Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Simatic_pcs_neo
(Siemens)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-11-14 | CVE-2023-46098 | A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). When accessing the Information Server from affected products, the products use an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior. | Simatic_pcs_neo | 8.8 | ||
| 2023-11-14 | CVE-2023-46099 | A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). There is a stored cross-site scripting vulnerability in the Administration Console of the affected product, that could allow an attacker with high privileges to inject Javascript code into the application that is later executed by another legitimate user. | Simatic_pcs_neo | 4.8 | ||
| 2023-09-14 | CVE-2023-38558 | A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration Console) V4.0 Update 1 (All versions). The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems. | Simatic_pcs_neo | 5.5 | ||
| 2020-06-10 | CVE-2020-7580 | A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All... | Simatic_automatic_tool, Simatic_net_pc, Simatic_pcs_7, Simatic_pcs_neo, Simatic_prosave, Simatic_s7\-1500_software_controller, Simatic_step_7, Simatic_wincc, Simatic_wincc_open_architecture, Simatic_wincc_runtime_advanced, Simatic_wincc_runtime_professional, Sinamics_startdrive, Sinamics_starter_commissioning_tool, Sinec_network_management_system, Sinema_server, Sinumerik_one_virtual, Sinumerik_operate | 6.7 | ||
| 2020-07-14 | CVE-2020-7581 | A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16... | Opcenter_execution_discrete, Opcenter_execution_foundation, Opcenter_execution_process, Opcenter_intelligence, Opcenter_quality, Opcenter_rd\&l, Simatic_notifier_server, Simatic_pcs_neo, Simatic_step_7, Simocode_es, Soft_starter_es | 6.7 | ||
| 2020-07-14 | CVE-2020-7587 | A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC... | Opcenter_execution_discrete, Opcenter_execution_foundation, Opcenter_execution_process, Opcenter_intelligence, Opcenter_quality, Opcenter_rd\&l, Simatic_it_lms, Simatic_it_production_suite, Simatic_notifier_server, Simatic_pcs_neo, Simatic_step_7, Simocode_es, Soft_starter_es | 8.2 | ||
| 2020-07-14 | CVE-2020-7588 | A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC... | Opcenter_execution_discrete, Opcenter_execution_foundation, Opcenter_execution_process, Opcenter_intelligence, Opcenter_quality, Opcenter_rd\&l, Simatic_it_lms, Simatic_it_production_suite, Simatic_notifier_server, Simatic_pcs_neo, Simatic_step_7, Simocode_es, Soft_starter_es | 5.3 | ||
| 2021-06-16 | CVE-2021-20093 | A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server. | Pss_cape, Sicam_230_firmware, Simatic_information_server, Simatic_pcs_neo, Simatic_process_historian, Simatic_wincc_oa, Simit_simulation_platform, Sinec_infrastructure_network_services, Sinema_remote_connect_server, Codemeter | 9.1 | ||
| 2022-04-12 | CVE-2022-27194 | A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit this vulnerability to cause a Denial-of-Service condition. The affected devices must be restarted manually. | Simatic_pcs_neo, Sinetplan, Totally_integrated_automation_portal | 7.5 | ||
| 2021-11-14 | CVE-2021-41057 | In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions. | Pss_cape, Pss_e, Pss_odms, Sicam_230, Simatic_information_server, Simatic_pcs_neo, Simatic_process_historian, Simatic_wincc_oa, Simit, Codemeter_runtime | 7.1 |