← Back

Siemens

siemens

2,161 CVEs • 4,155 products

Products (4,155)

Click to collapse
Toggle
Teamcenter Visualization
teamcenter_visualization
188 CVEs
Jt2go
jt2go
166 CVEs
Tecnomatix Plant Simulation
tecnomatix_plant_simulation
85 CVEs
Telecontrol Server Basic
telecontrol_server_basic
77 CVEs
Simcenter Femap
simcenter_femap
77 CVEs
Sinema Remote Connect Server
sinema_remote_connect_server
71 CVEs
Sinec Infrastructure Network Services
sinec_infrastructure_network_services
68 CVEs
Scalance W1750d Firmware
scalance_w1750d_firmware
62 CVEs
Parasolid
parasolid
52 CVEs
Solid Edge
solid_edge
47 CVEs
Wincc
wincc
43 CVEs
Sinec Nms
sinec-nms
43 CVEs
Sinec Ins
sinec_ins
42 CVEs
Solid Edge Se2023
solid_edge_se2023
36 CVEs
Sppa T3000 Ms3000 Migration Server
sppa-t3000_ms3000_migration_server
35 CVEs
Jt Utilities
jt_utilities
32 CVEs
Comos
comos
31 CVEs
Simatic Wincc
simatic_wincc
30 CVEs
Jt Open Toolkit
jt_open_toolkit
29 CVEs
Scalance Lpe9403 Firmware
scalance_lpe9403_firmware
27 CVEs
Simatic Pcs 7
simatic_pcs_7
25 CVEs
Simatic Pcs7
simatic_pcs7
25 CVEs
Nucleus Net
nucleus_net
25 CVEs
Nucleus Source Code
nucleus_source_code
25 CVEs
Scalance S615 Firmware
scalance_s615_firmware
24 CVEs
Simatic Itp1000 Firmware
simatic_itp1000_firmware
24 CVEs
Simatic Ipc477e Firmware
simatic_ipc477e_firmware
24 CVEs
Simatic Ipc427e Firmware
simatic_ipc427e_firmware
24 CVEs
Simatic Pcs Neo
simatic_pcs_neo
24 CVEs
Ruggedcom Rox Mx5000 Firmware
ruggedcom_rox_mx5000_firmware
23 CVEs
Ruggedcom Rox Rx1400 Firmware
ruggedcom_rox_rx1400_firmware
23 CVEs
Ruggedcom Rox Rx1500 Firmware
ruggedcom_rox_rx1500_firmware
23 CVEs
Ruggedcom Rox Rx1501 Firmware
ruggedcom_rox_rx1501_firmware
23 CVEs
Ruggedcom Rox Rx1510 Firmware
ruggedcom_rox_rx1510_firmware
23 CVEs
Ruggedcom Rox Rx1511 Firmware
ruggedcom_rox_rx1511_firmware
23 CVEs
Ruggedcom Rox Rx1512 Firmware
ruggedcom_rox_rx1512_firmware
23 CVEs
Ruggedcom Rox Rx5000 Firmware
ruggedcom_rox_rx5000_firmware
23 CVEs
Simatic Field Pg M5 Firmware
simatic_field_pg_m5_firmware
22 CVEs
Nucleus Readystart V3
nucleus_readystart_v3
20 CVEs
Pads Viewer
pads_viewer
20 CVEs
Solid Edge Se2024
solid_edge_se2024
20 CVEs
Simatic Step 7
simatic_step_7
19 CVEs
Simatic Itc1500 Firmware
simatic_itc1500_firmware
19 CVEs
Simatic Itc1500 Pro Firmware
simatic_itc1500_pro_firmware
19 CVEs
Simatic Itc1900 Firmware
simatic_itc1900_firmware
19 CVEs
Simatic Itc1900 Pro Firmware
simatic_itc1900_pro_firmware
19 CVEs
Simatic Itc2200 Firmware
simatic_itc2200_firmware
19 CVEs
Simatic Itc2200 Pro Firmware
simatic_itc2200_pro_firmware
19 CVEs
Sppa T3000 Application Server
sppa-t3000_application_server
19 CVEs
Simatic Ipc627e Firmware
simatic_ipc627e_firmware
19 CVEs
Simatic Ipc647e Firmware
simatic_ipc647e_firmware
19 CVEs
Simatic Ipc847e Firmware
simatic_ipc847e_firmware
19 CVEs
Ruggedcom Rox Rx1524 Firmware
ruggedcom_rox_rx1524_firmware
19 CVEs
Ruggedcom Rox Rx1536 Firmware
ruggedcom_rox_rx1536_firmware
19 CVEs
Tecnomatix
tecnomatix
19 CVEs
Simatic Field Pg M6 Firmware
