Siemens Solid Edge, JT2Go, and Teamcenter Visualization
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, JT2Go, and Teamcenter Visualization Vulnerabilities: Use After Free, Out-of-bounds Read, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could all…
Siemens OpenSSL RSA Decryption in SIMATIC
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC, SIPLUS Vulnerability: Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to recover the product’s connection secret. 3. T…
Siemens Parasolid and Teamcenter Visualization
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Parasolid and Teamcenter Visualization Vulnerabilities: NULL Pointer Dereference, Out-of-bounds Read, Out-of-bounds Write, Allocation of Resources without Limits or Throttling 2. RISK EVALUATION An attack…
Siemens JT Open, JT Utilities, and Parasolid
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT Open, JT Utilities, and Parasolid Vulnerabilities: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code in the context of…
Siemens Solid Edge SE2023
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to crash the application or execute ar…
Resource Allocation in Siemens RUGGEDCOM
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM Vulnerability: Allocation of Resources without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized attack…
Siemens RUGGEDCOM CROSSBOW
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM CROSSBOW Vulnerabilities: Out-of-bounds Read, Improper Privilege Management, SQL Injection, Missing Authentication for Critical Function 2. RISK EVALUATION Successful …
Siemens Parasolid Installer
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Parasolid Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to misuse the vulnerability an…
Schneider Electric IGSS
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: low attack complexity Vendor: Schneider Electric Equipment: IGSS (Interactive Graphical SCADA System) Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execut…
Hitachi Energy RTU500 series
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a buffer overflow and reboot of…