Siemens Siemens

Do you want an email whenever new security vulnerabilities are reported in any Siemens product?

Products by Siemens Sorted by Most Security Vulnerabilities since 2018

Siemens Jt2go138 vulnerabilities

Siemens Simcenter Femap45 vulnerabilities

Siemens Solid Edge44 vulnerabilities

Siemens Parasolid43 vulnerabilities

Siemens Solid Edge Se202335 vulnerabilities

Siemens Jt Utilities32 vulnerabilities

Siemens Sinec Ins31 vulnerabilities

Siemens Jt Open Toolkit29 vulnerabilities

Siemens Comos27 vulnerabilities

Siemens Nucleus Net25 vulnerabilities

Siemens Nucleus Source Code25 vulnerabilities

Siemens Sinec Nms23 vulnerabilities

Siemens Capital Vstar23 vulnerabilities

Siemens Simatic Wincc21 vulnerabilities

Siemens Nucleus Readystart V320 vulnerabilities

Siemens Pads Viewer20 vulnerabilities

Siemens Simatic Pcs 720 vulnerabilities

Siemens Tecnomatix19 vulnerabilities

Siemens Sinvr 3 Video Server17 vulnerabilities

Siemens Simatic Pcs Neo17 vulnerabilities

Siemens Nucleus Readystart V414 vulnerabilities

Siemens Sicam Paspqs12 vulnerabilities

Siemens Sinema Server11 vulnerabilities

Siemens Qms Automotive11 vulnerabilities

Siemens Xhq10 vulnerabilities

Siemens Simatic Wincc Runtime10 vulnerabilities

Siemens Opcenter Quality10 vulnerabilities

Siemens Vstar10 vulnerabilities

Siemens Simatic Step 79 vulnerabilities

Siemens Nucleus Readystart8 vulnerabilities

Siemens Nucleus Rtos8 vulnerabilities

Siemens Spectrum Power 48 vulnerabilities

Siemens Sipass Integrated7 vulnerabilities

Siemens Simatic Net Pc7 vulnerabilities

Siemens Ruggedcom Crossbow7 vulnerabilities

Siemens Teamcenter7 vulnerabilities

Siemens Logo Soft Comfort6 vulnerabilities

Siemens Nucleus 46 vulnerabilities

Siemens Spectrum Power 76 vulnerabilities

Siemens Nx 19806 vulnerabilities

Siemens Siveillance Identity6 vulnerabilities

Siemens Simatic Cn 41005 vulnerabilities

Siemens Solid Edge Se20225 vulnerabilities

Siemens Mendix4 vulnerabilities

Siemens Simatic Wincc Oa4 vulnerabilities

Siemens Simocode Es3 vulnerabilities

Siemens Desigo Insight3 vulnerabilities

Siemens Soft Starter Es3 vulnerabilities

Siemens Simatic Batch3 vulnerabilities

Siemens Solid Edge Se20203 vulnerabilities

Siemens Solid Edge Se20213 vulnerabilities

Siemens Polarion3 vulnerabilities

Siemens Polarion Alm3 vulnerabilities

Siemens Pss Cape3 vulnerabilities

Siemens Simatic S7 15003 vulnerabilities

Siemens Simatic S7 Plcsim3 vulnerabilities

Siemens Sicam Pas3 vulnerabilities

Known Exploited Siemens Vulnerabilities

The following Siemens vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service. CVE-2016-8562 March 3, 2022

By the Year

In 2024 there have been 32 vulnerabilities in Siemens with an average score of 7.7 out of ten. Last year Siemens had 184 security vulnerabilities published. Right now, Siemens is on track to have less security vulnerabilities in 2024 than it did last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.10.

Year Vulnerabilities Average Score
2024 32 7.71
2023 184 7.61
2022 209 7.41
2021 304 7.17
2020 66 6.81
2019 115 7.71
2018 24 7.28

It may take a day or so for new Siemens vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Siemens Security Vulnerabilities

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2)

CVE-2022-32257 9.8 - Critical - March 12, 2024

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resources and potentially lead to code execution.

