The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Siemens SIMATIC WinCC

SIMATIC S7-1500: denial of service via HTTP
An attacker can trigger a fatal error via HTTP of SIMATIC S7-1500, in order to trigger a denial of service...
CERTFR-2019-AVI-004, CVE-2018-16558, CVE-2018-16559, SSA-180635, VIGILANCE-VUL-28198
SIMATIC S7-300: denial of service via S7 Packets
An attacker can trigger a fatal error via S7 Packets of SIMATIC S7-300, in order to trigger a denial of service...
CERTFR-2019-AVI-004, CVE-2018-16561, SSA-306710, VIGILANCE-VUL-28197
libbfd: infinite loop via IS_CONTAINED_BY_LMA
An attacker can trigger an infinite loop via IS_CONTAINED_BY_LMA of libbfd, in order to trigger a denial of service...
CVE-2018-19932, openSUSE-SU-2019:2415-1, openSUSE-SU-2019:2432-1, SSB-439005, SUSE-SU-2019:2650-1, USN-4336-1, VIGILANCE-VUL-28196
libbfd: buffer overflow via bfd_elf32_swap_phdr_in
An attacker can trigger a buffer overflow via bfd_elf32_swap_phdr_in() of libbfd, in order to trigger a denial of service, and possibly to run code...
CVE-2018-19931, openSUSE-SU-2019:2415-1, openSUSE-SU-2019:2432-1, SSB-439005, SUSE-SU-2019:2650-1, USN-4336-1, VIGILANCE-VUL-28195
glibc: descriptor leak via getaddrinfo
An attacker can create a descriptor leak via getaddrinfo() of glibc, in order to trigger a denial of service...
bulletinjul2019, CVE-2018-19591, FEDORA-2018-060302dc83, FEDORA-2018-f6b7df660d, SSB-439005, VIGILANCE-VUL-27921
Linux kernel: file reading via Deleted Files In Cleancache
A local attacker can read a file via Deleted Files In Cleancache of the Linux kernel, in order to obtain sensitive information...
CERTFR-2019-AVI-038, CERTFR-2019-AVI-042, CERTFR-2019-AVI-044, CERTFR-2019-AVI-051, CERTFR-2019-AVI-071, CERTFR-2019-AVI-391, CERTFR-2019-AVI-419, CVE-2018-16862, DLA-1715-1, DLA-1731-1, DLA-1731-2, FEDORA-2018-3857a8b41a, FEDORA-2018-87ba0312c2, openSUSE-SU-2019:0065-1, openSUSE-SU-2019:0140-1, SSA:2019-030-01, SSB-439005, SUSE-SU-2019:0148-1, SUSE-SU-2019:0196-1, SUSE-SU-2019:0222-1, SUSE-SU-2019:0224-1, SUSE-SU-2019:0320-1, SUSE-SU-2019:0439-1, SUSE-SU-2019:0541-1, USN-3879-1, USN-3879-2, USN-4094-1, USN-4118-1, VIGILANCE-VUL-27872
Siemens SIMATIC HMI/WinCC: privilege escalation via HTTP Header Injection
An attacker can bypass restrictions via HTTP Header Injection of Siemens SIMATIC HMI/WinCC, in order to escalate his privileges...
CERTFR-2018-AVI-543, CVE-2018-13814, SSA-944083, VIGILANCE-VUL-27788
Siemens SIMATIC IT: privilege escalation via Authentication Bypass
An attacker can bypass restrictions via Authentication Bypass of Siemens SIMATIC IT, in order to escalate his privileges...
CERTFR-2018-AVI-543, CVE-2018-13804, SSA-886615, VIGILANCE-VUL-27787
Siemens SIMATIC STEP7: information disclosure via Weak Password Hashes
An attacker can bypass access restrictions to data via Weak Password Hashes of Siemens SIMATIC STEP7, in order to obtain sensitive information...
CERTFR-2018-AVI-543, CVE-2018-13811, SSA-621493, VIGILANCE-VUL-27786
Siemens SIMATIC S7-1200/S7-1500: denial of service via Pool Exhaustion
An attacker can generate a fatal error via Pool Exhaustion of Siemens SIMATIC S7-1200/S7-1500, in order to trigger a denial of service...
CERTFR-2018-AVI-543, CVE-2018-13815, SSA-584286, VIGILANCE-VUL-27785
Our database contains other pages. You can request a free trial to read them.

Display information about Siemens SIMATIC WinCC: