Siemens Security Vulnerabilities (CVEs)
Track 563 security vulnerabilities affecting Siemens products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE allows remote attackers to execute arbitrary commands on ArubaOS network devices without authentication. It affects ArubaOS versions prior to...
Sep 7, 2021This vulnerability in the npm tar package allows attackers to bypass symlink checks by exploiting Unicode normalization and Windows short path behavio...
Aug 31, 2021This vulnerability in @npmcli/arborist allows attackers to write arbitrary files to any location on case-insensitive filesystems by exploiting case-se...
Aug 31, 2021This OpenSSL vulnerability allows attackers to cause buffer overruns when applications directly construct ASN.1 strings without proper NUL termination...
Aug 24, 2021This vulnerability in Mbed TLS allows attackers to bypass certificate validation by exploiting a parsing flaw where NULL algorithm parameters are inco...
Aug 23, 2021CVE-2021-31338 is an unauthenticated configuration modification vulnerability in Siemens SINEMA Remote Connect Client. Local attackers can exploit thi...
Aug 19, 2021Node.js DNS library vulnerability allows remote code execution, XSS, and application crashes due to improper validation of DNS responses. Attackers ca...
Aug 16, 2021CVE-2021-22940 is a use-after-free vulnerability in Node.js that allows memory corruption attacks. An attacker could exploit this to potentially execu...
Aug 16, 2021This CVE describes an authenticated command injection vulnerability in Siemens SINEC NMS that allows administrative users to execute arbitrary system ...
Aug 10, 2021This vulnerability allows attackers to bypass authentication on Siemens SIMATIC S7-1200 PLCs when provisioned with TIA Portal V13, enabling unauthoriz...
Aug 10, 2021This vulnerability in Solid Edge SE2021 allows attackers to execute arbitrary code by tricking users into opening malicious OBJ files. The use-after-f...
Aug 10, 2021A denial-of-service vulnerability in Siemens Automation License Manager allows attackers to crash the service by sending specially crafted packets to ...
Aug 10, 2021This vulnerability allows attackers to trick libcurl applications into using a malicious client certificate instead of the intended one when running i...
Aug 5, 2021The npm tar package before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has an arbitrary file creation/overwrite vulnerability due to insufficient sanitiz...
Aug 3, 2021This vulnerability allows attackers to execute arbitrary code by exploiting a heap buffer overflow in Siemens JT2Go, Solid Edge SE2021, and Teamcenter...
Jul 13, 2021This vulnerability allows remote code execution via specially crafted JT files in Siemens JT2Go and Teamcenter Visualization software. Attackers can e...
Jul 13, 2021This vulnerability allows attackers to execute arbitrary code by exploiting an out-of-bounds read in the BMP_loader.dll library when parsing malicious...
Jul 13, 2021This vulnerability allows remote code execution through specially crafted PCX files in Siemens JT2Go and Teamcenter Visualization software. Attackers ...
Jul 13, 2021This vulnerability allows remote code execution through specially crafted SGI image files in Siemens JT2Go and Teamcenter Visualization software. Atta...
Jul 13, 2021This vulnerability allows remote code execution through specially crafted JT files in Siemens JT2Go and Teamcenter Visualization software. Attackers c...
Jul 13, 2021This vulnerability allows attackers to execute arbitrary code by exploiting a heap buffer overflow in Siemens JT2Go, Solid Edge SE2021, and Teamcenter...
Jul 13, 2021This vulnerability allows remote code execution through malicious GIF files in Siemens JT2Go and Teamcenter Visualization software. Attackers can expl...
Jul 13, 2021This vulnerability allows remote code execution through malicious TIFF files in Siemens JT2Go and Teamcenter Visualization software. Attackers can exp...
Jul 13, 2021This vulnerability allows remote code execution through specially crafted J2K files in Siemens JT2Go and Teamcenter Visualization software. Attackers ...
Jul 13, 2021This vulnerability allows remote code execution through specially crafted TIFF files in Siemens JT2Go and Teamcenter Visualization software. Attackers...
Jul 13, 2021This vulnerability allows remote code execution through malicious GIF files in Siemens JT2Go and Teamcenter Visualization software. Attackers can expl...