Authorization

A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8)

CVE-2024-22039 9.8 - Critical - March 12, 2024

A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.6602), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions < V3.2.6601), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.2.5015), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions < MP8), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions < MP6 SR3), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions < MP7 SR5), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions < V3.0.6602), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.0.5016), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions < V3.2.6601), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.2.5015), Sinteso Mobile (All versions < V3.0.0). The network communication library in affected systems does not validate the length of certain X.509 certificate attributes which might result in a stack-based buffer overflow. This could allow an unauthenticated remote attacker to execute code on the underlying operating system with root privileges.

Classic Buffer Overflow

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1)

CVE-2024-22045 6.5 - Medium - March 12, 2024

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1). The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product.

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)

CVE-2024-23803 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23804 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted PSOBJ files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23795 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23796 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23797 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23798 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)

CVE-2024-23799 5.5 - Medium - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

NULL Pointer Dereference

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)

CVE-2024-23800 5.5 - Medium - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

NULL Pointer Dereference

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)

CVE-2024-23801 5.5 - Medium - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

NULL Pointer Dereference

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23802 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4)

CVE-2023-44120 7.8 - High - January 09, 2024

A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access.

Incorrect Permission Assignment for Critical Resource

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7)

CVE-2023-49251 9.8 - Critical - January 09, 2024

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device even after the affected device is fully set up.

Insecure Direct Object Reference / IDOR

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7)

CVE-2023-49252 7.5 - High - January 09, 2024

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The affected application allows IP configuration change without authentication to the device. This could allow an attacker to cause denial of service condition.

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7)

CVE-2023-49621 9.8 - Critical - January 09, 2024

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device.

1392

A vulnerability has been identified in JT2Go (All versions < V14.3.0.6)

CVE-2023-51439 7.8 - High - January 09, 2024

A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in JT2Go (All versions < V14.3.0.6)

CVE-2023-51744 5.5 - Medium - January 09, 2024

A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

NULL Pointer Dereference

A vulnerability has been identified in JT2Go (All versions < V14.3.0.6)

CVE-2023-51745 7.8 - High - January 09, 2024

A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.

Stack Overflow

A vulnerability has been identified in JT2Go (All versions < V14.3.0.6)

CVE-2023-51746 7.8 - High - January 09, 2024

A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.

Stack Overflow

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49121 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49122 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49123 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49124 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49126 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49127 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49128 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49129 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49130 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Access of Uninitialized Pointer

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49131 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Access of Uninitialized Pointer

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10)

CVE-2023-49132 7.8 - High - January 09, 2024

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Access of Uninitialized Pointer

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19)

CVE-2022-46141 5.5 - Medium - December 12, 2023

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware configuration of the affected application.

Cleartext Storage of Sensitive Information

A vulnerability has been identified in Opcenter Quality (All versions < V2312)

CVE-2023-46283 7.5 - High - December 12, 2023

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.

Classic Buffer Overflow

A vulnerability has been identified in Opcenter Quality (All versions < V2312)

CVE-2023-46284 7.5 - High - December 12, 2023

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.

Memory Corruption

A vulnerability has been identified in Opcenter Quality (All versions < V2312)

CVE-2023-46285 7.5 - High - December 12, 2023

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog.

A vulnerability has been identified in Opcenter Quality (All versions < V2312)

CVE-2023-46281 8.8 - High - December 12, 2023

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). When accessing the UMC Web-UI from affected products, UMC uses an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior.

Permissive Cross-domain Policy with Untrusted Domains

A vulnerability has been identified in Opcenter Quality (All versions < V2312)

CVE-2023-46282 6.1 - Medium - December 12, 2023

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected applications that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user.

