Siemens Security Vulnerabilities (CVEs)
Track 563 security vulnerabilities affecting Siemens products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in Siemens SIMATIC HMI panels and WinCC Runtime Advanced involves an out-of-bounds memory access in SmartVNC that could be triggere...
May 12, 2021This vulnerability is a heap allocation leak in the SmartVNC Tight encoder affecting Siemens industrial HMI panels and drives. It allows attackers to ...
May 12, 2021This vulnerability allows remote attackers to execute arbitrary code on affected Siemens industrial control systems by exploiting an out-of-bounds mem...
May 12, 2021This vulnerability is a heap allocation leak in the SmartVNC device layout handler on client-side devices, which could lead to Denial-of-Service condi...
May 12, 2021This vulnerability in Tecnomatix Plant Simulation allows attackers to execute arbitrary code by exploiting memory corruption when parsing malicious SP...
May 12, 2021A vulnerability in Siemens SIMATIC NET CP 343-1 communication processors allows remote attackers to cause a Denial-of-Service condition by sending spe...
May 12, 2021This vulnerability in BIND DNS servers allows remote attackers to cause denial of service by sending specially crafted DNS queries that trigger an ass...
Apr 29, 2021This vulnerability in Siemens SCALANCE industrial switches allows attackers to send specially crafted POST requests that cause heap memory corruption....
Apr 22, 2021CVE-2021-25670 is an out-of-bounds write vulnerability in Tecnomatix RobotExpert that allows attackers to execute arbitrary code by exploiting imprope...
Apr 22, 2021This vulnerability in Solid Edge CAD software allows attackers to execute arbitrary code by exploiting improper validation of PAR files. It affects So...
Apr 22, 2021This vulnerability involves Siemens Opcenter Quality and QMS Automotive shipping with a private signing key that lacks adequate protection. Attackers ...
Apr 22, 2021CVE-2020-25244 is a DLL hijacking vulnerability in Siemens LOGO! Soft Comfort software that allows local attackers to execute arbitrary code by placin...
Apr 22, 2021This vulnerability allows attackers to execute arbitrary code or cause denial-of-service by exploiting improper validation of DNS pointer offsets duri...
Apr 22, 2021This vulnerability in Siemens Capital Embedded AR Classic, Nucleus NET, and related products allows attackers to cause denial of service by sending sp...
Apr 22, 2021CVE-2021-29998 is a heap overflow vulnerability in the DHCP client of Wind River VxWorks operating system. This allows remote attackers to execute arb...
Apr 13, 2021A remote buffer overflow vulnerability in Aruba Instant Access Points allows attackers to execute arbitrary code or cause denial of service. Affected ...
Mar 30, 2021This vulnerability allows remote attackers to execute arbitrary commands on affected Aruba Instant Access Point devices without authentication. It aff...
Mar 30, 2021This vulnerability allows remote attackers to execute arbitrary commands on affected Aruba Instant Access Points (IAPs) by exploiting improper neutral...
Mar 30, 2021This CVE allows remote attackers to modify arbitrary files on affected Aruba Instant Access Points (IAPs) without authentication. The vulnerability af...
Mar 30, 2021A remote buffer overflow vulnerability in Aruba Instant Access Points allows attackers to execute arbitrary code or cause denial of service by sending...
Mar 30, 2021A remote buffer overflow vulnerability in Aruba Instant Access Points allows attackers to execute arbitrary code or cause denial of service. This affe...
Mar 29, 2021This vulnerability allows remote attackers to execute arbitrary commands on affected Aruba Instant Access Points (IAPs) without authentication. It aff...
Mar 29, 2021A heap overflow vulnerability in FreeBSD's dhclient allows remote attackers to potentially execute arbitrary code by sending malformed DHCP option 119...
Mar 26, 2021This vulnerability in Siemens industrial networking devices allows attackers to cause a denial-of-service by repeatedly attempting SSH authentication....
Mar 15, 2021This vulnerability in Solid Edge CAD software allows attackers to execute arbitrary code by exploiting improper validation of PAR files. Users of Soli...