simatic_field_pg_m6_firmware
18 CVEs
Simatic Ipc677e Firmware
simatic_ipc677e_firmware
18 CVEs
Sinema Server
sinema_server
17 CVEs
Opcenter Quality
opcenter_quality
17 CVEs
Simatic S7 1200 Cpu 1211c Firmware
simatic_s7-1200_cpu_1211c_firmware
16 CVEs
Simatic S7 1200 Cpu 1212c Firmware
simatic_s7-1200_cpu_1212c_firmware
16 CVEs
Simatic S7 1200 Cpu 1214c Firmware
simatic_s7-1200_cpu_1214c_firmware
16 CVEs
Sipass Integrated
sipass_integrated
16 CVEs
Logo! 8 Bm Firmware
logo!_8_bm_firmware
16 CVEs
Apogee Pxc Modular Firmware
apogee_pxc_modular_firmware
16 CVEs
Talon Tc Compact Firmware
talon_tc_compact_firmware
16 CVEs
Tim 1531 Irc Firmware
tim_1531_irc_firmware
16 CVEs
Scalance Xf204 Firmware
scalance_xf204_firmware
16 CVEs
Scalance Xf204 2ba Irt Firmware
scalance_xf204-2ba_irt_firmware
16 CVEs
Ruggedcom Crossbow
ruggedcom_crossbow
16 CVEs
Simatic Cn 4100 Firmware
simatic_cn_4100_firmware
16 CVEs
Sinec Traffic Analyzer
sinec_traffic_analyzer
16 CVEs
Scalance X308 2m Firmware
scalance_x308-2m_firmware
15 CVEs
Simatic S7 1200 Cpu 1215c Firmware
simatic_s7-1200_cpu_1215c_firmware
15 CVEs
Simatic S7 1200 Cpu 1217c Firmware
simatic_s7-1200_cpu_1217c_firmware
15 CVEs
Talon Tc Modular Firmware
talon_tc_modular_firmware
15 CVEs
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
simatic_hmi_ktp_mobile_panels_ktp400f_firmware
15 CVEs
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
simatic_hmi_ktp_mobile_panels_ktp700_firmware
15 CVEs
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
simatic_hmi_ktp_mobile_panels_ktp700f_firmware
15 CVEs
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
simatic_hmi_ktp_mobile_panels_ktp900_firmware
15 CVEs
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
simatic_hmi_ktp_mobile_panels_ktp900f_firmware
15 CVEs
Apogee Modular Equiment Controller Firmware
apogee_modular_equiment_controller_firmware
15 CVEs
Apogee Modular Building Controller Firmware
apogee_modular_building_controller_firmware
15 CVEs
Solid Edge Se2021 Firmware
solid_edge_se2021_firmware
15 CVEs
Automation License Manager
automation_license_manager
14 CVEs
Simatic S7 1500 Cpu Firmware
simatic_s7-1500_cpu_firmware
14 CVEs
Simatic Wincc (tia Portal)
simatic_wincc_(tia_portal)
14 CVEs
Sinvr 3 Central Control Server
sinvr_3_central_control_server
14 CVEs
Sinvr 3 Video Server
sinvr_3_video_server
14 CVEs
Capital Vstar
capital_vstar
14 CVEs
Scalance X307 3 Firmware
scalance_x307-3_firmware
14 CVEs
Scalance X307 3ld Firmware
scalance_x307-3ld_firmware
14 CVEs
Scalance X308 2 Firmware
scalance_x308-2_firmware
14 CVEs
Scalance X308 2ld Firmware
scalance_x308-2ld_firmware
14 CVEs
Scalance X308 2lh Firmware
scalance_x308-2lh_firmware
14 CVEs
Scalance X308 2m Ts Firmware
scalance_x308-2m_ts_firmware
14 CVEs
Scalance X310 Firmware
scalance_x310_firmware
14 CVEs
Scalance X310fe Firmware
scalance_x310fe_firmware
14 CVEs
Scalance X320 1fe Firmware
scalance_x320-1fe_firmware
14 CVEs
Scalance Xr324 12m Firmware
scalance_xr324-12m_firmware
14 CVEs

