Siemens Sinumerik Mc vulnerabilities
6 known vulnerabilities affecting siemens/sinumerik_mc.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5
Vulnerabilities
Page 1 of 1
CVE-2025-40743HIGHCVSS 8.7fixed in V1.25 SP12025-08-12
CVE-2025-40743 [HIGH] CWE-288 CVE-2025-40743: A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 82
A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 828D PPU.5 (All versions < V5.25 SP1), SINUMERIK 840D sl (All versions < V4.95 SP5), SINUMERIK MC (All versions < V1.25 SP1), SINUMERIK MC V1.15 (All versions < V1.15 SP5), SINUMERIK ONE (All versions < V6.25 SP1), SINUMERIK ONE V6.15 (All versions < V6.1
cvelistv5nvd
CVE-2023-46156HIGHCVSS 7.5fixed in V1.242023-12-12
CVE-2023-46156 [HIGH] CWE-416 CVE-2023-46156: Affected devices improperly handle specially crafted packets sent to port 102/tcp.
This could allow
Affected devices improperly handle specially crafted packets sent to port 102/tcp.
This could allow an attacker to create a denial of service condition. A restart is needed to restore
normal operations.
cvelistv5nvd
CVE-2023-28831HIGHCVSS 8.7fixed in V1.222023-09-12
CVE-2023-28831 [HIGH] CWE-190 CVE-2023-28831: The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnera
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.
This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.
cvelistv5nvd
CVE-2022-38465HIGHCVSS 7.8vAll versions < V6.212022-10-11
CVE-2022-38465 [HIGH] CWE-522 CVE-2022-38465: A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMA
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0)
cvelistv5nvd
CVE-2022-24408HIGHCVSS 7.8vAll versions < V1.15 SP12022-03-08
CVE-2022-24408 [HIGH] CWE-269 CVE-2022-24408: A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All v
A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow local attackers to escalate their privileges to roo
cvelistv5nvd
CVE-2020-15782CRITICALCVSS 9.8vAll versions < V6.152021-05-28
CVE-2020-15782 [CRITICAL] CWE-119 CVE-2020-15782: A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMA
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.
cvelistv5nvd