The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of SIMATIC

libxml2: NULL pointer dereference via xpath.c-xmlXPathCompOpEval
An attacker can force a NULL pointer to be dereferenced via xpath.c:xmlXPathCompOpEval() of libxml2, in order to trigger a denial of service...
901817, bulletinapr2019, CVE-2018-14404, DLA-1524-1, DLA-2369-1, DSA-2020-030, DSA-2020-289, openSUSE-SU-2018:3107-1, openSUSE-SU-2018:3110-1, openSUSE-SU-2019:0185-1, RHSA-2020:1190-01, RHSA-2020:1827-01, SSB-439005, SUSE-SU-2018:3080-1, SUSE-SU-2018:3081-1, SUSE-SU-2019:0272-1, SUSE-SU-2019:13985-1, USN-3739-1, USN-3739-2, VIGILANCE-VUL-26812
Linux kernel: integer overflow via alarm_timer_nsleep
An attacker can generate an integer overflow via alarm_timer_nsleep() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
1103505, CERTFR-2018-AVI-358, CERTFR-2018-AVI-365, CERTFR-2018-AVI-392, CERTFR-2018-AVI-426, CERTFR-2018-AVI-557, CERTFR-2019-AVI-183, CERTFR-2019-AVI-391, CERTFR-2019-AVI-419, CVE-2018-13053, DLA-1715-1, DLA-1731-1, DLA-1731-2, FEDORA-2018-50075276e8, openSUSE-SU-2018:2118-1, openSUSE-SU-2018:2119-1, RHSA-2019:0831-01, RHSA-2019:2029-01, RHSA-2019:2043-01, SSA:2019-030-01, SSB-439005, SUSE-SU-2018:2051-1, SUSE-SU-2018:2150-1, SUSE-SU-2018:2332-1, SUSE-SU-2018:2344-1, SUSE-SU-2018:2362-1, SUSE-SU-2018:2366-1, SUSE-SU-2018:2384-1, SUSE-SU-2018:2637-1, USN-3821-1, USN-3821-2, USN-4094-1, USN-4118-1, VIGILANCE-VUL-26605
Siemens SIMATIC RF182C: buffer overflow via DHCP
An attacker can generate a buffer overflow via DHCP of Siemens SIMATIC RF182C, in order to trigger a denial of service, and possibly to run code...
CVE-2018-4833, SSA-181018, VIGILANCE-VUL-26417
Processors: information disclosure via System Register
A local attacker can read a memory fragment via System Register of some processors, in order to obtain sensitive information...
525441, ADV180013, CERTFR-2018-AVI-429, CERTFR-2019-AVI-036, CERTFR-2019-AVI-489, cisco-sa-20180521-cpusidechannel, CVE-2018-3640, DLA-1446-1, DLA-1506-1, DSA-2018-175, DSA-2019-030, DSA-4273-1, DSA-4273-2, FG-IR-18-002, HPESBHF03850, HT209193, ibm10796076, K51801290, openSUSE-SU-2018:1904-1, openSUSE-SU-2018:2399-1, SSA-268644, SSA-608355, SUSE-SU-2018:1926-1, SUSE-SU-2018:1935-1, SUSE-SU-2018:2076-1, SUSE-SU-2018:2331-1, SUSE-SU-2018:2335-1, SUSE-SU-2018:2338-1, TA18-141A, USN-3756-1, VIGILANCE-VUL-26184, VU#180049
Processors: information disclosure via Speculative Store
A local attacker can read a memory fragment via Speculative Store of some processors, in order to obtain sensitive information...
1528, 18-0006, 525441, ADV180012, CERTFR-2018-AVI-248, CERTFR-2018-AVI-250, CERTFR-2018-AVI-256, CERTFR-2018-AVI-258, CERTFR-2018-AVI-259, CERTFR-2018-AVI-280, CERTFR-2018-AVI-306, CERTFR-2018-AVI-308, CERTFR-2018-AVI-319, CERTFR-2018-AVI-330, CERTFR-2018-AVI-346, CERTFR-2018-AVI-357, CERTFR-2018-AVI-386, CERTFR-2018-AVI-429, CERTFR-2019-AVI-036, CERTFR-2019-AVI-052, CERTFR-2019-AVI-489, CERTFR-2020-AVI-548, CERTFR-2020-AVI-568, cisco-sa-20180521-cpusidechannel, cpujan2019, cpujul2020, CTX235225, CVE-2018-3639, DLA-1423-1, DLA-1424-1, DLA-1434-1, DLA-1446-1, DLA-1506-1, DLA-1529-1, DLA-1731-1, DLA-1731-2, DSA-2018-175, DSA-2019-030, DSA-4210-1, DSA-4273-1, DSA-4273-2, FEDORA-2018-5521156807, FEDORA-2018-6367a17aa3, FEDORA-2018-aec846c0ef, FEDORA-2018-db0d3e157e, FG-IR-18-002, HPESBHF03850, HT209139, HT209193, ibm10796076, JSA10917, JSA11023, K29146534, K54252492, N1022433, nas8N1022433, openSUSE-SU-2018:1380-1, openSUSE-SU-2018:1418-1, openSUSE-SU-2018:1420-1, openSUSE-SU-2018:1487-1, openSUSE-SU-2018:1621-1, openSUSE-SU-2018:1623-1, openSUSE-SU-2018:1628-1, openSUSE-SU-2018:1773-1, openSUSE-SU-2018:1904-1, openSUSE-SU-2018:2306-1, openSUSE-SU-2018:2399-1, openSUSE-SU-2018:2402-1, openSUSE-SU-2018:3103-1, openSUSE-SU-2018:3709-1, openSUSE-SU-2019:0042-1, openSUSE-SU-2019:1438-1, openSUSE-SU-2019:1439-1, openSUSE-SU-2020:1325-1, RHSA-2018:1629-01, RHSA-2018:1630-01, RHSA-2018:1632-01, RHSA-2018:1633-01, RHSA-2018:1635-01, RHSA-2018:1636-01, RHSA-2018:1637-01, RHSA-2018:1638-01, RHSA-2018:1639-01, RHSA-2018:1640-01, RHSA-2018:1641-01, RHSA-2018:1642-01, RHSA-2018:1647-01, RHSA-2018:1648-01, RHSA-2018:1649-01, RHSA-2018:1650-01, RHSA-2018:1651-01, RHSA-2018:1652-01, RHSA-2018:1653-01, RHSA-2018:1656-01, RHSA-2018:1657-01, RHSA-2018:1658-01, RHSA-2018:1659-01, RHSA-2018:1660-01, RHSA-2018:1661-01, RHSA-2018:1662-01, RHSA-2018:1663-01, RHSA-2018:1664-01, RHSA-2018:1665-01, RHSA-2018:1666-01, RHSA-2018:1667-01, RHSA-2018:1668-01, RHSA-2018:1669-01, RHSA-2018:1737-01, RHSA-2018:1738-01, RHSA-2018:1826-01, RHSA-2018:1965-01, RHSA-2018:1967-01, RHSA-2018:1997-01, RHSA-2018:2001-01, RHSA-2018:2003-01, RHSA-2018:2006-01, RHSA-2018:2161-01, RHSA-2018:2162-01, RHSA-2018:2164-01, RHSA-2018:2171-01, RHSA-2018:2172-01, RHSA-2018:2216-01, RHSA-2018:2250-01, RHSA-2018:2309-01, RHSA-2018:2384-01, RHSA-2018:2387-01, RHSA-2018:2390-01, RHSA-2018:2394-01, RHSA-2018:2395-01, RHSA-2018:2396-01, RHSA-2018:2948-01, RHSA-2018:3396-01, RHSA-2018:3397-01, RHSA-2018:3398-01, RHSA-2018:3399-01, RHSA-2018:3400-01, RHSA-2018:3401-01, RHSA-2018:3402-01, RHSA-2018:3407-01, RHSA-2018:3423-01, RHSA-2018:3424-01