Siemens Simatic Wincc Oa vulnerabilities

5 known vulnerabilities affecting siemens/simatic_wincc_oa.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2022-44731MEDIUMCVSS 5.4v3.15v3.16+2 more2022-12-13
CVE-2022-44731 [MEDIUM] CWE-88 CVE-2022-44731: A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions < V3.15 P038), SIMATIC W A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions < V3.15 P038), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035), SIMATIC WinCC OA V3.17 (All versions < V3.17 P024), SIMATIC WinCC OA V3.18 (All versions < V3.18 P014). The affected component allows to inject custom arguments to the Ultralight Client backend application und
nvd
CVE-2021-41057HIGHCVSS 7.1≤ 3.182021-11-14
CVE-2021-41057 [HIGH] CWE-59 CVE-2021-41057: In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite th In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions.
nvd
CVE-2021-20093CRITICALCVSS 9.1v3.17v3.182021-06-16
CVE-2021-20093 [CRITICAL] CWE-125 CVE-2021-20093: A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticat A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.
nvd
CVE-2019-10929MEDIUMCVSS 5.9vAll versions < V3.16 P0132019-08-13
CVE-2019-10929 [MEDIUM] CWE-327 CVE-2019-10929: A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Control A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versio
cvelistv5nvd
CVE-2019-6575HIGHCVSS 7.5fixed in 3.15-p018vAll versions < V3.15 P0182019-04-17
CVE-2019-6575 [HIGH] CWE-248 CVE-2019-6575: A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions = V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanc
cvelistv5nvd