The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Siemens SIMATIC WinCC

Linux kernel: buffer overflow via i2c_smbus_xfer_emulated
An attacker can trigger a buffer overflow via i2c_smbus_xfer_emulated() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
CERTFR-2019-AVI-455, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-530, CERTFR-2019-AVI-561, CERTFR-2020-AVI-281, CERTFR-2020-AVI-612, CERTFR-2020-AVI-770, CERTFR-2020-AVI-823, CERTFR-2020-AVI-841, CVE-2017-18551, CVE-2019-9454, K48073202, openSUSE-SU-2019:2173-1, openSUSE-SU-2019:2181-1, RHSA-2020:2104-01, RHSA-2020:4060-01, RHSA-2020:4062-01, RHSA-2020:5206-01, RHSA-2020:5430-01, RHSA-2020:5656-01, SSB-439005, SUSE-SU-2019:14218-1, SUSE-SU-2019:2299-1, SUSE-SU-2019:2412-1, SUSE-SU-2019:2424-1, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2738-1, SUSE-SU-2019:2949-1, SUSE-SU-2019:2950-1, VIGILANCE-VUL-30250
Linux kernel: out-of-bounds memory reading via __xfrm_policy_unlink
An attacker can force a read at an invalid address via __xfrm_policy_unlink() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
CERTFR-2019-AVI-455, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-530, CERTFR-2019-AVI-561, CERTFR-2019-AVI-575, CERTFR-2020-AVI-230, CVE-2019-15666, DLA-1919-1, DLA-1919-2, openSUSE-SU-2019:2173-1, openSUSE-SU-2019:2181-1, RHSA-2020:1493-01, SSB-439005, SUSE-SU-2019:2412-1, SUSE-SU-2019:2424-1, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2738-1, SUSE-SU-2019:2949-1, SUSE-SU-2019:2984-1, VIGILANCE-VUL-30175
SIMATIC: two vulnerabilities
An attacker can use several vulnerabilities of SIMATIC...
CERTFR-2019-AVI-385, CVE-2019-10929, CVE-2019-10943, SSA-232418, VIGILANCE-VUL-30052
Linux kernel: use after free via __blk_drain_queue
An attacker can force the usage of a freed memory area via __blk_drain_queue() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
CERTFR-2019-AVI-391, CERTFR-2019-AVI-392, CERTFR-2019-AVI-418, CERTFR-2019-AVI-419, CERTFR-2019-AVI-513, CERTFR-2020-AVI-030, CERTFR-2020-AVI-095, CERTFR-2020-AVI-125, CVE-2018-20856, DLA-1885-1, DSA-4497-1, RHSA-2019:3055-01, RHSA-2019:3076-01, RHSA-2019:3089-01, RHSA-2019:3217-01, RHSA-2020:0100-01, RHSA-2020:0103-01, RHSA-2020:0543-01, RHSA-2020:0664-01, RHSA-2020:0698-01, SSA:2019-226-01, SSB-439005, SUSE-SU-2019:2263-1, SUSE-SU-2019:2299-1, USN-4094-1, USN-4116-1, USN-4118-1, VIGILANCE-VUL-30051
Intel 64-bit CPU: information disclosure via SWAPGS
A local attacker can read a memory fragment via SWAPGS of Intel 64-bit CPU, in order to obtain sensitive information...
