Siemens

Simatic Pcs7

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2017-14023

  • EPSS 2.77%
  • Veröffentlicht 06.11.2017 22:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote ...

8.2

CVE-2017-12069

  • EPSS 0.94%
  • Veröffentlicht 30.08.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (Al...

6.9

CVE-2016-7165

  • EPSS 0.1%
  • Veröffentlicht 15.11.2016 19:30:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8....

5

CVE-2014-8552

  • EPSS 0.12%
  • Veröffentlicht 26.11.2014 11:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via cr...

10

CVE-2014-8551

  • EPSS 5.81%
  • Veröffentlicht 26.11.2014 11:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via ...

6.8

CVE-2014-4686

  • EPSS 0.23%
  • Veröffentlicht 24.07.2014 14:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote attackers to obtain sensitive information by extracting this key from another product ...

4.6

CVE-2014-4685

  • EPSS 0.05%
  • Veröffentlicht 24.07.2014 14:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control.

6

CVE-2014-4684

  • EPSS 0.37%
  • Veröffentlicht 24.07.2014 14:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433.

4.9

CVE-2014-4683

  • EPSS 0.16%
  • Veröffentlicht 24.07.2014 14:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request.

5

CVE-2014-4682

  • EPSS 0.23%
  • Veröffentlicht 24.07.2014 14:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request.