Siemens Simatic Information Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Siemens Simatic Information Server.
By the Year
In 2025 there have been 0 vulnerabilities in Siemens Simatic Information Server. Last year, in 2024 Simatic Information Server had 1 security vulnerability published. Right now, Simatic Information Server is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 1 | 9.80 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 2 | 8.10 |
It may take a day or so for new Simatic Information Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Siemens Simatic Information Server Security Vulnerabilities
Siemens Opcenter/PCS neo/TIA Portal Heap Overflow in UMC (CVE-2024-33698)
CVE-2024-33698
9.8 - Critical
- September 10, 2024
A vulnerability has been identified in Opcenter Quality (All versions < V2406), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions < V3.2 SP3), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 5), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 3). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.
Heap-based Buffer Overflow
In WIBU CodeMeter Runtime before 7.30a
CVE-2021-41057
7.1 - High
- November 14, 2021
In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions.
insecure temporary file
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a
CVE-2021-20093
9.1 - Critical
- June 16, 2021
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.
Out-of-bounds Read
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Siemens Simatic Information Server or by Siemens? Click the Watch button to subscribe.
