Vulnerabilidades em Siemens

1.636 resultados
Análise Vexday

O portfólio da Siemens acumula 1.633 CVEs catalogadas, volume expressivo que reflete a amplitude e a longevidade de seu ecossistema de produtos industriais e de automação. Nenhuma dessas vulnerabilidades consta atualmente no catálogo CISA KEV, taxa abaixo da média geral do catálogo, o que sugere menor pressão de exploração ativa no momento — embora 113 vulnerabilidades de severidade crítica e 31 surgidas nos últimos 90 dias indiquem um fluxo contínuo de exposição que requer monitoramento constante. O CVE mais relevante em termos de probabilidade de exploração é o CVE-2023-33919, com EPSS de 0,4772, valor que merece atenção em processos de priorização de correções. A falha mais frequente é do tipo CWE-125 (leitura fora dos limites de memória), padrão recorrente em componentes de software embarcado e de controle industrial que tende a viabilizar negação de serviço ou vazamento de informações sensíveis.

CVE-2023-27408LOWA vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex file is created with the permissions bits of EPSS 0.2%CVE-2025-27493CRITICALA vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < VEPSS 0.2%CVE-2023-7066HIGHSiemens Teamcenter Visualization and JT2Go Out-of-bounds ReadEPSS 0.2%CVE-2023-38558MEDIUMA vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration ConsoleEPSS 0.2%CVE-2025-31929MEDIUMA vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All versions), IEC 1Ph 7.4kW Child socket/ shutter (EPSS 0.2%CVE-2025-40829HIGHA vulnerability has been identified in Simcenter Femap (All versions < V2512). The affected applications contains an uninitialized memory vuEPSS 0.2%CVE-2024-47940HIGHA vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of boundEPSS 0.2%CVE-2024-41170HIGHA vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0015), Tecnomatix Plant Simulation V2404 (AllEPSS 0.2%CVE-2024-47941HIGHA vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of boundEPSS 0.2%CVE-2024-54095HIGHA vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 10). The affected application is vulnerable to integeEPSS 0.2%CVE-2024-45476MEDIUMA vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versiEPSS 0.2%CVE-2025-40802LOWA vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The affected device may be susceptible to resourceEPSS 0.2%CVE-2023-37195MEDIUMA vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATEPSS 0.2%CVE-2025-40803LOWA vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The affected device exposes certain non-critical iEPSS 0.2%CVE-2026-23715HIGHA vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applicEPSS 0.2%CVE-2023-45205HIGHA vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). The affected application is installed with specific fiEPSS 0.2%CVE-2026-23720HIGHA vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applicEPSS 0.2%CVE-2022-30527HIGHA vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application assigns improper access rights to specific EPSS 0.2%CVE-2025-23397HIGHA vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versiEPSS 0.2%CVE-2022-38466A vulnerability has been identified in CoreShield One-Way Gateway (OWG) Software (All versions < V2.2). The default installation sets insecuEPSS 0.2%