Siemens

Sinec Nms

42 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2025-30033

  • EPSS 0.02%
  • Veröffentlicht 12.08.2025 11:16:56
  • Zuletzt bearbeitet 12.08.2025 14:25:33

The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.

8.8

CVE-2025-40738

  • EPSS 0.18%
  • Veröffentlicht 08.07.2025 10:34:56
  • Zuletzt bearbeitet 21.08.2025 15:10:50

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations a...

8.8

CVE-2025-40737

  • EPSS 0.18%
  • Veröffentlicht 08.07.2025 10:34:55
  • Zuletzt bearbeitet 21.08.2025 15:10:38

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations a...

9.8

CVE-2025-40736

  • EPSS 0.12%
  • Veröffentlicht 08.07.2025 10:34:53
  • Zuletzt bearbeitet 21.08.2025 15:10:33

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could allow an unauthenticated attacker to reset the sup...

8.8

CVE-2025-40735

  • EPSS 0.12%
  • Veröffentlicht 08.07.2025 10:34:52
  • Zuletzt bearbeitet 21.08.2025 15:10:29

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected devices are vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database.

8.7

CVE-2025-30176

  • EPSS 0.11%
  • Veröffentlicht 13.05.2025 09:38:39
  • Zuletzt bearbeitet 03.10.2025 19:52:59

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All version...

8.7

CVE-2025-30175

  • EPSS 0.11%
  • Veröffentlicht 13.05.2025 09:38:38
  • Zuletzt bearbeitet 03.10.2025 19:52:42

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All version...

8.7

CVE-2025-30174

  • EPSS 0.11%
  • Veröffentlicht 13.05.2025 09:38:37
  • Zuletzt bearbeitet 03.10.2025 19:52:23

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All version...

9.8

CVE-2024-49775

  • EPSS 0.51%
  • Veröffentlicht 16.12.2024 15:15:07
  • Zuletzt bearbeitet 11.03.2025 10:15:14

A vulnerability has been identified in Opcenter Execution Foundation (All versions), Opcenter Intelligence (All versions), Opcenter Quality (All versions), Opcenter RDL (All versions), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All ve...

6.5

CVE-2024-47808

  • EPSS 0.03%
  • Veröffentlicht 12.11.2024 13:15:10
  • Zuletzt bearbeitet 13.11.2024 23:14:07

A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could all...