Siemens
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Siemens product.
Products by Siemens Sorted by Most Security Vulnerabilities since 2018
Known Exploited Siemens Vulnerabilities
The following Siemens vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
Title | Description | Added |
---|---|---|
Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability | An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service. CVE-2016-8562 | March 3, 2022 |
By the Year
In 2024 there have been 129 vulnerabilities in Siemens with an average score of 7.5 out of ten. Last year Siemens had 184 security vulnerabilities published. Right now, Siemens is on track to have less security vulnerabilities in 2024 than it did last year. Last year, the average CVE base score was greater by 0.11
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 129 | 7.50 |
2023 | 184 | 7.61 |
2022 | 209 | 7.41 |
2021 | 305 | 7.16 |
2020 | 66 | 6.81 |
2019 | 116 | 7.73 |
2018 | 24 | 7.28 |
It may take a day or so for new Siemens vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Siemens Security Vulnerabilities
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions < V3.1.2.1 with redundancy configured)
CVE-2024-44102
10 - Critical
- November 12, 2024
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000 V3.1 (6NH9910-0AA31-0AD1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 32 to 64 V3.1 (6NH9910-0AA31-0AF1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 64 to 256 V3.1 (6NH9910-0AA31-0AC1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 8 to 32 V3.1 (6NH9910-0AA31-0AB1) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 1000 V3.1 (6NH9910-0AA31-0AD0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 256 V3.1 (6NH9910-0AA31-0AC0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 32 V3.1 (6NH9910-0AA31-0AF0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 5000 V3.1 (6NH9910-0AA31-0AE0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 64 V3.1 (6NH9910-0AA31-0AB0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 8 V3.1 (6NH9910-0AA31-0AA0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic Serv Upgr (6NH9910-0AA31-0GA1) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic Upgr V3.1 (6NH9910-0AA31-0GA0) (All versions < V3.1.2.1 with redundancy configured). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted serialized object. This could allow the attacker to execute arbitrary code on the device with SYSTEM privileges.
Marshaling, Unmarshaling
Solid Edge SE2024 DLL Hijacking Vulnerability
CVE-2024-47942
7.3 - High
- November 12, 2024
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications suffer from a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system.
DLL preloading
Solid Edge SE2024 Out-of-Bounds Read Vulnerability in PAR File Parsing
CVE-2024-47941
7.8 - High
- November 12, 2024
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
Out-of-bounds Read
Solid Edge SE2024 Out-of-Bounds Read Vulnerability in PSM File Parsing
CVE-2024-47940
7.8 - High
- November 12, 2024
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attacker to execute code in the context of the current process.
Out-of-bounds Read
SINEC NMS Database Function Arbitrary File Write Vulnerability
CVE-2024-47808
6.5 - Medium
- November 12, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an authenticated medium-privileged attacker to write arbitrary content to any location in the filesystem of the host system.
Incorrect Permission Assignment for Critical Resource
SIMATIC CP 1543-1 V4.0 Authorization Bypass Vulnerability
CVE-2024-50310
7.5 - High
- November 12, 2024
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem.
AuthZ
A vulnerability has been identified in SIPORT (All versions < V3.4.0)
CVE-2024-47783
7.8 - High
- November 12, 2024
A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated privileges.
Incorrect Permission Assignment for Critical Resource
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3)
CVE-2024-46892
8.1 - High
- November 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or their permissions are modified. This could allow an authenticated attacker to continue performing malicious actions even after their user account has been disabled.
Insufficient Session Expiration
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3)
CVE-2024-46890
9.1 - Critical
- November 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privileges on the application to execute arbitrary code on the underlying OS.
Shell injection
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3)
CVE-2024-46889
5.3 - Medium
- November 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files.
Use of Hard-coded Cryptographic Key
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3)
CVE-2024-46888
9.9 - Critical
- November 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device.
Directory traversal
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45464
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Out-of-bounds Read
A vulnerability has been identified in JT2Go (All versions < V2406.0003)
CVE-2024-41902
7.8 - High
- October 08, 2024
A vulnerability has been identified in JT2Go (All versions < V2406.0003). The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3)
CVE-2024-47194
7.3 - High
- October 08, 2024
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vish2.exe in affected applications allows a specific DLL file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vish2.exe from a user-writable directory.