1103505, CERTFR-2019-AVI-375, CERTFR-2019-AVI-376, CERTFR-2019-AVI-381, CERTFR-2019-AVI-390, CERTFR-2019-AVI-391, CERTFR-2019-AVI-392, CERTFR-2019-AVI-417, CERTFR-2019-AVI-418, CERTFR-2019-AVI-428, CERTFR-2019-AVI-440, CERTFR-2019-AVI-458, CERTFR-2019-AVI-467, CERTFR-2019-AVI-486, CVE-2019-1125, DLA-1884-1, DLA-1885-1, DSA-4495-1, DSA-4497-1, FEDORA-2019-6bda4c81f4, FEDORA-2019-e37c348348, JSA10993, K31085564, openSUSE-SU-2019:1923-1, openSUSE-SU-2019:1924-1, RHSA-2019:2405-01, RHSA-2019:2411-01, RHSA-2019:2473-01, RHSA-2019:2476-01, RHSA-2019:2600-01, RHSA-2019:2609-01, RHSA-2019:2695-01, RHSA-2019:2696-01, RHSA-2019:2730-01, RHSA-2019:2899-01, RHSA-2019:2900-01, RHSA-2019:2975-01, RHSA-2019:3220-01, SB10297, SSA:2019-226-01, SSB-439005, STORM-2019-007, SUSE-SU-2019:14157-1, SUSE-SU-2019:2068-1, SUSE-SU-2019:2069-1, SUSE-SU-2019:2070-1, SUSE-SU-2019:2071-1, SUSE-SU-2019:2072-1, SUSE-SU-2019:2073-1, SUSE-SU-2019:2262-1, SUSE-SU-2019:2263-1, SUSE-SU-2019:2299-1, SUSE-SU-2019:2430-1, SUSE-SU-2019:2450-1, SWAPGS, Synology-SA-19:32, USN-4093-1, USN-4094-1, USN-4095-1, USN-4095-2, USN-4096-1, VIGILANCE-VUL-29962
GNU Binutils: integer overflow via objdump
An attacker can trigger an integer overflow via objdump of GNU Binutils, in order to trigger a denial of service, and possibly to run code...
bulletinapr2019, CVE-2018-1000876, openSUSE-SU-2019:2415-1, openSUSE-SU-2019:2432-1, RHSA-2019:2075-01, SSB-439005, SUSE-SU-2019:2650-1, USN-4336-1, VIGILANCE-VUL-29956
ProFTPD: read-write access via mod_copy Limit Bypass
An attacker can bypass access restrictions via mod_copy Limit Bypass of ProFTPD, in order to read or alter data...
CVE-2019-12815, DLA-1873-1, DSA-4491-1, FEDORA-2019-e9187610c3, openSUSE-SU-2019:1836-1, openSUSE-SU-2019:1870-1, openSUSE-SU-2020:0031-1, SSA-940889, VIGILANCE-VUL-29844
Linux kernel: privilege escalation via ptrace_link
An attacker can bypass restrictions via ptrace_link of the Linux kernel, in order to escalate his privileges...
CERTFR-2019-AVI-375, CERTFR-2019-AVI-391, CERTFR-2019-AVI-419, CERTFR-2019-AVI-451, CERTFR-2019-AVI-561, CERTFR-2019-AVI-575, CVE-2019-13272, DLA-1862-1, DLA-1863-1, DSA-4484-1, FEDORA-2019-a95015e60f, PROJ-ZERO-1903, RHSA-2019:2405-01, RHSA-2019:2411-01, RHSA-2019:2809-01, SSA:2019-202-01, SSB-439005, SUSE-SU-2019:2949-1, SUSE-SU-2019:2984-1, USN-4093-1, USN-4094-1, USN-4095-1, USN-4095-2, USN-4117-1, USN-4118-1, VIGILANCE-VUL-29820
iptables: buffer overflow via iptables-restore
An attacker can trigger a buffer overflow via iptables-restore of iptables, in order to trigger a denial of service, and possibly to run code...
CVE-2019-11360, SSB-439005, VIGILANCE-VUL-29770
Siemens SIMATIC PCS7/WinCC: file upload via DataMonitor
An attacker can upload a malicious file via DataMonitor on Siemens SIMATIC PCS7/WinCC, in order for example to upload a Trojan...
CERTFR-2019-AVI-311, CVE-2019-10935, SSA-121293, VIGILANCE-VUL-29733
Our database contains other pages. You can request a free trial to read them.

Display information about Siemens SIMATIC WinCC: