Siemens Security Vulnerabilities (CVEs)
Track 544 security vulnerabilities affecting Siemens products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability affects multiple Siemens SIMATIC RFID reader models, allowing attackers with privileged access to modify configuration files and en...
Sep 10, 2024This vulnerability affects multiple Siemens SIMATIC RFID reader models where improper SNMP error handling causes application restart when character li...
Sep 10, 2024This vulnerability affects multiple Siemens industrial routers and allows authenticated remote attackers to execute arbitrary code by exploiting impro...
Aug 13, 2024This vulnerability affects multiple Siemens industrial routers and allows authenticated remote attackers to forge 2FA tokens of other users by extract...
Aug 13, 2024This vulnerability in Siemens SINEC NMS allows authenticated attackers to bypass authorization checks and elevate their privileges within the applicat...
Aug 13, 2024This vulnerability in SINEC NMS allows authenticated attackers to execute arbitrary operating system commands with elevated privileges by exploiting i...
Aug 13, 2024SINEC Traffic Analyzer versions before V2.0 lack proper rate limiting on authentication attempts, allowing unauthenticated attackers to perform brute ...
Aug 13, 2024SINEC Traffic Analyzer versions before V2.0 have a vulnerability where the web service doesn't properly handle cacheable HTTP responses. This allows a...
Aug 13, 2024This vulnerability in Siemens Location Intelligence products allows attackers to perform brute force attacks against user passwords due to weak passwo...
Aug 13, 2024This vulnerability allows unauthenticated attackers in an on-path position to read and modify data transmitted between legitimate clients and affected...
Aug 13, 2024A local privilege escalation vulnerability in Siemens SINEC NMS allows attackers to execute operating system commands with SYSTEM privileges. This aff...
Aug 13, 2024This vulnerability allows authenticated users to exploit a path traversal flaw in the diagnostics data export API endpoint. Attackers can download arb...
Aug 2, 2024This vulnerability allows local authenticated attackers to execute arbitrary code with elevated privileges on Siemens Omnivise T3000 systems. The affe...
Aug 2, 2024A log rotation vulnerability in SINEMA Remote Connect Server allows unauthenticated remote attackers to cause denial of service through resource exhau...
Jul 9, 2024A privilege escalation vulnerability in SINEMA Remote Connect Server allows authenticated attackers with 'Manage firmware updates' role to gain OS-lev...
Jul 9, 2024SINEMA Remote Connect Server versions before V3.2 SP1 lack proper brute force protection in the Client Communication component, allowing attackers to ...
Jul 9, 2024An authentication bypass vulnerability in SINEMA Remote Connect Server allows unauthenticated attackers to access and modify VxLAN network configurati...
Jul 9, 2024A privilege escalation vulnerability in SINEMA Remote Connect Server allows authenticated local users with self-management privileges to modify users ...
Jul 9, 2024This vulnerability in SINEMA Remote Connect Server allows attackers with access to the backup encryption key and upload permissions to create administ...
Jul 9, 2024This vulnerability allows authenticated local attackers to execute arbitrary code with system privileges on SINEMA Remote Connect Client systems. The ...
Jul 9, 2024This vulnerability allows an administrative remote attacker controlling a SINEMA Remote Connect Server to execute arbitrary code with system privilege...
Jul 9, 2024This vulnerability allows authenticated attackers to execute arbitrary commands with root privileges on SINEMA Remote Connect Server by exploiting ins...
Jul 9, 2024This vulnerability in Simcenter Femap allows attackers to execute arbitrary code by tricking users into opening malicious BMP files. All Simcenter Fem...
Jul 9, 2024This vulnerability in Simcenter Femap allows attackers to execute arbitrary code by exploiting an out-of-bounds write buffer overflow when parsing mal...
Jul 9, 2024A stack overflow vulnerability in Solid Edge allows attackers to execute arbitrary code by tricking users into opening malicious PAR files. This affec...
May 14, 2024A heap-based buffer overflow vulnerability in Solid Edge allows attackers to execute arbitrary code by tricking users into opening malicious PAR files...
