Siemens Security Vulnerabilities (CVEs)
Track 560 security vulnerabilities affecting Siemens products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows remote code execution through specially crafted TIFF files in Siemens JT2Go and Teamcenter Visualization software. An attack...
Aug 8, 2023This vulnerability allows remote code execution through specially crafted JT files in Siemens JT Open and JT Utilities software. Attackers can exploit...
Aug 8, 2023This vulnerability allows unauthenticated remote attackers to execute arbitrary SQL queries on RUGGEDCOM CROSSBOW server databases. It affects all ver...
Aug 8, 2023This vulnerability allows attackers to execute arbitrary code by exploiting an out-of-bounds read vulnerability when parsing specially crafted X_T fil...
Aug 8, 2023This vulnerability allows remote code execution through specially crafted X_T files in Siemens Parasolid and Teamcenter Visualization software. An att...
Aug 8, 2023A use-after-free vulnerability in Siemens JT2Go, Solid Edge, and Teamcenter Visualization applications allows remote code execution when parsing malic...
Aug 8, 2023This vulnerability in Siemens RUGGEDCOM industrial networking devices allows attackers to bypass port mirroring restrictions and inject malicious pack...
Aug 8, 2023A DLL hijacking vulnerability in Siemens Software Center allows local attackers to execute arbitrary code with elevated privileges by placing a malici...
Aug 8, 2023This vulnerability affects Siemens RUGGEDCOM ROX industrial routers by supporting insecure TLS 1.0 protocol in their webserver. Attackers can perform ...
Jul 11, 2023This vulnerability allows authenticated privileged remote attackers to execute arbitrary code with root privileges on affected RUGGEDCOM ROX devices. ...
Jul 11, 2023This vulnerability allows authenticated privileged remote attackers to execute arbitrary code with root privileges on affected RUGGEDCOM ROX devices. ...
Jul 11, 2023This vulnerability allows authenticated privileged remote attackers to execute arbitrary code with root privileges on affected Siemens RUGGEDCOM ROX d...
Jul 11, 2023This vulnerability allows attackers to execute arbitrary code by exploiting a heap-based buffer overflow when parsing malicious PRT files in Tecnomati...
Jul 11, 2023This vulnerability allows remote code execution through an out-of-bounds write buffer overflow when parsing malicious PAR files in Tecnomatix Plant Si...
Jul 11, 2023A stack-based buffer overflow vulnerability in Tecnomatix Plant Simulation allows attackers to execute arbitrary code by tricking users into opening m...
Jul 11, 2023CVE-2023-29130 is a critical privilege escalation vulnerability in Siemens SIMATIC CN 4100 devices where improper access controls in configuration fil...
Jul 11, 2023A stack-based buffer overflow vulnerability in SiPass integrated server applications allows unauthenticated remote attackers to crash the server by se...
Jul 11, 2023This vulnerability affects multiple SIMATIC MV500 series industrial cameras. An unauthenticated remote attacker can send specially crafted Ethernet fr...
Jul 11, 2023A reflected cross-site scripting (XSS) vulnerability in Siemens RUGGEDCOM ROX devices allows attackers to execute malicious JavaScript by tricking use...
Jul 11, 2023A denial-of-service vulnerability exists in Siemens SIMATIC machine vision systems where an attacker can disrupt all socket-based communication by exp...
Jul 11, 2023This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Siemens RUGGEDCOM ROX industrial routers. An attacker can trick authenticated ...
Jul 11, 2023This vulnerability allows remote code execution through specially crafted CGM files in Siemens JT2Go and Teamcenter Visualization software. An attacke...
Jun 13, 2023This vulnerability allows authenticated privileged remote attackers to execute arbitrary commands with root privileges on Siemens CP-8031 and CP-8050 ...
Jun 13, 2023This vulnerability in SIMATIC WinCC allows authenticated local attackers to inject arbitrary code and escalate privileges when the software is install...
Jun 13, 2023This critical vulnerability in Siemens industrial control software allows remote attackers with low privileges to execute arbitrary code with elevated...
Jun 13, 2023This vulnerability in Datalogics Library APDFL allows attackers to trigger a stack-based buffer overflow by providing documents with corrupted fonts. ...
