Siemens Simatic Wincc Runtime Advanced vulnerabilities
17 known vulnerabilities affecting siemens/simatic_wincc_runtime_advanced.
Total CVEs
17
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH12MEDIUM3LOW1
Vulnerabilities
Page 1 of 1
CVE-2025-30033HIGHCVSS 8.5fixed in V17 Update 92025-08-12
CVE-2025-30033 [HIGH] CWE-427 CVE-2025-30033: The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute
The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.
cvelistv5nvd
CVE-2023-30756HIGHCVSS 8.2vAll versions2024-09-10
CVE-2023-30756 [HIGH] CWE-476 CVE-2023-30756: A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions <
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All vers
cvelistv5nvd
CVE-2023-28827HIGHCVSS 8.2vAll versions2024-09-10
CVE-2023-28827 [HIGH] CWE-476 CVE-2023-28827: A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions <
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All vers
cvelistv5nvd
CVE-2023-30755MEDIUMCVSS 5.9vAll versions2024-09-10
CVE-2023-30755 [MEDIUM] CWE-476 CVE-2023-30755: A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions <
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All ve
cvelistv5nvd
CVE-2023-46280HIGHCVSS 8.2fixed in V17 Update 82024-05-14
CVE-2023-46280 [HIGH] CWE-125 CVE-2023-46280: A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Aut
A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMAT
cvelistv5nvd
CVE-2022-30694LOWCVSS 3.5vAll versions < V17 Update 52022-11-08
CVE-2022-30694 [MEDIUM] CWE-352 CVE-2022-30694: The login endpoint /FormLogin in affected web services does not apply proper origin checking.
Thi
The login endpoint /FormLogin in affected web services does not apply proper origin checking.
This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
cvelistv5nvd
CVE-2021-27384CRITICALCVSS 9.8fixed in 16v16+2 more2021-05-12
CVE-2021-27384 [CRITICAL] CWE-788 CVE-2021-27384: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPL
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6),
nvd
CVE-2021-25662HIGHCVSS 7.5fixed in 16v16+2 more2021-05-12
CVE-2021-25662 [HIGH] CWE-755 CVE-2021-25662: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPL
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIM
nvd
CVE-2021-25661HIGHCVSS 7.5fixed in 16v16+2 more2021-05-12
CVE-2021-25661 [HIGH] CWE-788 CVE-2021-25661: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPL
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIM
nvd
CVE-2021-27385HIGHCVSS 7.5fixed in 16v16+2 more2021-05-12
CVE-2021-27385 [HIGH] CWE-400 CVE-2021-27385: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPL
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIM
nvd
CVE-2021-27383HIGHCVSS 7.5fixed in 16v16+2 more2021-05-12
CVE-2021-27383 [HIGH] CWE-770 CVE-2021-27383: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPL
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIM
nvd
CVE-2021-27386HIGHCVSS 7.5fixed in 16v16+2 more2021-05-12
CVE-2021-27386 [HIGH] CWE-401 CVE-2021-27386: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPL
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIM
nvd
CVE-2021-25660HIGHCVSS 7.5fixed in 16v16+2 more2021-05-12
CVE-2021-25660 [HIGH] CWE-788 CVE-2021-25660: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPL
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIM
nvd
CVE-2020-7580MEDIUMCVSS 6.7vAll versions < V16 Update 22020-06-10
CVE-2020-7580 [MEDIUM] CWE-428 CVE-2020-7580: A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Softwa
cvelistv5nvd
CVE-2019-10929MEDIUMCVSS 5.9vAll versions < V162019-08-13
CVE-2019-10929 [MEDIUM] CWE-327 CVE-2019-10929: A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Control
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versio
cvelistv5nvd
CVE-2019-6575HIGHCVSS 7.5vAll versions < V15.1 Upd 42019-04-17
CVE-2019-6575 [HIGH] CWE-248 CVE-2019-6575: A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions = V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanc
cvelistv5nvd
CVE-2019-6568HIGHCVSS 7.5fixed in 15.1v15.1+1 more2019-04-17
CVE-2019-6568 [HIGH] CWE-125 CVE-2019-6568: The webserver of the affected devices contains a vulnerability that may lead to
a denial of service
The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploita
cvelistv5nvd