← Back

Siemens

siemens

2,161 CVEs • 4,155 products

Products (4,155)

Click to collapse
Toggle
Teamcenter Visualization
teamcenter_visualization
188 CVEs
Jt2go
jt2go
166 CVEs
Tecnomatix Plant Simulation
tecnomatix_plant_simulation
85 CVEs
Telecontrol Server Basic
telecontrol_server_basic
77 CVEs
Simcenter Femap
simcenter_femap
77 CVEs
Sinema Remote Connect Server
sinema_remote_connect_server
71 CVEs
Sinec Infrastructure Network Services
sinec_infrastructure_network_services
68 CVEs
Scalance W1750d Firmware
scalance_w1750d_firmware
62 CVEs
Parasolid
parasolid
52 CVEs
Solid Edge
solid_edge
47 CVEs
Wincc
wincc
43 CVEs
Sinec Nms
sinec-nms
43 CVEs
Sinec Ins
sinec_ins
42 CVEs
Solid Edge Se2023
solid_edge_se2023
36 CVEs
Sppa T3000 Ms3000 Migration Server
sppa-t3000_ms3000_migration_server
35 CVEs
Jt Utilities
jt_utilities
32 CVEs
Comos
comos
31 CVEs
Simatic Wincc
simatic_wincc
30 CVEs
Jt Open Toolkit
jt_open_toolkit
29 CVEs
Scalance Lpe9403 Firmware
scalance_lpe9403_firmware
27 CVEs
Simatic Pcs 7
simatic_pcs_7
25 CVEs
Simatic Pcs7
simatic_pcs7
25 CVEs
Nucleus Net
nucleus_net
25 CVEs
Nucleus Source Code
nucleus_source_code
25 CVEs
Scalance S615 Firmware
scalance_s615_firmware
24 CVEs
Simatic Itp1000 Firmware
simatic_itp1000_firmware
24 CVEs
Simatic Ipc477e Firmware
simatic_ipc477e_firmware
24 CVEs
Simatic Ipc427e Firmware
simatic_ipc427e_firmware
24 CVEs
Simatic Pcs Neo
simatic_pcs_neo
24 CVEs
Ruggedcom Rox Mx5000 Firmware
ruggedcom_rox_mx5000_firmware
23 CVEs
Ruggedcom Rox Rx1400 Firmware
ruggedcom_rox_rx1400_firmware
23 CVEs
Ruggedcom Rox Rx1500 Firmware
ruggedcom_rox_rx1500_firmware
23 CVEs
Ruggedcom Rox Rx1501 Firmware
ruggedcom_rox_rx1501_firmware
23 CVEs
Ruggedcom Rox Rx1510 Firmware
ruggedcom_rox_rx1510_firmware
23 CVEs
Ruggedcom Rox Rx1511 Firmware
ruggedcom_rox_rx1511_firmware
23 CVEs
Ruggedcom Rox Rx1512 Firmware
ruggedcom_rox_rx1512_firmware
23 CVEs
Ruggedcom Rox Rx5000 Firmware
ruggedcom_rox_rx5000_firmware
23 CVEs
Simatic Field Pg M5 Firmware
simatic_field_pg_m5_firmware
22 CVEs
Nucleus Readystart V3
nucleus_readystart_v3
20 CVEs
Pads Viewer
pads_viewer
20 CVEs
Solid Edge Se2024
solid_edge_se2024
20 CVEs
Simatic Step 7
simatic_step_7
19 CVEs
Simatic Itc1500 Firmware
simatic_itc1500_firmware
19 CVEs
Simatic Itc1500 Pro Firmware
simatic_itc1500_pro_firmware
19 CVEs
Simatic Itc1900 Firmware
simatic_itc1900_firmware
19 CVEs
Simatic Itc1900 Pro Firmware
simatic_itc1900_pro_firmware
19 CVEs
Simatic Itc2200 Firmware
simatic_itc2200_firmware
19 CVEs
Simatic Itc2200 Pro Firmware
simatic_itc2200_pro_firmware
19 CVEs
Sppa T3000 Application Server
sppa-t3000_application_server
19 CVEs
Simatic Ipc627e Firmware
simatic_ipc627e_firmware
19 CVEs
Simatic Ipc647e Firmware
simatic_ipc647e_firmware
19 CVEs
Simatic Ipc847e Firmware
simatic_ipc847e_firmware
19 CVEs
Ruggedcom Rox Rx1524 Firmware
ruggedcom_rox_rx1524_firmware
19 CVEs
Ruggedcom Rox Rx1536 Firmware
ruggedcom_rox_rx1536_firmware
19 CVEs
Tecnomatix
tecnomatix
19 CVEs
Simatic Field Pg M6 Firmware
simatic_field_pg_m6_firmware
18 CVEs
Simatic Ipc677e Firmware
simatic_ipc677e_firmware
18 CVEs
Sinema Server
sinema_server
17 CVEs
Opcenter Quality
opcenter_quality
17 CVEs
Simatic S7 1200 Cpu 1211c Firmware
simatic_s7-1200_cpu_1211c_firmware
16 CVEs
Simatic S7 1200 Cpu 1212c Firmware
