Filtered by vendor Siemens
Subscriptions
Total
2183 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30002 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25909) | ||||
| CVE-2025-30003 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectConnections' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25910) | ||||
| CVE-2025-30030 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'ImportDatabase' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25924) | ||||
| CVE-2025-30031 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateUsers' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25922) | ||||
| CVE-2025-30032 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateDatabaseSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25921) | ||||
| CVE-2025-31343 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateTcmSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25920) | ||||
| CVE-2025-31349 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateSmtpSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25919) | ||||
| CVE-2025-31350 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateBufferingSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25918) | ||||
| CVE-2025-31351 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'CreateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25917) | ||||
| CVE-2025-31352 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateGateways' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25915) | ||||
| CVE-2025-27495 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 9.8 Critical |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'CreateTrace' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25911) | ||||
| CVE-2025-27539 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 9.8 Critical |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'VerifyUser' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25914) | ||||
| CVE-2025-27540 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 9.8 Critical |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'Authenticate' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25913) | ||||
| CVE-2025-29905 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 8.8 High |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'RestoreFromBackup' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25923) | ||||
| CVE-2025-29931 | 1 Siemens | 1 Telecontrol Server Basic | 2025-08-19 | 3.7 Low |
| A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated remote attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a partial denial of service condition. Successful exploitation is only possible in redundant Telecontrol Server Basic setups and only if the connection between the redundant servers has been disrupted. | ||||
| CVE-2025-40768 | 1 Siemens | 1 Sinec Traffic Analyzer | 2025-08-15 | 7.3 High |
| A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application exposes an internal service port to be accessible from outside the system. This could allow an unauthorized attacker to access the application. | ||||
| CVE-2025-40767 | 1 Siemens | 1 Sinec Traffic Analyzer | 2025-08-15 | 7.8 High |
| A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host system resources. | ||||
| CVE-2025-40766 | 1 Siemens | 1 Sinec Traffic Analyzer | 2025-08-15 | 5.5 Medium |
| A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service (DoS) attack. | ||||
| CVE-2025-40743 | 1 Siemens | 4 Sinumerik 828d, Sinumerik 840d Sl, Sinumerik Mc and 1 more | 2025-08-13 | 8.3 High |
| A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 828D PPU.5 (All versions < V5.25 SP1), SINUMERIK 840D sl (All versions < V4.95 SP5), SINUMERIK MC (All versions < V1.25 SP1), SINUMERIK MC V1.15 (All versions < V1.15 SP5), SINUMERIK ONE (All versions < V6.25 SP1), SINUMERIK ONE V6.15 (All versions < V6.15 SP5). The affected application improperly validates authentication for its VNC access service, allowing access with insufficient password verification. This could allow an attacker to gain unauthorized remote access and potentially compromise system confidentiality, integrity, or availability. | ||||
| CVE-2025-40752 | 1 Siemens | 2 Q100, Q200 | 2025-08-13 | 6.2 Medium |
| A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q200 family (All versions >= V2.70 < V2.80). Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes. | ||||