CVEs (2,161)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-3155
1Siemens
1Apogee Insight
May 6, 2026
Mar 18, 2016
N/A· v4
3.4 LOW· v3
3.6 LOW· v2
Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-2846
1Siemens
1Simatic S7 Cpu 1200 Firmware
May 6, 2026
Mar 16, 2016
N/A· v4
6.5 MEDIUM· v3
6.4 MEDIUM· v2
Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote attackers to bypass a "user program block" protection mechanism via unspecified vectors.
CVE-2016-2201
1Siemens
1Simatic S7 1500 Cpu Firmware
May 6, 2026
Feb 8, 2016
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to bypass a replay protection mechanism via packets on TCP port 102.
CVE-2016-2200
1Siemens
1Simatic S7 1500 Cpu Firmware
May 6, 2026
Feb 8, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to cause a denial of service (STOP mode transition) via crafted packets on TCP port 102.
CVE-2016-1488
1Siemens
2Ozw672 Firmware
Ozw772 Firmware
May 6, 2026
Jan 30, 2016
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the login form in the integrated web server on Siemens OZW OZW672 devices before 6.00 and OZW772 devices before 6.00 allows remote attackers to inject arbitrary web script or H...Show more
Cross-site scripting (XSS) vulnerability in the login form in the integrated web server on Siemens OZW OZW672 devices before 6.00 and OZW772 devices before 6.00 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.Show less
CVE-2015-7974
4Debian
NetappNtp+1 more
6Clustered Data Ontap
Debian LinuxNtp+3 more
May 6, 2026
Jan 26, 2016
N/A· v4
7.7 HIGH· v3
4.0 MEDIUM· v2
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted k...Show more
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."Show less
CVE-2015-8214
1Siemens
4Simatic Cp 343 1 Firmware
Simatic Cp 443 1 FirmwareSimatic Tim 3v Ie Firmware+1 more
May 6, 2026
Nov 27, 2015
N/A· v4
N/A· v3
9.7 HIGH· v2
A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions < V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS...Show more
A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions < V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-5 Basic (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-5 Extended (All versions), TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0), TIM 4R-IE (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0). The implemented access protection level enforcement of the affected communication processors (CP) could possibly allow unauthenticated users to perform administrative operations on the CPs if network access (port 102/TCP) is available and the CPs' configuration was stored on their corresponding CPUs.Show less
CVE-2015-7836
1Siemens
1Ruggedcom Rugged Operating System
May 6, 2026
Oct 28, 2015
N/A· v4
N/A· v3
3.3 LOW· v2
Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive information by sniffing the network for VLAN data within the padding section of an Ethernet frame.
CVE-2015-6675
1Siemens
1Ruggedcom Rugged Operating System
May 6, 2026
Sep 11, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Siemens RUGGEDCOM ROS 3.8.0 through 4.1.x permanently enables the IP forwarding feature, which allows remote attackers to bypass a VLAN isolation protection mechanism via IP traffic.
CVE-2015-5717
1Siemens
1Compas
May 6, 2026
Aug 31, 2015
N/A· v4
N/A· v3
5.8 MEDIUM· v2
The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a...Show more
The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.Show less
CVE-2015-5698
1Siemens
2Simatic S7 1200 Cpu
Simatic S7 1200 Cpu Firmware
May 6, 2026
Aug 30, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown...Show more
Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.Show less
CVE-2015-5537
1Siemens
2Ruggedcom Rox Ii Firmware
Ruggedcom Rugged Operating System
May 6, 2026
Aug 3, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-or...Show more
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566.Show less
CVE-2015-5084
1Siemens
2Simatic Wincc Sm@rtclient
Simatic Wincc Sm@rtclient Lite
May 6, 2026
Aug 3, 2015
N/A· v4
N/A· v3
2.1 LOW· v2
The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Android do not properly store passwords, which allows physically proximate attackers to obtain sensitive information via unsp...Show more
The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Android do not properly store passwords, which allows physically proximate attackers to obtain sensitive information via unspecified vectors.Show less
CVE-2015-5374
1Siemens
1Siprotec Firmware
May 6, 2026
Jul 18, 2015
N/A· v4
N/A· v3
7.8 HIGH· v2
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant D...Show more
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device.Show less
CVE-2015-5386
1Siemens
1Sicam Mic Firmware
May 6, 2026
Jul 16, 2015
N/A· v4
N/A· v3
9.3 HIGH· v2
Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication and obtain administrative access via unspecified HTTP requests.
CVE-2015-4174
1Siemens
1Climatix Bacnet/ip
May 6, 2026
Jun 28, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the integrated web server on the Siemens Climatix BACnet/IP communication module with firmware before 10.34 allows remote attackers to inject arbitrary web script or HTML via a...Show more
Cross-site scripting (XSS) vulnerability in the integrated web server on the Siemens Climatix BACnet/IP communication module with firmware before 10.34 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.Show less
CVE-2015-3610
1Siemens
1Homecontrol For Room Automation
May 6, 2026
May 7, 2015
N/A· v4
N/A· v3
5.4 MEDIUM· v2
The Siemens HomeControl for Room Automation application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive informa...Show more
The Siemens HomeControl for Room Automation application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information or modify data via a crafted certificate.Show less
CVE-2015-2823
1Siemens
1Wincc
May 6, 2026
Apr 8, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd...Show more
Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Professional before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Basic Panels 1st Generation (WinCC TIA Portal), SIMATIC HMI Mobile Panel 277 (WinCC TIA Portal), SIMATIC HMI Multi Panels (WinCC TIA Portal), and SIMATIC WinCC 7.x before 7.3 Upd4 allow remote attackers to complete authentication by leveraging knowledge of a password hash without knowledge of the associated password.Show less
CVE-2015-2822
1Siemens
1Wincc
May 6, 2026
Apr 8, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted...Show more
Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102.Show less
CVE-2015-1602
1Siemens
1Simatic Step 7
May 6, 2026
Apr 6, 2015
N/A· v4
N/A· v3
2.1 LOW· v2
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) we...Show more
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files.Show less