Siemens Security Vulnerabilities (CVEs)
Track 533 security vulnerabilities affecting Siemens products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
SICAM TOOLBOX II fails to validate extended key usage attributes in TLS certificates, allowing attackers to perform man-in-the-middle attacks. This af...
Jul 8, 2025A stack-based buffer overflow vulnerability in Siemens SCALANCE LPE9403 industrial switches allows local attackers to execute arbitrary code or cause ...
May 13, 2025This vulnerability allows local attackers to bypass authentication on Siemens SCALANCE LPE9403 devices with SINEMA Remote Connect Edge Client installe...
May 13, 2025SCALANCE LPE9403 devices with SINEMA Remote Connect Edge Client transmit sensitive information in cleartext, allowing privileged local attackers to in...
May 13, 2025A vulnerability in Siemens SCALANCE LPE9403 industrial switches allows unauthenticated remote attackers to crash the dcpd process by sending specially...
May 13, 2025A denial-of-service vulnerability in Siemens SCALANCE LPE9403 devices allows unauthenticated remote attackers to crash the dcpd process by sending mul...
May 13, 2025This vulnerability allows session hijacking in Siemens SIMATIC PCS neo industrial control systems. An attacker who obtains a valid session token can r...
May 13, 2025A local privilege escalation vulnerability in Siemens SCALANCE LPE9403 industrial routers allows non-privileged local attackers to access sensitive in...
May 13, 2025A local privilege escalation vulnerability in Siemens SCALANCE LPE9403 industrial routers allows non-privileged local attackers to interact with the b...
May 13, 2025An out-of-bounds read buffer overflow vulnerability in Siemens' User Management Component (UMC) affects multiple industrial automation products. This ...
May 13, 2025This critical vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privileges on affected OZW672 and OZW772 devic...
May 13, 2025An out-of-bounds read buffer overflow vulnerability in Siemens industrial automation products allows unauthenticated remote attackers to cause denial ...
May 13, 2025This SQL injection vulnerability in Siemens Polarion allows authenticated remote attackers to bypass authorization controls and download any data from...
May 13, 2025This vulnerability allows authenticated remote attackers to upload malicious XML files containing stored cross-site scripting (XSS) payloads in Polari...
May 13, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the d...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization, read/write to the database, ...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the d...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the d...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypass authorization, read/write to the database, and e...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the d...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the d...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypass authorization, read/write to the database, and e...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the d...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the d...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the d...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypass authorization controls, read/write to the databa...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization, read/write to the database, ...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypass authorization, read/write database contents, and...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the d...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypass authorization controls, read/write to the databa...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypass authorization, read/write to the database, and e...
Apr 16, 2025An SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypass authorization, read/write to the database, and exe...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypass authorization, read/write to the database, and e...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypass authorization, read/write to the database, and e...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to bypass authorization controls, read/write to the...
Apr 16, 2025This critical SQL injection vulnerability in TeleControl Server Basic allows unauthenticated remote attackers to bypass authorization, read/write to t...
Apr 16, 2025An unauthenticated SQL injection vulnerability in TeleControl Server Basic allows remote attackers to bypass authentication, read/write to the databas...
Apr 16, 2025SENTRON 7KT PAC1260 Data Manager devices contain hardcoded root credentials that allow unauthenticated remote attackers to gain full system access whe...
Apr 8, 2025This vulnerability allows unauthenticated attackers to change the login password on SENTRON 7KT PAC1260 Data Manager devices without knowing the curre...
Apr 8, 2025The SENTRON 7KT PAC1260 Data Manager contains a path traversal vulnerability in its web interface that allows unauthenticated attackers to read arbitr...
Apr 8, 2025Why Monitor Siemens Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 533+ known vulnerabilities affecting Siemens products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Siemens packages in under 60 seconds. No agents required - completely agentless scanning that works across Siemens deployments.
Free vulnerability database: Access detailed information about every Siemens CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Siemens CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
