Siemens

Simatic Cn 4100

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2025-9232

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 30.09.2025 14:15:41
  • Zuletzt bearbeitet 12.05.2026 13:17:30

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'no_proxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summ...

6.5

CVE-2025-9231

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 30.09.2025 14:15:41
  • Zuletzt bearbeitet 12.05.2026 13:17:29

Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm implementation on 64 bit ARM platforms. Impact summary: A timing side-channel in SM2 signature computations on 64 bit A...

7.5

CVE-2025-9230

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 30.09.2025 14:15:41
  • Zuletzt bearbeitet 12.05.2026 13:17:29

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an a...

6.3

CVE-2025-8916

  • EPSS 0.09%
  • Veröffentlicht 13.08.2025 09:31:21
  • Zuletzt bearbeitet 12.05.2026 13:17:29

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All (API modules), Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BCPKIX ...

7.1

CVE-2025-40593

  • EPSS 0.31%
  • Veröffentlicht 08.07.2025 10:34:51
  • Zuletzt bearbeitet 16.12.2025 19:33:11

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0). The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service...

6.6

CVE-2025-2884

Medienbericht
  • EPSS 0.07%
  • Veröffentlicht 10.06.2025 17:29:19
  • Zuletzt bearbeitet 15.04.2026 00:35:42

TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG st...

7.6

CVE-2024-32742

  • EPSS 0.14%
  • Veröffentlicht 14.05.2024 16:17:12
  • Zuletzt bearbeitet 20.08.2025 18:05:14

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains an unrestricted USB port. An attacker with local access to the device could potentially misuse the port for booting another operating system an...

9.8

CVE-2024-32740

  • EPSS 0.86%
  • Veröffentlicht 14.05.2024 16:17:11
  • Zuletzt bearbeitet 20.08.2025 18:09:35

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains undocumented users and credentials. An attacker could misuse the credentials to compromise the device locally or over the network.

10

CVE-2024-32741

  • EPSS 0.74%
  • Veröffentlicht 14.05.2024 16:17:11
  • Zuletzt bearbeitet 26.08.2025 20:16:23

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains hard coded password which is used for the privileged system user `root` and for the boot loader `GRUB` by default . An attacker who manages to ...