siemens

2,361 tracked vulnerabilities.

CVE-2026-22923 HIGH
Siemens NX < 2512.0 - Stack-based Buffer Overflow in PDF Export
Feb 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-24858 CRITICAL KEV
Fortinet FortiAnalyzer 7.0.0-7.0.15, 7.2.0-7.2.11, 7.4.0-7.4.9, 7.6.0-7.6.5 - Authentication Bypass via FortiCloud SSO
Jan 27, 2026
CVSS 9.8
EPSS 0.86
CVE-2025-40808 MEDIUM
Siemens Siprotec 5 6MD84 (CP300) - Unrestricted Upload of File with Dangerous Type
Jun 09, 2026
CVSS 6.1
EPSS 0.00
CVE-2025-12659 HIGH
Heap-based buffer overflow in Siemens Simcenter Femap
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-40949 CRITICAL
Siemens Ruggedcom Rox MX5000 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
May 12, 2026
CVSS 9.1
EPSS 0.01
CVE-2025-40948 MEDIUM
Siemens Ruggedcom Rox MX5000 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
May 12, 2026
CVSS 6.8
EPSS 0.00
CVE-2025-40947 HIGH
Siemens Ruggedcom Rox MX5000 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
May 12, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-40946 HIGH
Siemens blueplanet - Use of Hard-coded Cryptographic Key for Technical Service Credentials
May 12, 2026
CVSS 8.3
EPSS 0.00
CVE-2025-40833 HIGH
Siemens SCALANCE and RUGGEDCOM Devices < V8.3 - Denial of Service via Crafted IPv4 Request
May 12, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-40745 LOW
Siemens Software Center <V3.5.8.2 - Auth Bypass
Apr 14, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-40943 CRITICAL
SIMATIC S7-1500 Software Controller CPU 1507S F V4 - Authenticated Code Injection via Crafted Trace File Import
Mar 10, 2026
CVSS 9.6
EPSS 0.00
CVE-2025-40944 HIGH
SIMATIC ET 200AL IM 157-1 PN - Denial of Service via S7 Protocol Disconnect Request
Jan 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-40942 HIGH
TeleControl Server Basic < 3.1.2.4 - Local Privilege Escalation
Jan 13, 2026
CVSS 8.8
EPSS 0.00
CVE-2025-40805 CRITICAL
Siemens Industrial Edge Cloud Device and Device Kit - Authentication Bypass
Jan 13, 2026
CVSS 10.0
EPSS 0.01
CVE-2025-40829 HIGH
Simcenter Femap < 2512.0000 - Remote Code Execution via SLDPRT File Parsing
Dec 12, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-59718 CRITICAL KEV
Fortinet FortiOS/FortiProxy/FortiSwitchManager SAML Signature Verification Bypass
Dec 09, 2025
CVSS 9.8
EPSS 0.66
CVE-2025-40941 MEDIUM
SIMATIC CN 4100 < 4.0.1 - Information Exposure via Server Response Headers
Dec 09, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-40940 MEDIUM
SIMATIC CN 4100 < 4.0.1 - Exposure of Sensitive Information via SNMP Inconsistencies
Dec 09, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-40939 MEDIUM
SIMATIC CN 4100 < 4.0.1 - Unauthenticated Denial of Service via USB Port
Dec 09, 2025
CVSS 4.6
EPSS 0.00
CVE-2025-40938 HIGH
SIMATIC CN 4100 < 4.0.1 - Use of Hard-coded Credentials
Dec 09, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-40937 HIGH
SIMATIC CN 4100 < 4.0.1 - Authenticated Command Injection via REST API
Dec 09, 2025
CVSS 8.3
EPSS 0.01
CVE-2025-40935 MEDIUM
RUGGEDCOM -<V5.10.1 - Info Disclosure
Dec 09, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-40831 MEDIUM
SINEC Security Monitor < 4.10.0 - Authenticated Denial of Service via Report Generation Date Parameter
Dec 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-40830 MEDIUM
SINEC Security Monitor < 4.10.0 - Authenticated Arbitrary File Read and Write via ssmctl-client File Transfer
Dec 09, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-40820 HIGH
TCP Sequence Number Validation - DoS
Dec 09, 2025
CVSS 7.5
EPSS 0.00