Vulnerabilidades en Siemens

1636 resultados
Análisis Vexday

O portfólio da Siemens acumula 1.633 CVEs catalogadas, volume expressivo que reflete a amplitude e a longevidade de seu ecossistema de produtos industriais e de automação. Nenhuma dessas vulnerabilidades consta atualmente no catálogo CISA KEV, taxa abaixo da média geral do catálogo, o que sugere menor pressão de exploração ativa no momento — embora 113 vulnerabilidades de severidade crítica e 31 surgidas nos últimos 90 dias indiquem um fluxo contínuo de exposição que requer monitoramento constante. O CVE mais relevante em termos de probabilidade de exploração é o CVE-2023-33919, com EPSS de 0,4772, valor que merece atenção em processos de priorização de correções. A falha mais frequente é do tipo CWE-125 (leitura fora dos limites de memória), padrão recorrente em componentes de software embarcado e de controle industrial que tende a viabilizar negação de serviço ou vazamento de informações sensíveis.

CVE-2019-18340MEDIUMA vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), Control Center Server (CCS) (All versions >= V1.EPSS 0.3%CVE-2023-26293HIGHA vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation PEPSS 0.2%CVE-2024-39870HIGHA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected applications can be configured tEPSS 0.2%CVE-2020-25244HIGHA vulnerability has been identified in LOGO! Soft Comfort (All versions < V8.4). The software insecurely loads libraries which makes it vulnEPSS 0.2%CVE-2022-42784HIGHA vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions >= V8.3), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (AllEPSS 0.2%CVE-2025-40569MEDIUMA vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All vEPSS 0.2%CVE-2022-40180A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), DEPSS 0.2%CVE-2025-24007HIGHA vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions), SIRIUS Safety Relays 3SK2 (All versions). AffEPSS 0.2%CVE-2024-45466HIGHA vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versiEPSS 0.2%CVE-2023-37246HIGHA vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (AllEPSS 0.2%CVE-2024-45465HIGHA vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versiEPSS 0.2%CVE-2024-45464HIGHA vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versiEPSS 0.2%CVE-2024-45470HIGHA vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versiEPSS 0.2%CVE-2023-40729HIGHA vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application lacks security control to prevent unEPSS 0.2%CVE-2021-33716A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions < V3.0), SIMATIC CP 1545-1 (All versions < V1EPSS 0.2%CVE-2023-36749HIGHA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEEPSS 0.2%CVE-2024-39888HIGHA vulnerability has been identified in Mendix Encryption (All versions >= V10.0.0 < V10.0.2). Affected versions of the module define a speciEPSS 0.2%CVE-2024-38876HIGHA vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All verEPSS 0.2%CVE-2024-47046HIGHA vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (AlEPSS 0.2%CVE-2024-39866HIGHA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to uploEPSS 0.2%