DLL preloading
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3)
CVE-2024-47195
7.3 - High
- October 08, 2024
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). gdb.exe in affected applications allows a specific executable file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch gdb.exe from a user-writable directory.
DLL preloading
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3)
CVE-2024-47196
7.3 - High
- October 08, 2024
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vsimk.exe in affected applications allows a specific tcl file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vsimk.exe from a user-writable directory.
DLL preloading
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45463
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Out-of-bounds Read
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45465
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Out-of-bounds Read
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45466
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Out-of-bounds Read
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45467
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Buffer Overflow
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45469
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)
CVE-2024-47563
5.3 - Medium
- October 08, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate a file path that is supplied to an endpoint intended to create CSR files. This could allow an unauthenticated remote attacker to create files in writable directories outside the intended location and thus compromise integrity of files in those writable directories.
Directory traversal
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)
CVE-2024-47562
8.8 - High
- October 08, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly neutralize special elements in user input to the ```ssmctl-client``` command. This could allow an authenticated, lowly privileged local attacker to execute privileged commands in the underlying OS.
Command Injection
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)
CVE-2024-47553
9.9 - Critical
- October 08, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate user input to the ```ssmctl-client``` command. This could allow an authenticated, lowly privileged remote attacker to execute arbitrary code with root privileges on the underlying OS.
Argument Injection
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45476
3.3 - Low
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted WRL files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
NULL Pointer Dereference
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45475
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
Buffer Overflow
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)
CVE-2024-47565
4.3 - Medium
- October 08, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate that user input complies with a list of allowed values. This could allow an authenticated remote attacker to compromise the integrity of the configuration of the affected application.
Allowlist / Allow List
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45474
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
Buffer Overflow
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45473
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
Buffer Overflow
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45472
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
Buffer Overflow
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45471
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45468
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Buffer Overflow
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016)
CVE-2024-45470
7.8 - High
- October 08, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages
CVE-2024-34057
7.5 - High
- September 18, 2024
Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages. The resulting buffer overflow can cause a crash, resulting in a denial of service.
Classic Buffer Overflow
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2)
CVE-2024-42344
5.5 - Medium
- September 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimate users of the underlying system. This could allow an authenticated attacker to compromise the confidentiality of other users' configuration data.
Insertion of Sensitive Information into Log File
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2)
CVE-2024-42345
4.3 - Medium
- September 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2). The affected application does not properly handle user session establishment and invalidation. This could allow a remote attacker to circumvent the additional multi factor authentication for user session establishment.
Session Fixation
A vulnerability has been identified in SINEC NMS (All versions < V3.0)
CVE-2024-36398
7.8 - High
- August 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.
Execution with Unnecessary Privileges
A vulnerability has been identified in Location Intelligence family (All versions < V4.4)
CVE-2024-41681
7.5 - High
- August 13, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connection between legitimate clients and the affected device.
Inadequate Encryption Strength
A vulnerability has been identified in Location Intelligence family (All versions < V4.4)
CVE-2024-41682
5.3 - Medium
- August 13, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated remote attacker to conduct brute force attacks against legitimate user passwords.
Improper Restriction of Excessive Authentication Attempts
A vulnerability has been identified in Location Intelligence family (All versions < V4.4)
CVE-2024-41683
5.3 - Medium
- August 13, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce a strong user password policy. This could facilitate a brute force attack against legitimate user passwords.
Weak Password Requirements
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0)
CVE-2024-41903
7.2 - High
- August 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application mounts the container's root filesystem with read and write privileges. This could allow an attacker to alter the container's filesystem leading to unauthorized modifications and data corruption.
Improper Privilege Management
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0)
CVE-2024-41904
7.5 - High
- August 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated attacker to conduct brute force attacks against legitimate user credentials or keys.
Improper Restriction of Excessive Authentication Attempts
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0)
CVE-2024-41905
6.5 - Medium
- August 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege's to get access to sensitive information.
Authorization
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0)
CVE-2024-41906
6.5 - Medium
- August 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache.
Use of Cache Containing Sensitive Information
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0)
CVE-2024-41907
5.4 - Medium
- August 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack.
Improperly Implemented Security Check for Standard
A vulnerability has been identified in SINEC NMS (All versions < V3.0)
CVE-2024-41938
3.8 - Low
- August 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on.
Directory traversal
A vulnerability has been identified in SINEC NMS (All versions < V3.0)
CVE-2024-41939
8.8 - High
- August 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application.