XSS

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2)

CVE-2023-48427 9.8 - Critical - December 12, 2023

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected products do not properly validate the certificate of the configured UMC server. This could allow an attacker to intercept credentials that are sent to the UMC server as well as to manipulate responses, potentially allowing an attacker to escalate privileges.

Improper Certificate Validation

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2)

CVE-2023-48428 7.2 - High - December 12, 2023

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level.

Shell injection

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2)

CVE-2023-48429 2.7 - Low - December 12, 2023

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automatically restart.

Improper Check for Unusual or Exceptional Conditions

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2)

CVE-2023-48430 2.7 - Low - December 12, 2023

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically restart.

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2)

CVE-2023-48431 8.6 - High - December 12, 2023

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected software does not correctly validate the response received by an UMC server. An attacker can use this to crash the affected software by providing and configuring a malicious UMC server or by manipulating the traffic from a legitimate UMC server (i.e. leveraging CVE-2023-48427).

Improper Check for Unusual or Exceptional Conditions

The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files

CVE-2021-38405 7.8 - High - November 21, 2023

The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in COMOS (All versions)

CVE-2023-43505 6.5 - Medium - November 14, 2023

A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in SMB shares. This could allow an attacker to access files that the user should not have access to.

A vulnerability has been identified in COMOS (All versions < V10.4.4)

CVE-2023-43504 9.8 - Critical - November 14, 2023

A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition.

A vulnerability has been identified in COMOS (All versions < V10.4.4)

CVE-2023-43503 7.5 - High - November 14, 2023

A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP.

Cleartext Transmission of Sensitive Information

A vulnerability has been identified in COMOS (All versions)

CVE-2023-46601 7.5 - High - November 14, 2023

A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to.

A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1)

CVE-2023-46098 8.8 - High - November 14, 2023

A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). When accessing the Information Server from affected products, the products use an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior.

A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1)

CVE-2023-46096 6.5 - Medium - November 14, 2023

A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of affected products does not properly authenticate users in the PUD Manager web service. This could allow an unauthenticated adjacent attacker to generate a privileged token and upload additional documents.

A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.4.0)

CVE-2023-45794 8.1 - High - November 14, 2023

A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.4.0), Mendix Applications using Mendix 7 (All versions < V7.23.37), Mendix Applications using Mendix 8 (All versions < V8.18.27), Mendix Applications using Mendix 9 (All versions < V9.24.10). A capture-replay flaw in the platform could have an impact to apps built with the platform, if certain preconditions are met that depend on the app's model and access control design. This could allow authenticated attackers to access or modify objects without proper authorization, or escalate privileges in the context of the vulnerable app.

Authentication Bypass by Capture-replay

A vulnerability has been identified in Siemens OPC UA Modelling Editor (SiOME) (All versions < V2.8)

CVE-2023-46590 - November 14, 2023

A vulnerability has been identified in Siemens OPC UA Modelling Editor (SiOME) (All versions < V2.8). Affected products suffer from a XML external entity (XXE) injection vulnerability. This vulnerability could allow an attacker to interfere with an application's processing of XML data and read arbitrary files in the system.

A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1)

CVE-2023-46099 4.8 - Medium - November 14, 2023

A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). There is a stored cross-site scripting vulnerability in the Administration Console of the affected product, that could allow an attacker with high privileges to inject Javascript code into the application that is later executed by another legitimate user.

XSS

A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1)

CVE-2023-46097 8 - High - November 14, 2023

A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of affected products does not properly neutralize user provided inputs. This could allow an authenticated adjacent attacker to execute SQL statements in the underlying database.