May 14, 2024This vulnerability allows remote code execution through specially crafted CGM files in Siemens JT2Go and Teamcenter Visualization software. An attacke...
May 14, 2024This vulnerability in Solid Edge allows attackers to execute arbitrary code by exploiting an out-of-bounds read when parsing malicious PAR files. All ...
May 14, 2024An out-of-bounds read vulnerability in Solid Edge allows attackers to execute arbitrary code by tricking users into opening malicious PAR files. This ...
May 14, 2024A heap-based buffer overflow vulnerability in Solid Edge allows attackers to execute arbitrary code by tricking users into opening malicious PAR files...
May 14, 2024This vulnerability affects SIMATIC CN 4100 devices with unrestricted USB ports, allowing attackers with physical access to boot alternative operating ...
May 14, 2024This vulnerability involves undocumented users with hardcoded credentials in SIMATIC CN 4100 devices. Attackers can use these credentials to gain unau...
May 14, 2024This vulnerability allows remote code execution through specially crafted X_T files in Siemens JT2Go and Teamcenter Visualization software. An attacke...
May 14, 2024This vulnerability in Simcenter Femap allows attackers to execute arbitrary code by exploiting an out-of-bounds read when parsing malicious IGS files....
May 14, 2024A type confusion vulnerability in Simcenter Femap allows attackers to execute arbitrary code by tricking the application into misinterpreting data typ...
May 14, 2024This vulnerability in Simcenter Femap allows attackers to execute arbitrary code by exploiting an out-of-bounds read when parsing malicious IGS files....
May 14, 2024This vulnerability in Simcenter Femap allows remote code execution when processing malicious IGS files. An attacker can exploit an out-of-bounds read ...
May 14, 2024A type confusion vulnerability in Simcenter Femap allows attackers to execute arbitrary code by tricking the application into misinterpreting data typ...
May 14, 2024This vulnerability in Siemens Parasolid allows remote code execution when processing malicious X_T part files. An out-of-bounds write vulnerability en...
May 14, 2024A vulnerability in RUGGEDCOM CROSSBOW allows log messages to be forwarded to a specific client under certain circumstances. Attackers could exploit th...
May 14, 2024This vulnerability in RUGGEDCOM CROSSBOW allows privileged users to upload files to the root installation directory via the bulk import feature. Attac...
May 14, 2024This vulnerability in RUGGEDCOM CROSSBOW allows privileged users to upload arbitrary files to the system's root installation directory. By replacing s...
May 14, 2024This SQL injection vulnerability in RUGGEDCOM CROSSBOW allows attackers to execute arbitrary SQL commands against the database. All versions before V5...
May 14, 2024CVE-2024-27939 is a critical vulnerability in Siemens RUGGEDCOM CROSSBOW industrial network management software that allows unauthenticated attackers ...
May 14, 2024This vulnerability allows remote code execution through specially crafted X_T files in Siemens JT2Go, Parasolid, and Teamcenter Visualization software...
Apr 9, 2024SINEMA Remote Connect Client versions before V3.1 SP1 expose sensitive information through accessible files and the web interface. This allows authent...
Mar 12, 2024This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privileges on affected Siemens fire safety systems due ...
Mar 12, 2024SINEMA Remote Connect Server versions before V3.2 have improper access control on web service endpoints, allowing attackers to bypass authentication a...
Mar 12, 2024This vulnerability allows remote code execution through specially crafted Catia MODEL files in Simcenter Femap. Attackers can exploit an out-of-bounds...
Feb 13, 2024This vulnerability in Simcenter Femap allows attackers to execute arbitrary code by exploiting uninitialized pointer access when parsing malicious Cat...
Feb 13, 2024Why Monitor Siemens Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 544+ known vulnerabilities affecting Siemens products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Siemens packages in under 60 seconds. No agents required - completely agentless scanning that works across Siemens deployments.
Free vulnerability database: Access detailed information about every Siemens CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Siemens CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
