVE-2023-44373 | 1 Siemens | 142 6ag1206-2bb00-7ac2, 6ag1206-2bb00-7ac2 Firmware, 6ag1206-2bs00-7ac2 and 139 more | 2023-12-12 | N/A | 9.1 CRITICAL |
| A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323. | |||||
| CVE-2021-37208 | 1 Siemens | 54 Ruggedcom I800, Ruggedcom I801, Ruggedcom I802 and 51 more | 2023-12-12 | 3.5 LOW | 9.6 CRITICAL |
| A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Improper neutralization of special characters on the web server configuration page could allow an attacker, in a privileged position, to retrieve sensitive information via cross-site scripting. | |||||
| CVE-2021-42016 | 1 Siemens | 54 Ruggedcom I800, Ruggedcom I801, Ruggedcom I802 and 51 more | 2023-12-12 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i801, RUGGEDCOM i802, RUGGEDCOM i803, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM RMC30, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RP110, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600T, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS401, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000H, RUGGEDCOM RS8000T, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900L, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS969, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSL910, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. A timing attack, in a third-party component, could make the retrieval of the private key possible, used for encryption of sensitive data. If a threat actor were to exploit this, the data integrity and security could be compromised. | |||||
| CVE-2022-36361 | 1 Siemens | 4 Logo\!8 Bm, Logo\!8 Bm Fs-05, Logo\!8 Bm Fs-05 Firmware and 1 more | 2023-12-12 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in LOGO! 12/24RCE (All versions), LOGO! 12/24RCEo (All versions), LOGO! 230RCE (All versions), LOGO! 230RCEo (All versions), LOGO! 24CE (All versions), LOGO! 24CEo (All versions), LOGO! 24RCE (All versions), LOGO! 24RCEo (All versions), SIPLUS LOGO! 12/24RCE (All versions), SIPLUS LOGO! 12/24RCEo (All versions), SIPLUS LOGO! 230RCE (All versions), SIPLUS LOGO! 230RCEo (All versions), SIPLUS LOGO! 24CE (All versions), SIPLUS LOGO! 24CEo (All versions), SIPLUS LOGO! 24RCE (All versions), SIPLUS LOGO! 24RCEo (All versions). Affected devices do not properly validate the structure of TCP packets in several methods. This could allow an attacker to cause buffer overflows, get control over the instruction counter and run custom code. | |||||
| CVE-2022-36363 | 1 Siemens | 4 Logo\!8 Bm, Logo\!8 Bm Fs-05, Logo\!8 Bm Fs-05 Firmware and 1 more | 2023-12-12 | N/A | 5.3 MEDIUM |
| A vulnerability has been identified in LOGO! 12/24RCE (All versions), LOGO! 12/24RCEo (All versions), LOGO! 230RCE (All versions), LOGO! 230RCEo (All versions), LOGO! 24CE (All versions), LOGO! 24CEo (All versions), LOGO! 24RCE (All versions), LOGO! 24RCEo (All versions), SIPLUS LOGO! 12/24RCE (All versions), SIPLUS LOGO! 12/24RCEo (All versions), SIPLUS LOGO! 230RCE (All versions), SIPLUS LOGO! 230RCEo (All versions), SIPLUS LOGO! 24CE (All versions), SIPLUS LOGO! 24CEo (All versions), SIPLUS LOGO! 24RCE (All versions), SIPLUS LOGO! 24RCEo (All versions). Affected devices do not properly validate an offset value which can be defined in TCP packets when calling a method. This could allow an attacker to retrieve parts of the content of the memory. | |||||
| CVE-2022-46143 | 1 Siemens | 202 Ruggedcom Rm1224 Lte\(4g\) Eu, Ruggedcom Rm1224 Lte\(4g\) Eu Firmware, Ruggedcom Rm1224 Lte\(4g\) Nam and 199 more | 2023-12-12 | N/A | 2.7 LOW |
| Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. | |||||
| CVE-2021-42018 | 1 Siemens | 54 Ruggedcom I800, Ruggedcom I801, Ruggedcom I802 and 51 more | 2023-12-12 | 7.5 HIGH | 5.9 MEDIUM |
