Siemens Simatic Energy Manager Pro vulnerabilities
5 known vulnerabilities affecting siemens/simatic_energy_manager_pro.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4
Vulnerabilities
Page 1 of 1
CVE-2023-52891HIGHCVSS 7.5fixed in V7.52024-07-09
CVE-2023-52891 [HIGH] CWE-1325 CVE-2023-52891: A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.5), SIMATIC Energy Manager PRO (All versions < V7.5), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMIT V10 (All versions), SIMIT V11 (All versions < V11.1). Unified Automation .NET based OPC UA Server SDK before 3.2.2 used in Siemens products ar
cvelistv5
CVE-2023-27321HIGHCVSS 7.5fixed in V7.52024-05-07
CVE-2023-27321 [HIGH] CWE-400 CVE-2023-27321: OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability
OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handlin
nvd
CVE-2022-23450CRITICALCVSS 9.8fixed in 7.3v7.3+1 more2022-04-12
CVE-2022-23450 [CRITICAL] CWE-502 CVE-2022-23450: A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1),
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker cou
cvelistv5nvd
CVE-2022-23448HIGHCVSS 7.8fixed in 7.3v7.3+1 more2022-04-12
CVE-2022-23448 [HIGH] CWE-732 CVE-2022-23448: A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1),
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local unprivileged attacker to achieve code execution w
cvelistv5nvd
CVE-2022-23449HIGHCVSS 7.3fixed in 7.3v7.3+1 more2022-04-12
CVE-2022-23449 [HIGH] CWE-427 CVE-2022-23449: A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1),
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path.
cvelistv5nvd