AuthZ
A vulnerability has been identified in SINEC NMS (All versions < V3.0)
CVE-2024-41940
9.1 - Critical
- August 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privileges.
A vulnerability has been identified in SINEC NMS (All versions < V3.0)
CVE-2024-41941
4.3 - Medium
- August 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization.
AuthZ
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions)
CVE-2024-38877
8.8 - High
- August 02, 2024
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Security Server R9.2 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected devices stores initial system credentials without sufficient protection. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network.
Cleartext Storage of Sensitive Information
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions)
CVE-2024-38879
9.8 - Critical
- August 02, 2024
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system exposes the port of an internal application on the public network interface allowing an attacker to circumvent authentication and directly access the exposed application.
Improper Input Validation
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions)
CVE-2024-38876
7.8 - High
- August 02, 2024
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges.
Files or Directories Accessible to External Parties
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions)
CVE-2024-38878
6.5 - Medium
- August 02, 2024
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). Affected devices allow authenticated users to export diagnostics data. The corresponding API endpoint is susceptible to path traversal and could allow an authenticated attacker to download arbitrary files from the file system.
Directory traversal
A vulnerability has been identified in Simcenter Femap (All versions < V2406)
CVE-2024-32056
7.8 - High
- July 09, 2024
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted IGS part file. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
A vulnerability has been identified in Simcenter Femap (All versions < V2406)
CVE-2024-33653
7.8 - High
- July 09, 2024
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process.
Out-of-bounds Read
A vulnerability has been identified in Simcenter Femap (All versions < V2406)
CVE-2024-33654
7.8 - High
- July 09, 2024
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process.
Out-of-bounds Read
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39865
8.8 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path of the restored file. This could allow an attacker with access to the backup encryption key to upload malicious files, that could potentially lead to remote code execution.
Unrestricted File Upload
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39866
8.8 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. This could allow an attacker with access to the backup encryption key and with the right to upload backup files to create a user with administrative privileges.
Privilege Defined With Unsafe Actions
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39867
7.3 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to access and edit device configuration information of devices for which they have no privileges.
forced browsing
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39868
7.3 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to access and edit VxLAN configuration information of networks for which they have no privileges.
forced browsing
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39869
6.5 - Medium
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected products allow to upload certificates. An authenticated attacker could upload a crafted certificates leading to a permanent denial-of-service situation. In order to recover from such an attack, the offending certificate needs to be removed manually.
Improper Check for Unusual or Exceptional Conditions
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39870
7.8 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected applications can be configured to allow users to manage own users. A local authenticated user with this privilege could use this modify users outside of their own scope as well as to escalate privileges.
Client-Side Enforcement of Server-Side Security
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39872
9.9 - Critical
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly assign rights to temporary files created during its update process. This could allow an authenticated attacker with the 'Manage firmware updates' role to escalate their privileges on the underlying OS level.
Creation of Temporary File With Insecure Permissions
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39873
7.5 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its web API. This could allow an attacker to learn user credentials that are vulnerable to brute force attacks.
Improper Restriction of Excessive Authentication Attempts
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39874
7.5 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its Client Communication component. This could allow an attacker to learn user credentials that are vulnerable to brute force attacks.
Improper Restriction of Excessive Authentication Attempts
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1)
CVE-2024-39568
7.8 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading proxy configurations. This could allow an authenticated local attacker to execute arbitrary code with system privileges.
Command Injection
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1)
CVE-2024-39569
7.2 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading VPN configurations. This could allow an administrative remote attacker running a corresponding SINEMA Remote Connect Server to execute arbitrary code with system privileges on the client system.
Command Injection
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1)
CVE-2024-39570
8.8 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading VxLAN configurations. This could allow an authenticated attacker to execute arbitrary code with root privileges.
Command Injection
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1)
CVE-2024-39571
8.8 - High
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading SNMP configurations. This could allow an attacker with the right to modify the SNMP configuration to execute arbitrary code with root privileges.
Command Injection
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39871
5.4 - Medium
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly separate the rights to edit device settings and to edit settings for communication relations. This could allow an authenticated attacker with the permission to manage devices to gain access to participant groups that the attacked does not belong to.
AuthZ
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39875
4.3 - Medium
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows authenticated, low privilege users with the 'Manage own remote connections' permission to retrieve details about other users and group memberships.