| A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Within a third-party component, whenever memory allocation is requested, the out of bound size is not checked. Therefore, if size exceeding the expected allocation is assigned, it could allocate a smaller buffer instead. If an attacker were to exploit this, they could cause a heap overflow. | |||||
| CVE-2023-44319 | 1 Siemens | 142 6ag1206-2bb00-7ac2, 6ag1206-2bb00-7ac2 Firmware, 6ag1206-2bs00-7ac2 and 139 more | 2023-12-12 | N/A | 4.9 MEDIUM |
| A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that tricks a legitimate administrator to upload a modified configuration file to change the configuration of an affected device. | |||||
| CVE-2022-36362 | 1 Siemens | 4 Logo\!8 Bm, Logo\!8 Bm Fs-05, Logo\!8 Bm Fs-05 Firmware and 1 more | 2023-12-12 | N/A | 7.5 HIGH |
| A vulnerability has been identified in LOGO! 12/24RCE (All versions), LOGO! 12/24RCE (All versions), LOGO! 12/24RCEo (All versions), LOGO! 12/24RCEo (All versions), LOGO! 230RCE (All versions), LOGO! 230RCE (All versions), LOGO! 230RCEo (All versions), LOGO! 230RCEo (All versions), LOGO! 24CE (All versions), LOGO! 24CE (All versions), LOGO! 24CEo (All versions), LOGO! 24CEo (All versions), LOGO! 24RCE (All versions), LOGO! 24RCE (All versions), LOGO! 24RCEo (All versions), LOGO! 24RCEo (All versions), SIPLUS LOGO! 12/24RCE (All versions), SIPLUS LOGO! 12/24RCE (All versions), SIPLUS LOGO! 12/24RCEo (All versions), SIPLUS LOGO! 12/24RCEo (All versions), SIPLUS LOGO! 230RCE (All versions), SIPLUS LOGO! 230RCE (All versions), SIPLUS LOGO! 230RCEo (All versions), SIPLUS LOGO! 230RCEo (All versions), SIPLUS LOGO! 24CE (All versions), SIPLUS LOGO! 24CE (All versions), SIPLUS LOGO! 24CEo (All versions), SIPLUS LOGO! 24CEo (All versions), SIPLUS LOGO! 24RCE (All versions), SIPLUS LOGO! 24RCE (All versions), SIPLUS LOGO! 24RCEo (All versions), SIPLUS LOGO! 24RCEo (All versions). Affected devices do not conduct certain validations when interacting with them. This could allow an unauthenticated remote attacker to manipulate the devices IP address, which means the device would not be reachable and could only be recovered by power cycling the device. | |||||
| CVE-2023-44321 | 1 Siemens | 142 6ag1206-2bb00-7ac2, 6ag1206-2bb00-7ac2 Firmware, 6ag1206-2bs00-7ac2 and 139 more | 2023-12-12 | N/A | 6.5 MEDIUM |
| A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3 (EVDO), SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615, SCALANCE S615 EEC, SCALANCE XB205-3 (SC, PN), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, E/IP), SCALANCE XB205-3 (ST, PN), SCALANCE XB205-3LD (SC, E/IP), SCALANCE XB205-3LD (SC, PN), SCALANCE XB208 (E/IP), SCALANCE XB208 (PN), SCALANCE XB213-3 (SC, E/IP), SCALANCE XB213-3 (SC, PN), SCALANCE XB213-3 (ST, E/IP), SCALANCE XB213-3 (ST, PN), SCALANCE XB213-3LD (SC, E/IP), SCALANCE XB213-3LD (SC, PN), SCALANCE XB216 (E/IP), SCALANCE XB216 (PN), SCALANCE XC206-2 (SC), SCALANCE XC206-2 (ST/BFOC), SCALANCE XC206-2G PoE, SCALANCE XC206-2G PoE (54 V DC), SCALANCE XC206-2G PoE EEC (54 V DC), SCALANCE XC206-2SFP, SCALANCE XC206-2SFP EEC, SCALANCE XC206-2SFP G, SCALANCE XC206-2SFP G (EIP DEF.), SCALANCE XC206-2SFP G EEC, SCALANCE XC208, SCALANCE XC208EEC, SCALANCE XC208G, SCALANCE XC208G (EIP def.), SCALANCE XC208G EEC, SCALANCE XC208G PoE, SCALANCE XC208G PoE (54 V DC), SCALANCE XC216, SCALANCE XC216-3G PoE, SCALANCE XC216-3G PoE (54 V DC), SCALANCE XC216-4C, SCALANCE XC216-4C G, SCALANCE XC216-4C G (EIP Def.), SCALANCE XC216-4C G EEC, SCALANCE XC216EEC, SCALANCE XC224, SCALANCE XC224-4C G, SCALANCE XC224-4C G (EIP Def.), SCALANCE XC224-4C G EEC, SCALANCE XF204, SCALANCE XF204 DNA, SCALANCE XF204-2BA, SCALANCE XF204-2BA DNA, SCALANCE XP208, SCALANCE XP208 (Ethernet/IP), SCALANCE XP208EEC, SCALANCE XP208PoE EEC, SCALANCE XP216, SCALANCE XP216 (Ethernet/IP), SCALANCE XP216EEC, SCALANCE XP216POE EEC, SCALANCE XR324WG (24 x FE, AC 230V), SCALANCE XR324WG (24 X FE, DC 24V), SCALANCE XR326-2C PoE WG, SCALANCE XR326-2C PoE WG (without UL), SCALANCE XR328-4C WG (24XFE, 4XGE, 24V), SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (24xFE,4xGE,AC230V), SCALANCE XR328-4C WG (28xGE, AC 230V), SCALANCE XR328-4C WG (28xGE, DC 24V), SIPLUS NET SCALANCE XC206-2, SIPLUS NET SCALANCE XC206-2SFP, SIPLUS NET SCALANCE XC208, SIPLUS NET SCALANCE XC216-4C. Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again. | |||||