simatic_s7-1200_cpu_1212c_firmware
16 CVEs
Simatic S7 1200 Cpu 1214c Firmware
simatic_s7-1200_cpu_1214c_firmware
16 CVEs
Sipass Integrated
sipass_integrated
16 CVEs
Logo! 8 Bm Firmware
logo!_8_bm_firmware
16 CVEs
Apogee Pxc Modular Firmware
apogee_pxc_modular_firmware
16 CVEs
Talon Tc Compact Firmware
talon_tc_compact_firmware
16 CVEs
Tim 1531 Irc Firmware
tim_1531_irc_firmware
16 CVEs
Scalance Xf204 Firmware
scalance_xf204_firmware
16 CVEs
Scalance Xf204 2ba Irt Firmware
scalance_xf204-2ba_irt_firmware
16 CVEs
Ruggedcom Crossbow
ruggedcom_crossbow
16 CVEs
Simatic Cn 4100 Firmware
simatic_cn_4100_firmware
16 CVEs
Sinec Traffic Analyzer
sinec_traffic_analyzer
16 CVEs
Scalance X308 2m Firmware
scalance_x308-2m_firmware
15 CVEs
Simatic S7 1200 Cpu 1215c Firmware
simatic_s7-1200_cpu_1215c_firmware
15 CVEs
Simatic S7 1200 Cpu 1217c Firmware
simatic_s7-1200_cpu_1217c_firmware
15 CVEs
Talon Tc Modular Firmware
talon_tc_modular_firmware
15 CVEs
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
simatic_hmi_ktp_mobile_panels_ktp400f_firmware
15 CVEs
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
simatic_hmi_ktp_mobile_panels_ktp700_firmware
15 CVEs
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
simatic_hmi_ktp_mobile_panels_ktp700f_firmware
15 CVEs
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
simatic_hmi_ktp_mobile_panels_ktp900_firmware
15 CVEs
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
simatic_hmi_ktp_mobile_panels_ktp900f_firmware
15 CVEs
Apogee Modular Equiment Controller Firmware
apogee_modular_equiment_controller_firmware
15 CVEs
Apogee Modular Building Controller Firmware
apogee_modular_building_controller_firmware
15 CVEs
Solid Edge Se2021 Firmware
solid_edge_se2021_firmware
15 CVEs
Automation License Manager
automation_license_manager
14 CVEs
Simatic S7 1500 Cpu Firmware
simatic_s7-1500_cpu_firmware
14 CVEs
Simatic Wincc (tia Portal)
simatic_wincc_(tia_portal)
14 CVEs
Sinvr 3 Central Control Server
sinvr_3_central_control_server
14 CVEs
Sinvr 3 Video Server
sinvr_3_video_server
14 CVEs
Capital Vstar
capital_vstar
14 CVEs
Scalance X307 3 Firmware
scalance_x307-3_firmware
14 CVEs
Scalance X307 3ld Firmware
scalance_x307-3ld_firmware
14 CVEs
Scalance X308 2 Firmware
scalance_x308-2_firmware
14 CVEs
Scalance X308 2ld Firmware
scalance_x308-2ld_firmware
14 CVEs
Scalance X308 2lh Firmware
scalance_x308-2lh_firmware
14 CVEs
Scalance X308 2m Ts Firmware
scalance_x308-2m_ts_firmware
14 CVEs
Scalance X310 Firmware
scalance_x310_firmware
14 CVEs
Scalance X310fe Firmware
scalance_x310fe_firmware
14 CVEs
Scalance X320 1fe Firmware
scalance_x320-1fe_firmware
14 CVEs
Scalance Xr324 12m Firmware
scalance_xr324-12m_firmware
14 CVEs

CVEs (2,161)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-7987
1Siemens
2Eta2 Firmware
Eta4 Firmware
May 13, 2026
Feb 13, 2017
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
An issue was discovered in Siemens ETA4 firmware (all versions prior to Revision 08) of the SM-2558 extension module for: SICAM AK, SICAM TM 1703, SICAM BC 1703, and SICAM AK 3. Specially crafted packets sent to Port 240...Show more
