Siemens Simatic Ipc547G Firmware vulnerabilities
5 known vulnerabilities affecting siemens/simatic_ipc547g_firmware.
Total CVEs
5
CISA KEV
1
actively exploited
Public exploits
2
Exploited in wild
2
Severity breakdown
CRITICAL1HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2020-0590HIGHCVSS 7.8fixed in r1.30.02020-11-12
CVE-2020-0590 [HIGH] CWE-20 CVE-2020-0590: Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated u
Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
nvd
CVE-2020-8745MEDIUMCVSS 6.8fixed in r1.30.02020-11-12
CVE-2020-8745 [MEDIUM] CVE-2020-8745: Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.8
Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
nvd
CVE-2020-0543MEDIUMCVSS 5.5fixed in r1.28.02020-06-15
CVE-2020-0543 [MEDIUM] CWE-459 CVE-2020-0543: Incomplete cleanup from specific special register read operations in some Intel(R) Processors may al
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
nvd
CVE-2018-3639MEDIUMCVSS 5.5ExploitedPoCfixed in r1.23.02018-05-22
CVE-2018-3639 [MEDIUM] CWE-203 CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory rea
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
nvd
CVE-2017-5689CRITICALCVSS 9.8KEVPoCfixed in 11.0.26.30002017-05-02
CVE-2017-5689 [CRITICAL] CWE-269 CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKU
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active
nvd