Jun 7, 2023This CVE describes a critical deserialization vulnerability in Siemens Siveillance Video Event Server that allows authenticated remote attackers to ex...
May 9, 2023A memory corruption vulnerability in Solid Edge SE2023 allows attackers to execute arbitrary code by tricking users into opening malicious STP files. ...
May 9, 2023This vulnerability allows authenticated privileged remote attackers to execute arbitrary commands with root privileges on affected SIMATIC Cloud Conne...
May 9, 2023CVE-2023-27407 is a command injection vulnerability in SCALANCE LPE9403 industrial network devices that allows authenticated remote attackers to execu...
May 9, 2023This path traversal vulnerability in Siemens TIA Portal allows attackers to create or overwrite arbitrary files when users open malicious PC system co...
Apr 11, 2023This vulnerability allows unauthenticated remote attackers to execute arbitrary commands on Siemens CP-8031 and CP-8050 MASTER MODULE devices via comm...
Apr 11, 2023This vulnerability allows remote code execution through specially crafted JT files in JT Open and JT Utilities software. Attackers can exploit an out-...
Apr 11, 2023A denial-of-service vulnerability in the webserver of multiple Siemens SIMATIC communication processors allows attackers to crash the webserver, causi...
Apr 11, 2023A denial-of-service vulnerability exists in the webserver of multiple Siemens SIMATIC communication processors. Attackers can crash the webserver comp...
Apr 11, 2023This vulnerability allows remote code execution via specially crafted SPP files in Tecnomatix Plant Simulation. Attackers can exploit an out-of-bounds...
Mar 14, 2023This vulnerability in Tecnomatix Plant Simulation allows attackers to execute arbitrary code by exploiting an out-of-bounds read when parsing maliciou...
Mar 14, 2023A stack-based buffer overflow vulnerability in Tecnomatix Plant Simulation allows attackers to execute arbitrary code by tricking users into opening m...
Mar 14, 2023A stack-based buffer overflow vulnerability in Tecnomatix Plant Simulation allows attackers to execute arbitrary code by tricking users into opening m...
Mar 14, 2023This SQL injection vulnerability in RUGGEDCOM CROSSBOW allows authenticated remote attackers to execute arbitrary SQL queries on the server database. ...
Mar 14, 2023This vulnerability allows remote code execution through specially crafted SPP files in Tecnomatix Plant Simulation. Attackers can exploit an out-of-bo...
Mar 14, 2023This vulnerability allows remote code execution through a buffer overflow when parsing malicious SPP files in Tecnomatix Plant Simulation. Attackers c...
Feb 14, 2023This vulnerability allows remote code execution through specially crafted SPP files in Tecnomatix Plant Simulation. Attackers can exploit an out-of-bo...
Feb 14, 2023This vulnerability in Tecnomatix Plant Simulation allows remote code execution via a specially crafted SPP file, enabling an attacker to run arbitrary...
Feb 14, 2023This vulnerability allows remote code execution through specially crafted SPP files in Tecnomatix Plant Simulation. Attackers can exploit an out-of-bo...
Feb 14, 2023This vulnerability allows remote code execution via specially crafted SPP files in Tecnomatix Plant Simulation. Attackers can execute arbitrary code i...
Feb 14, 2023This vulnerability allows remote code execution via specially crafted SPP files in Tecnomatix Plant Simulation. Attackers can exploit an out-of-bounds...
Feb 14, 2023This vulnerability allows remote code execution through specially crafted PAR files in Siemens Parasolid and Solid Edge software. An attacker can expl...
Feb 14, 2023A memory corruption vulnerability in Solid Edge CAD software allows attackers to execute arbitrary code by tricking users into opening malicious DWG f...
Feb 14, 2023A use-after-free vulnerability in Solid Edge CAD software allows attackers to execute arbitrary code by tricking users into opening malicious STP file...
Feb 14, 2023Why Monitor Siemens Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 560+ known vulnerabilities affecting Siemens products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Siemens packages in under 60 seconds. No agents required - completely agentless scanning that works across Siemens deployments.
Free vulnerability database: Access detailed information about every Siemens CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Siemens CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