An issue was discovered in Siemens ETA4 firmware (all versions prior to Revision 08) of the SM-2558 extension module for: SICAM AK, SICAM TM 1703, SICAM BC 1703, and SICAM AK 3. Specially crafted packets sent to Port 2404/TCP could cause the affected device to go into defect mode. A cold start might be required to recover the system, a Denial-of-Service Vulnerability.Show less
CVE-2016-2518
7Debian
FreebsdNetapp+4 more
17Clustered Data Ontap
Communications User Data RepositoryData Ontap+14 more
May 13, 2026
Jan 30, 2017
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
CVE-2015-7977
8Canonical
DebianFedoraproject+5 more
10Clustered Data Ontap
Debian LinuxFedora+7 more
May 13, 2026
Jan 30, 2017
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
CVE-2015-7973
5Canonical
FreebsdNetapp+2 more
7Clustered Data Ontap
FreebsdNtp+4 more
May 13, 2026
Jan 30, 2017
N/A· v4
6.5 MEDIUM· v3
5.8 MEDIUM· v2
NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
CVE-2016-9154
1Siemens
6Desigo Web Module Pxa30 W0 Firmware
Desigo Web Module Pxa30 W1 FirmwareDesigo Web Module Pxa30 W2 Firmware+3 more
May 6, 2026
Dec 23, 2016
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Siemens Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 for Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D (All firmware versions < V6.00.046) and Desigo PX Web modules PXA30-W0, PXA30-W...Show more
Siemens Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 for Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D (All firmware versions < V6.00.046) and Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 for Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U (All firmware versions < V6.00.046) use a pseudo random number generator with insufficient entropy to generate certificates for HTTPS, potentially allowing remote attackers to reconstruct the corresponding private key.Show less
CVE-2016-9160
1Siemens
2Simatic Pcs 7
Simatic Wincc
May 6, 2026
Dec 17, 2016
N/A· v4
8.1 HIGH· v3
5.8 MEDIUM· v2
A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of...Show more
A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.Show less
CVE-2016-9159
1Siemens
2Simatic S7 300 Cpu Firmware
Simatic S7 400 Cpu Firmware
Jun 2, 2026
Dec 17, 2016
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl...Show more
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 V6 and earlier CPU family (All versions), SIMATIC S7-400 V7 CPU family (All versions), SIMATIC S7-410 V8 CPU family (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions). An attacker with network access to port 102/tcp (ISO-TSAP) or via Profibus could obtain credentials from the PLC if protection-level 2 is configured on the affected devices.Show less
CVE-2016-9158
1Siemens
2Simatic S7 300 Cpu Firmware
Simatic S7 400 Cpu Firmware
Jun 2, 2026
Dec 17, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl...Show more
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 V6 and earlier CPU family (All versions), SIMATIC S7-400 V7 CPU family (All versions). Specially crafted packets sent to port 80/tcp could cause the affected devices to go into defect mode. A cold restart is required to recover the system.Show less
CVE-2016-9157
1Siemens
1Sicam Pas/pqs
May 6, 2026
Dec 5, 2016
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by sending specially cra...Show more
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by sending specially crafted packets to port 19234/TCP.Show less
CVE-2016-9156
1Siemens