| CVE-2020-25243 | 1 Siemens | 1 Logo\! Soft Comfort | 2023-12-12 | 7.2 HIGH | 5.1 MEDIUM |
| A vulnerability has been identified in LOGO! Soft Comfort (All versions < V8.4). A zip slip vulnerability could be triggered while importing a compromised project file to the affected software. Chained with other vulnerabilities this vulnerability could ultimately lead to a system takeover by an attacker. | |||||
| CVE-2021-42020 | 1 Siemens | 54 Ruggedcom I800, Ruggedcom I801, Ruggedcom I802 and 51 more | 2023-12-12 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. The third-party component, in its TFTP functionality fails to check for null terminations in file names. If an attacker were to exploit this, it could result in data corruption, and possibly a hard-fault of the application. | |||||
| CVE-2023-30757 | 1 Siemens | 1 Totally Integrated Automation Portal | 2023-12-12 | N/A | 5.5 MEDIUM |
| A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). The know-how protection feature in affected products does not properly update the encryption of existing program blocks when a project file is updated. This could allow attackers with access to the project file to recover previous - yet unprotected - versions of the project without the knowledge of the know-how protection password. | |||||
| CVE-2021-38405 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-11-30 | N/A | 7.8 HIGH |
| The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2020-27827 | 5 Fedoraproject, Lldpd Project, Openvswitch and 2 more | 27 Fedora, Lldpd, Openvswitch and 24 more | 2023-11-26 | 7.1 HIGH | 7.5 HIGH |
| A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2023-46590 | 1 Siemens | 1 Siemens Opc Ua Modeling Editor | 2023-11-20 | N/A | N/A |
| A vulnerability has been identified in Siemens OPC UA Modelling Editor (SiOME) (All versions < V2.8). Affected products suffer from a XML external entity (XXE) injection vulnerability. This vulnerability could allow an attacker to interfere with an application's processing of XML data and read arbitrary files in the system. | |||||
| CVE-2023-46099 | 1 Siemens | 1 Simatic Pcs Neo | 2023-11-20 | N/A | 4.8 MEDIUM |
| A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). There is a stored cross-site scripting vulnerability in the Administration Console of the affected product, that could allow an attacker with high privileges to inject Javascript code into the application that is later executed by another legitimate user. | |||||
| CVE-2023-46098 | 1 Siemens | 1 Simatic Pcs Neo | 2023-11-20 | N/A | 8.8 HIGH |
| A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). When accessing the Information Server from affected products, the products use an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior. | |||||
| CVE-2023-46097 | 1 Siemens | 1 Simatic Pcs Neo | 2023-11-20 | N/A | 8.0 HIGH |
| A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of affected products does not properly neutralize user provided inputs. This could allow an authenticated adjacent attacker to execute SQL statements in the underlying database. | |||||
| CVE-2023-46096 | 1 Siemens | 1 Simatic Pcs Neo | 2023-11-20 | N/A | 6.5 MEDIUM |
| A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of affected products does not properly authenticate users in the PUD Manager web service. This could allow an unauthenticated adjacent attacker to generate a privileged token and upload additional documents. | |||||