, RHSA-2018:3425-01, spectre_meltdown_advisory, SSA:2018-208-01, SSA-268644, SSA-505225, SSA-608355, SUSE-SU-2018:1362-1, SUSE-SU-2018:1363-1, SUSE-SU-2018:1366-1, SUSE-SU-2018:1368-1, SUSE-SU-2018:1374-1, SUSE-SU-2018:1375-1, SUSE-SU-2018:1376-1, SUSE-SU-2018:1377-1, SUSE-SU-2018:1378-1, SUSE-SU-2018:1386-1, SUSE-SU-2018:1389-1, SUSE-SU-2018:1452-1, SUSE-SU-2018:1456-1, SUSE-SU-2018:1475-1, SUSE-SU-2018:1479-1, SUSE-SU-2018:1482-1, SUSE-SU-2018:1582-1, SUSE-SU-2018:1603-1, SUSE-SU-2018:1614-1, SUSE-SU-2018:1658-1, SUSE-SU-2018:1699-1, SUSE-SU-2018:1816-1, SUSE-SU-2018:1846-1, SUSE-SU-2018:1926-1, SUSE-SU-2018:1935-1, SUSE-SU-2018:2076-1, SUSE-SU-2018:2082-1, SUSE-SU-2018:2141-1, SUSE-SU-2018:2304-1, SUSE-SU-2018:2331-1, SUSE-SU-2018:2335-1, SUSE-SU-2018:2338-1, SUSE-SU-2018:2340-1, SUSE-SU-2018:2528-1, SUSE-SU-2018:2556-1, SUSE-SU-2018:2565-1, SUSE-SU-2018:2615-1, SUSE-SU-2018:2650-1, SUSE-SU-2018:2973-1, SUSE-SU-2018:3064-1, SUSE-SU-2018:3064-3, SUSE-SU-2018:3555-1, SUSE-SU-2019:0049-1, SUSE-SU-2019:0148-1, SUSE-SU-2019:1211-2, SUSE-SU-2019:2028-1, SUSE-SU-2020:2540-1, SUSE-SU-2020:2605-1, TA18-141A, USN-3651-1, USN-3652-1, USN-3653-1, USN-3653-2, USN-3654-1, USN-3654-2, USN-3655-1, USN-3655-2, USN-3679-1, USN-3680-1, USN-3756-1, VIGILANCE-VUL-26183, VMSA-2018-0012, VMSA-2018-0012.1, VU#180049, XSA-263
SIMATIC S7-400: denial of service via S7 Communication
An attacker can send malicious S7 Communication packets to SIMATIC S7-400, in order to trigger a denial of service...
CERTFR-2018-AVI-235, CVE-2018-4850, SSA-914382, VIGILANCE-VUL-26134
SIMATIC WinCC OA Operator iOS App: information disclosure
An attacker can bypass access restrictions to data of SIMATIC WinCC OA Operator iOS App, in order to obtain sensitive information...
CVE-2018-4847, SSA-597741, VIGILANCE-VUL-25909
SIMATIC: code execution via TIM 1531 IRC
An attacker can use a vulnerability via TIM 1531 IRC of SIMATIC, in order to run code...
CERTFR-2018-AVI-152, CVE-2018-4841, SSA-110922, VIGILANCE-VUL-25661
SIMATIC: denial of service via RPC Service
An attacker can generate a fatal error via RPC Service of SIMATIC, in order to trigger a denial of service...
CERTFR-2018-AVI-152, CVE-2018-4832, SSA-348629, VIGILANCE-VUL-25660
SIMATIC WinCC OA UI for Android/iOS: read-write access via HMI Project Cache
An attacker can bypass access restrictions via HMI Project Cache of SIMATIC WinCC OA UI for Android/iOS, in order to read or alter data...
CERTFR-2018-AVI-140, CVE-2018-4844, SSA-822928, VIGILANCE-VUL-25611
Our database contains other pages. You can request a free trial to read them.

Display information about SIMATIC: