Vulnerabilidades em Siemens

1.636 resultados
Análise Vexday

O portfólio da Siemens acumula 1.633 CVEs catalogadas, volume expressivo que reflete a amplitude e a longevidade de seu ecossistema de produtos industriais e de automação. Nenhuma dessas vulnerabilidades consta atualmente no catálogo CISA KEV, taxa abaixo da média geral do catálogo, o que sugere menor pressão de exploração ativa no momento — embora 113 vulnerabilidades de severidade crítica e 31 surgidas nos últimos 90 dias indiquem um fluxo contínuo de exposição que requer monitoramento constante. O CVE mais relevante em termos de probabilidade de exploração é o CVE-2023-33919, com EPSS de 0,4772, valor que merece atenção em processos de priorização de correções. A falha mais frequente é do tipo CWE-125 (leitura fora dos limites de memória), padrão recorrente em componentes de software embarcado e de controle industrial que tende a viabilizar negação de serviço ou vazamento de informações sensíveis.

CVE-2023-44315MEDIUMA vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuraEPSS 0.3%CVE-2024-34772HIGHA vulnerability has been identified in Solid Edge (All versions < V224.0 Update 4). The affected applications contain an out of bounds read EPSS 0.3%CVE-2022-30694MEDIUMThe login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attacEPSS 0.3%CVE-2023-38071HIGHA vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), TeamcenEPSS 0.3%CVE-2023-38070HIGHA vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), TeamcenEPSS 0.3%CVE-2020-28392A vulnerability has been identified in SIMARIS configuration (All versions < V4.0.1). During installation to default target folder, incorrecEPSS 0.3%CVE-2023-38076HIGHA vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), TeamcenEPSS 0.3%CVE-2022-38773MEDIUMAffected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not bEPSS 0.3%CVE-2024-32006MEDIUMA vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application does not expire the EPSS 0.3%CVE-2024-46892MEDIUMA vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sEPSS 0.3%CVE-2023-28829LOWA vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7EPSS 0.3%CVE-2023-28830HIGHA vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Solid Edge SE2022 (All versions < V222.0 Update 13), Solid Edge SE2EPSS 0.3%CVE-2024-36140HIGHA vulnerability has been identified in OZW672 (All versions < V5.2), OZW772 (All versions < V5.2). The user accounts tab of affected devicesEPSS 0.3%CVE-2011-20002HIGHA vulnerability has been identified in SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) (All versions < V2.0.2), SIMATIC S7-1200 CPU V2EPSS 0.3%CVE-2024-53648HIGHA vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.90), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 EPSS 0.3%CVE-2026-33893HIGHA vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), TeamcenteEPSS 0.3%CVE-2025-40948MEDIUMA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEEPSS 0.3%CVE-2024-53832MEDIUMA vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V05.30). The affected devices contain a securEPSS 0.3%CVE-2024-46889MEDIUMA vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic EPSS 0.3%CVE-2025-41222MEDIUMA vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOEPSS 0.3%