Jul 13, 2021This vulnerability allows remote code execution through malicious GIF files in Siemens JT2Go and Teamcenter Visualization software. Attackers can expl...
Jul 13, 2021This vulnerability allows remote code execution through malicious GIF files in Siemens JT2Go and Teamcenter Visualization software. Attackers can expl...
Jul 13, 2021This vulnerability allows remote code execution through malicious BMP files in Siemens JT2Go and Teamcenter Visualization software. Attackers can expl...
Jul 13, 2021This vulnerability allows remote code execution through specially crafted TIFF files in Siemens JT2Go and Teamcenter Visualization software. Attackers...
Jul 13, 2021This vulnerability in multiple Siemens SINUMERIK industrial software products allows man-in-the-middle attacks due to improper SSL/TLS certificate val...
Jul 13, 2021This vulnerability in Siemens industrial control software allows attackers to modify configuration metafiles due to improper write permissions. By man...
Jul 13, 2021This vulnerability allows unauthenticated attackers to cause denial of service by flooding affected Siemens devices with DCP reset packets. The attack...
Jul 13, 2021This vulnerability allows local attackers on Windows systems to escalate privileges through PATH and DLL hijacking attacks. It affects Node.js install...
Jul 12, 2021This vulnerability allows remote attackers to gain unauthorized access to SIMATIC HMI Comfort Panels and SINAMICS Medium Voltage Products via unauthen...
Jun 28, 2021This vulnerability allows attackers to execute arbitrary code or cause denial-of-service by exploiting a use-after-free memory corruption flaw in Siem...
Jun 17, 2021This vulnerability allows attackers to cause denial-of-service or read sensitive memory information by exploiting an out-of-bounds read issue in the D...
Jun 17, 2021This vulnerability in Drawings SDK allows attackers to read sensitive information from memory or cause denial-of-service by exploiting improper valida...
Jun 17, 2021CVE-2021-20093 is a buffer over-read vulnerability in Wibu-Systems CodeMeter that allows unauthenticated remote attackers to read heap memory contents...
Jun 16, 2021This vulnerability in Siemens SINAMICS medium voltage products allows unauthenticated attackers to cause denial-of-service, execute limited configurat...
Jun 15, 2021CVE-2021-22901 is a use-after-free vulnerability in curl/libcurl that allows a malicious TLS 1.3 server to potentially execute arbitrary code on the c...
Jun 11, 2021This vulnerability is an out-of-bounds read in Intel processor firmware that allows authenticated local users to potentially escalate privileges. It a...
Jun 9, 2021This vulnerability in Simcenter Femap allows attackers to execute arbitrary code by exploiting improper validation when parsing FEMAP files. Users of ...
Jun 8, 2021This vulnerability in Simcenter Femap allows attackers to execute arbitrary code by exploiting an out-of-bounds write when parsing malicious FEMAP fil...
Jun 8, 2021This vulnerability in Solid Edge's ugeom2d.dll library allows attackers to execute arbitrary code by exploiting improper validation in DFT file parsin...
Jun 8, 2021This vulnerability allows remote unauthenticated attackers to bypass memory protection on Siemens industrial control systems. By sending specially cra...
May 28, 2021This vulnerability allows an attacker to execute arbitrary code by exploiting an out-of-bounds read in KeyShot's 3D file reading modules. Attackers ca...
May 27, 2021This vulnerability allows remote code execution through specially crafted CATPart files in KeyShot 3D rendering software. An attacker can exploit impr...
May 27, 2021This vulnerability allows remote code execution through specially crafted STP files in KeyShot's 3D file parsing modules. Attackers can exploit stack-...
May 27, 2021A memory corruption vulnerability in ISC DHCP allows attackers to cause denial of service by crashing dhclient or dhcpd processes when they parse mali...
May 26, 2021Why Monitor Siemens Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 563+ known vulnerabilities affecting Siemens products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Siemens packages in under 60 seconds. No agents required - completely agentless scanning that works across Siemens deployments.
Free vulnerability database: Access detailed information about every Siemens CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Siemens CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
