Vulnerabilities in Siemens

1,636 results
Vexday analysis

O portfólio da Siemens acumula 1.633 CVEs catalogadas, volume expressivo que reflete a amplitude e a longevidade de seu ecossistema de produtos industriais e de automação. Nenhuma dessas vulnerabilidades consta atualmente no catálogo CISA KEV, taxa abaixo da média geral do catálogo, o que sugere menor pressão de exploração ativa no momento — embora 113 vulnerabilidades de severidade crítica e 31 surgidas nos últimos 90 dias indiquem um fluxo contínuo de exposição que requer monitoramento constante. O CVE mais relevante em termos de probabilidade de exploração é o CVE-2023-33919, com EPSS de 0,4772, valor que merece atenção em processos de priorização de correções. A falha mais frequente é do tipo CWE-125 (leitura fora dos limites de memória), padrão recorrente em componentes de software embarcado e de controle industrial que tende a viabilizar negação de serviço ou vazamento de informações sensíveis.

CVE-2022-47977HIGHA vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0). The affected applicationEPSS 0.2%CVE-2023-27402HIGHA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of EPSS 0.2%CVE-2021-25673A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a DeniEPSS 0.2%CVE-2023-27401HIGHA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of EPSS 0.2%CVE-2023-27405HIGHA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of EPSS 0.2%CVE-2023-27398HIGHA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of EPSS 0.2%CVE-2022-37864A vulnerability has been identified in Solid Edge (All Versions < SE2022MP9). The affected application contains an out of bounds write past EPSS 0.2%CVE-2023-27399HIGHA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of EPSS 0.2%CVE-2023-27403HIGHA vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains a memory cEPSS 0.2%CVE-2024-21483MEDIUMA vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (All versions >= V3.2.3 < V3.2.4 only when manufactureEPSS 0.2%CVE-2023-38679HIGHA vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (AllEPSS 0.2%CVE-2023-38681HIGHA vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (AllEPSS 0.2%CVE-2023-38680HIGHA vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (AllEPSS 0.2%CVE-2024-39871MEDIUMA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly separatEPSS 0.2%CVE-2023-44081HIGHA vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (AllEPSS 0.2%CVE-2023-39549HIGHA vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 2). The affected application contains a use-after-freEPSS 0.2%CVE-2024-41981HIGHA vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (AlEPSS 0.2%CVE-2023-44084HIGHA vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (AllEPSS 0.2%CVE-2025-40758HIGHA vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions < V4.0.3), Mendix SAML (Mendix 10.21 compatible) EPSS 0.2%CVE-2021-42015A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.26), Mendix Applications using Mendix 8 (AllEPSS 0.2%