A vulnerability has been identified in SINEMA Server V14 (All versions)

CVE-2023-35796 9 - Critical - October 10, 2023

A vulnerability has been identified in SINEMA Server V14 (All versions). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could perform a stored cross-site scripting (XSS) attack that may lead to arbitrary code execution with `SYSTEM` privileges on the application server. (ZDI-CAN-19823)

XSS

A vulnerability has been identified in SINEC NMS (All versions < V2.0)

CVE-2022-30527 7.8 - High - October 10, 2023

A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application assigns improper access rights to specific folders containing executable files and libraries. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

Incorrect Permission Assignment for Critical Resource

A vulnerability has been identified in Xpedition Layout Browser (All versions < VX.2.14)

CVE-2023-30900 7.8 - High - October 10, 2023

A vulnerability has been identified in Xpedition Layout Browser (All versions < VX.2.14). Affected application contains a stack overflow vulnerability when parsing a PCB file. An attacker can leverage this vulnerability to execute code in the context of the current process.

Stack Overflow

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.22)

CVE-2023-38640 4.4 - Medium - October 10, 2023

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.22). The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the application process.

Incorrect Permission Assignment for Critical Resource

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20)

CVE-2023-45205 7.8 - High - October 10, 2023

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to `NT AUTHORITY/SYSTEM`.

Incorrect Permission Assignment for Critical Resource

A vulnerability has been identified in Simcenter Amesim (All versions < V2021.1)

CVE-2023-43625 9.8 - Critical - October 10, 2023

A vulnerability has been identified in Simcenter Amesim (All versions < V2021.1). The affected application contains a SOAP endpoint that could allow an unauthenticated remote attacker to perform DLL injection and execute arbitrary code in the context of the affected application process.

Code Injection

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)

CVE-2023-44081 7.8 - High - October 10, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)

CVE-2023-44082 7.8 - High - October 10, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)

CVE-2023-44083 7.8 - High - October 10, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)

CVE-2023-44084 7.8 - High - October 10, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)

CVE-2023-44085 7.8 - High - October 10, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)

CVE-2023-44086 7.8 - High - October 10, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)

CVE-2023-44087 7.8 - High - October 10, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in SINEC NMS (All versions < V2.0)

CVE-2023-44315 5.4 - Medium - October 10, 2023

A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could prepare a stored cross-site scripting (XSS) attack that may lead to unintentional modification of application data by legitimate users.

XSS

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)

CVE-2023-45204 7.8 - High - October 10, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a type confusion vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21268)

Incorrect Type Conversion or Cast

A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262)

CVE-2023-45601 7.8 - High - October 10, 2023

A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262), Parasolid V35.1 (All versions < V35.1.250), Parasolid V36.0 (All versions < V36.0.169), Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a stack overflow vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21290)

Memory Corruption

A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q3)

CVE-2023-38557 7.8 - High - September 14, 2023

A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q3). The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

Incorrect Permission Assignment for Critical Resource

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions)

CVE-2023-38558 5.5 - Medium - September 14, 2023

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration Console) V4.0 Update 1 (All versions). The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems.

Exposure of Resource to Wrong Sphere

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38076 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21041)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008)

CVE-2023-41846 7.8 - High - September 12, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to memory corruption while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.

Buffer Overflow

A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.260)

CVE-2023-41033 7.8 - High - September 12, 2023

A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.260), Parasolid V35.1 (All versions < V35.1.246), Parasolid V36.0 (All versions < V36.0.156), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21266)

Memory Corruption

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258)

CVE-2023-41032 7.8 - High - September 12, 2023

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All versions < V36.0.142), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21263)

Memory Corruption

A vulnerability has been identified in QMS Automotive (All versions < V12.39)

CVE-2023-40732 3.9 - Low - September 12, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application does not invalidate the session token on logout. This could allow an attacker to perform session hijacking attacks.

Insufficient Session Expiration

A vulnerability has been identified in QMS Automotive (All versions < V12.39)

CVE-2023-40731 8.8 - High - September 12, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application allows users to upload arbitrary file types. This could allow an attacker to upload malicious files, that could potentially lead to code tampering.

Unrestricted File Upload

A vulnerability has been identified in QMS Automotive (All versions < V12.39)

CVE-2023-40730 8.8 - High - September 12, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application lacks sufficient authorization checks. This could allow an attacker to access confidential information, perform administrative functions, or lead to a denial-of-service condition.

