siemens

2,361 tracked vulnerabilities.

CVE-2025-30176 HIGH
Siemens SIMATIC PCS neo SINEC NMS SINEMA Remote Connect TIA Portal UMC - Out-of-bounds Read
May 13, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-30175 HIGH
SIMATIC PCS neo <V4.1, V5.0 - Info Disclosure
May 13, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-30174 HIGH
SIMATIC PCS neo <V4.1, V5.0 - Info Disclosure
May 13, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-26390 CRITICAL
Siemens OZW672 and OZW772 Firmware < 6.0 - Unauthenticated SQL Injection in Authentication Check
May 13, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-26389 CRITICAL
Siemens OZW672 and OZW772 Firmware < 8.0 - Unauthenticated Remote Code Execution via exportDiagramPage Endpoint
May 13, 2025
CVSS 10.0
EPSS 0.01
CVE-2025-24510 MEDIUM
Siemens MS/TP Point Pickup Module - Denial of Service via BACnet MSTP Message Handling
May 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-24009 MEDIUM
SIRIUS 3RK3 Modular Safety System and Safety Relays 3SK2 - Unauthenticated Sensitive Information Exposure
May 13, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-24008 MEDIUM
SIRIUS 3RK3 MSS & 3SK2 - Info Disclosure
May 13, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-24007 HIGH
SIRIUS 3RK3 MSS & 3SK2 - Info Disclosure
May 13, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-29931 LOW
TeleControl Server Basic < V3.1.2.2 - Memory Corruption
Apr 17, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-32872 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via GetOverview Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32871 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via MigrateDatabase Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32870 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via GetTraces Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32869 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via ImportCertificate Method
Apr 16, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-32868 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via ExportCertificate Method
Apr 16, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-32867 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via CreateBackup Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32866 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via GetLogs Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32865 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via CreateLog Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32864 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via GetSettings Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32863 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via UnlockTraceLevelSettings Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32862 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via LockTraceLevelSettings Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32861 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via UpdateTraceLevelSettings Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32860 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via UnlockWebServerGatewaySettings Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32859 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via LockWebServerGatewaySettings Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-32858 HIGH
TeleControl Server Basic < 3.1.2.2 - Authenticated SQL Injection via UpdateWebServerGatewaySettings Method
Apr 16, 2025
CVSS 8.8
EPSS 0.01