Incorrect Permission Assignment for Critical Resource
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)
CVE-2024-39876
4 - Medium
- July 09, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly handle log rotation. This could allow an unauthenticated remote attacker to cause a denial of service condition through resource exhaustion on the device.
Allocation of Resources Without Limits or Throttling
A vulnerability has been identified in Medicalis Workflow Orchestrator (All versions)
CVE-2024-37999
7.8 - High
- July 08, 2024
A vulnerability has been identified in Medicalis Workflow Orchestrator (All versions). The affected application executes as a trusted account with high privileges and network access. This could allow an authenticated local attacker to escalate privileges.
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2)
CVE-2024-35206
8.8 - High
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application does not expire the session. This could allow an attacker to get unauthorized access.
Insufficient Session Expiration
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2)
CVE-2024-35207
7.8 - High
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.
Session Riding
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2)
CVE-2024-35208
5.5 - Medium
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server stored the password in cleartext. This could allow attacker in a privileged position to obtain access passwords.
Insufficiently Protected Credentials
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2)
CVE-2024-35209
7.5 - High
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server is allowing HTTP methods like PUT and Delete. This could allow an attacker to modify unauthorized files.
Exposed Dangerous Method or Function
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2)
CVE-2024-35210
7.5 - High
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server is not enforcing HSTS. This could allow an attacker to perform downgrade attacks exposing confidential information.
Cleartext Transmission of Sensitive Information
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2)
CVE-2024-35211
6.5 - Medium
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as Secure, HttpOnly, or SameSite).
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2)
CVE-2024-35212
7.5 - High
- June 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application lacks input validation due to which an attacker can gain access to the Database entries.
Improper Input Validation
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2)
CVE-2022-32257
9.8 - Critical
- March 12, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resources and potentially lead to code execution.
Authorization
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8)
CVE-2024-22039
9.8 - Critical
- March 12, 2024
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.6602), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions < V3.2.6601), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.2.5015), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions < MP8), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions < MP6 SR3), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions < MP7 SR5), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions < V3.0.6602), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.0.5016), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions < V3.2.6601), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.2.5015), Sinteso Mobile (All versions < V3.0.0). The network communication library in affected systems does not validate the length of certain X.509 certificate attributes which might result in a stack-based buffer overflow. This could allow an unauthenticated remote attacker to execute code on the underlying operating system with root privileges.
Classic Buffer Overflow
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1)
CVE-2024-22045
6.5 - Medium
- March 12, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1). The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product.
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000)
CVE-2024-24922
7.8 - High
- February 13, 2024
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21715)
Memory Corruption
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000), Simcenter Femap (All versions < V2306.0001)
CVE-2024-24923
7.8 - High
- February 13, 2024
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000), Simcenter Femap (All versions < V2306.0001). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22055)
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000)
CVE-2024-24924
7.8 - High
- February 13, 2024
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22059)
Memory Corruption
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000)
CVE-2024-24925
7.8 - High
- February 13, 2024
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-22060)
Access of Uninitialized Pointer
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)
CVE-2024-23803
7.8 - High
- February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)
CVE-2024-23804
7.8 - High
- February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted PSOBJ files. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)
CVE-2024-23795
7.8 - High
- February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)
CVE-2024-23796
7.8 - High
- February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)
CVE-2024-23797
7.8 - High
- February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)
CVE-2024-23798
7.8 - High
- February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Memory Corruption
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)
CVE-2024-23799
5.5 - Medium
- February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
NULL Pointer Dereference
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)
CVE-2024-23800
5.5 - Medium
- February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
NULL Pointer Dereference
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)
CVE-2024-23801
5.5 - Medium
- February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
NULL Pointer Dereference
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)
CVE-2024-23802
7.8 - High
- February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.
Out-of-bounds Read
A vulnerability has been identified in Polarion ALM (All versions < V2404.0)
CVE-2024-23813
9.8 - Critical
- February 13, 2024
A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The REST API endpoints of doorsconnector of the affected product lacks proper authentication. An unauthenticated attacker could access the endpoints, and potentially execute code.
authentification
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1)
CVE-2024-23812
8.8 - High
- February 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application incorrectly neutralizes special elements when creating a report which could lead to command injection.
Shell injection
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1)
CVE-2024-23811
8.8 - High
- February 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, that could potentially lead to remote code execution.
Unrestricted File Upload