Authorization

A vulnerability has been identified in QMS Automotive (All versions < V12.39)

CVE-2023-40729 7.4 - High - September 12, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application lacks security control to prevent unencrypted communication without HTTPS. An attacker who managed to gain machine-in-the-middle position could manipulate, or steal confidential information.

Cleartext Transmission of Sensitive Information

A vulnerability has been identified in QMS Automotive (All versions < V12.39)

CVE-2023-40728 7.8 - High - September 12, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application stores sensitive application data in an external insecure storage. This could allow an attacker to alter content, leading to arbitrary code execution or denial-of-service condition.

Insecure Storage of Sensitive Information

A vulnerability has been identified in QMS Automotive (All versions < V12.39)

CVE-2023-40727 7.8 - High - September 12, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application uses weak outdated application signing mechanism. This could allow an attacker to tamper the application code.

Improper Verification of Cryptographic Signature

A vulnerability has been identified in QMS Automotive (All versions < V12.39)

CVE-2023-40725 4 - Medium - September 12, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application returns inconsistent error messages in response to invalid user credentials during login session. This allows an attacker to enumerate usernames, and identify valid usernames.

Generation of Error Message Containing Sensitive Information

A vulnerability has been identified in QMS Automotive (All versions < V12.39)

CVE-2023-40726 8.8 - High - September 12, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application server responds with sensitive information about the server. This could allow an attacker to directly access the database.

Server-generated Error Message Containing Sensitive Information

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38070 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20818)

Memory Corruption

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38071 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20824)

Memory Corruption

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38072 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20825)

Memory Corruption

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38074 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20840)

Object Type Confusion

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38075 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20842)

Dangling pointer

A vulnerability has been identified in QMS Automotive (All versions < V12.39)

CVE-2023-40724 7.3 - High - September 12, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). User credentials are found in memory as plaintext. An attacker could perform a memory dump, and get access to credentials, and use it for impersonation.

Cleartext Storage of Sensitive Information in Memory

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38073 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20826)

Object Type Confusion

efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets

CVE-2023-39950 5.2 - Medium - August 14, 2023

efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into `bg_setenv`) or programs using `libebgenv`. This is triggered when the affected components try to modify a manipulated environment, in particular its user variables. Furthermore, `bg_printenv` may crash over invalid read accesses or report invalid results. Not affected by this issue is EFI Boot Guard's bootloader EFI binary. EFI Boot Guard release v0.15 contains required patches to sanitize and validate the bootloader environment prior to processing it in userspace. Its library and tools should be updated, so should programs statically linked against it. An update of the bootloader EFI executable is not required. The only way to prevent the issue with an unpatched EFI Boot Guard version is to avoid accesses to user variables, specifically modifications to them.

Improper Input Validation

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4)

CVE-2023-37372 9.8 - Critical - August 08, 2023

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote attackers to execute arbitrary SQL queries on the server database.

SQL Injection

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4)

CVE-2023-27411 8.8 - High - August 08, 2023

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges.

SQL Injection

A vulnerability has been identified in JT Open (All versions < V11.4)

CVE-2023-30795 7.8 - High - August 08, 2023

A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4), Parasolid V34.0 (All versions < V34.0.253), Parasolid V34.1 (All versions < V34.1.243), Parasolid V35.0 (All versions < V35.0.177), Parasolid V35.1 (All versions < V35.1.073). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258)

CVE-2023-38532 5.5 - Medium - August 08, 2023

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition.

Allocation of Resources Without Limits or Throttling

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258)

CVE-2023-38528 7.8 - High - August 08, 2023

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.197), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted X_T file. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258)

CVE-2023-38527 7.8 - High - August 08, 2023

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258)

CVE-2023-38531 7.8 - High - August 08, 2023

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258)

CVE-2023-38530 7.8 - High - August 08, 2023

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.