1Sicam Pas/pqs
May 6, 2026
Dec 5, 2016
N/A· v4
7.3 HIGH· v3
7.5 HIGH· v2
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/T...Show more
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP.Show less
CVE-2016-8673
1Siemens
4Simatic Cp 343 1 Firmware
Simatic Cp 443 1 FirmwareSimatic S7 300 Cpu Firmware+1 more
May 6, 2026
Nov 23, 2016
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CP...Show more
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request.Show less
CVE-2016-8672
1Siemens
4Simatic Cp 343 1 Firmware
Simatic Cp 443 1 FirmwareSimatic S7 300 Cpu Firmware+1 more
May 6, 2026
Nov 23, 2016
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CP...Show more
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the "secure" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission.Show less
CVE-2016-9155
1Siemens
15Ccid1445 Dn18 Firmware
Ccid1445 Dn28 FirmwareCcid1445 Dn36 Firmware+12 more
May 6, 2026
Nov 22, 2016
N/A· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; CCID1445-DN18, CCID14...Show more
The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; CCID1445-DN18, CCID1445-DN28, CCID1145-DN36, CFIS1425, CCIS1425, CFMS2025, CCMS2025, CVMS2025-IR, CFMW1025, CCMW1025 prior to version v2635_SP1 could allow an attacker with network access to the web server to obtain administrative credentials under certain circumstances.Show less
CVE-2016-8562
1Siemens
2Simatic Cp 1543 1 Firmware
Siplus Net Cp 1543 1 Firmware
Apr 21, 2026
Nov 18, 2016
N/A· v4
7.5 HIGH· v3
3.5 LOW· v2
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Under special conditions it was possible to write SNMP variables on port 161/udp which sho...Show more
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these variables could reduce the availability or cause a denial-of-service.Show less
CVE-2016-8561
1Siemens
1Simatic Cp 1543 1 Firmware
May 6, 2026
Nov 18, 2016
N/A· v4
6.6 MEDIUM· v3
6.0 MEDIUM· v2
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Users with elevated privileges to TIA-Portal and project data on the engineering station c...Show more
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Users with elevated privileges to TIA-Portal and project data on the engineering station could possibly get privileged access on affected devices.Show less
CVE-2016-7165
1Siemens
18Primary Setup Tool
Security Configuration ToolSimatic It Production Suite+15 more
May 6, 2026
Nov 15, 2016
N/A· v4
6.4 MEDIUM· v3
6.9 MEDIUM· v2
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (Al...Show more
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files\*" or the localized equivalent).Show less
CVE-2016-8565
1Siemens
1Automation License Manager
May 6, 2026
Oct 13, 2016
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets.
CVE-2016-8564
1Siemens
1Automation License Manager
May 6, 2026
Oct 13, 2016
N/A· v4
6.5 MEDIUM· v3
6.4 MEDIUM· v2
SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410.
CVE-2016-8563
1Siemens
1Automation License Manager
May 6, 2026
Oct 13, 2016
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410.
CVE-2016-7960
1Siemens
1Simatic Step 7
May 6, 2026
Oct 13, 2016
N/A· v4
2.5 LOW· v3
1.9 LOW· v2
Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspeci...Show more
Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.Show less