← Back

Wincc Open Architecture

wincc_open_architecture

Vendor: Siemens • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-33139
1Siemens
4Cerberus Dms
Desigo CcDesigo Cc Compact+1 more
Nov 21, 2024
Jun 21, 2022
N/A· v4
9.8 CRITICAL· v3
6.8 MEDIUM· v2
A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All...Show more
A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.Show less
CVE-2014-0160
13Broadcom
CanonicalDebian+10 more
28Application Processing Engine Firmware
Cp 1543 1 FirmwareDebian Linux+25 more
Apr 21, 2026
Apr 7, 2014
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted pa...Show more
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.Show less