Mar 15, 2021A stack-based buffer overflow vulnerability in Siemens industrial network devices allows remote attackers to cause denial-of-service or potentially ex...
Mar 15, 2021This vulnerability in Siemens SIMATIC MV400 industrial cameras allows attackers to terminate arbitrary TCP sessions by sending specially crafted TCP R...
Mar 15, 2021CVE-2020-25239 is an authorization bypass vulnerability in Siemens SINEMA Remote Connect Server that allows unprivileged users to modify UMC authoriza...
Mar 15, 2021Node.js servers are vulnerable to denial of service attacks when attackers establish numerous connections with unknown protocols, causing file descrip...
Mar 3, 2021This directory traversal vulnerability in Luxion KeyShot products allows attackers to place malicious scripts in system startup folders by tricking us...
Feb 23, 2021This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious .bip documents that load DLLs from remote netwo...
Feb 23, 2021This vulnerability allows attackers to execute arbitrary code by exploiting multiple NULL pointer dereference issues in Luxion KeyShot products when p...
Feb 23, 2021CVE-2020-8625 is a buffer overflow vulnerability in BIND DNS servers that affects systems configured with GSS-TSIG features. Exploitation could lead t...
Feb 17, 2021Lodash versions before 4.17.21 contain a command injection vulnerability in the template function that allows attackers to execute arbitrary commands ...
Feb 15, 2021This vulnerability allows attackers to execute arbitrary code by exploiting a stack-based buffer overflow in JT2Go and Teamcenter Visualization softwa...
Feb 9, 2021This vulnerability allows remote code execution through malicious TIFF files in Siemens JT2Go and Teamcenter Visualization software. Attackers can exp...
Feb 9, 2021This vulnerability allows remote code execution through specially crafted TGA image files in Siemens JT2Go and Teamcenter Visualization software. Atta...
Feb 9, 2021CVE-2021-22663 is an out-of-bounds read vulnerability in Cscape software that allows arbitrary code execution when parsing malicious project files. At...
Feb 9, 2021This vulnerability allows remote attackers to gain full administrative access to affected Siemens industrial control devices without authentication wh...
Feb 9, 2021This vulnerability allows a local attacker with valid account credentials and limited access rights to manipulate specific files in certain folders, p...
Feb 9, 2021This vulnerability in Siemens JT2Go and Teamcenter Visualization allows attackers to leak sensitive information by exploiting improper validation of P...
Feb 9, 2021This vulnerability in Open Design Alliance Drawings SDK allows attackers to crash applications by sending specially crafted DGN files that trigger exc...
Jan 18, 2021A type conversion vulnerability in Open Design Alliance Drawings SDK allows attackers to crash applications by providing malformed .DXF or .DWG files....
Jan 18, 2021A type confusion vulnerability in Open Design Alliance Drawings SDK allows attackers to crash applications by providing malformed .DXF or .DWG files. ...
Jan 18, 2021This vulnerability allows remote code execution in Siemens JT2Go and Teamcenter Visualization software. Attackers can exploit improper validation of P...
Jan 12, 2021This vulnerability allows remote code execution through specially crafted ASM files in Siemens JT2Go and Teamcenter Visualization software. Attackers ...
Jan 12, 2021This vulnerability allows remote code execution through malicious CGM files in Siemens JT2Go and Teamcenter Visualization software. Attackers can expl...
Jan 12, 2021This vulnerability allows remote code execution through specially crafted PCX files in Siemens JT2Go and Teamcenter Visualization software. Attackers ...
Jan 12, 2021This vulnerability allows remote code execution through memory corruption when parsing malicious CG4 files in Siemens JT2Go and Teamcenter Visualizati...
Jan 12, 2021This vulnerability in Solid Edge allows attackers to execute arbitrary code by exploiting improper validation of PAR files. Users of Solid Edge SE2020...
Jan 12, 2021Why Monitor Siemens Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 563+ known vulnerabilities affecting Siemens products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Siemens packages in under 60 seconds. No agents required - completely agentless scanning that works across Siemens deployments.
Free vulnerability database: Access detailed information about every Siemens CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Siemens CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
