siemens security advisories

14 threat alerts tracking vulnerabilities and security advisories that affect siemens products.

Vulnios monitors siemens CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent siemens security news in one place, or click into an individual alert for full detail.

Critical Vulnerability: CVE-2016-9157 — siemens — sicam_pas\/pqs
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by s
criticalCVE-2016-9157
Critical Vulnerability: CVE-2016-9155 — siemens — ccid1445-dn18_firmware, ccid1445-dn28_firmware
The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; C
criticalCVE-2016-9155
Critical Vulnerability: CVE-2016-8565 — siemens — automation_license_manager
Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets.
criticalCVE-2016-8565
Critical Vulnerability: CVE-2016-7112 — siemens — en100_ethernet_module_firmware, en100_ethernet_module
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00
criticalCVE-2016-7112
Critical Vulnerability: CVE-2016-5743 — siemens — simatic_batch, simatic_wincc
Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as dist
criticalCVE-2016-5743
Critical Vulnerability: CVE-2017-9944 — siemens — 7kt_pac1200_data_manager_firmware, 7kt_pac1200_data_manager
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticate
criticalCVE-2017-9944
Critical Vulnerability: CVE-2017-12739 — siemens — sm-2556_firmware, sm-2556
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected d
criticalCVE-2017-12739
Critical Vulnerability: CVE-2017-9939 — siemens — sipass_integrated
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication me
criticalCVE-2017-9939
Critical Vulnerability: CVE-2017-6869 — siemens — viewport_for_web_office_portal
A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload arbitrary code and execute it with the pe
criticalCVE-2017-6869
Critical Vulnerability: CVE-2017-2684 — siemens — simatic_logon
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level aut
criticalCVE-2017-2684
Critical Vulnerability: CVE-2016-8567 — siemens — sicam_pas\/pqs
An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database
criticalCVE-2016-8567
Critical Vulnerability: CVE-2002-1484 — siemens — db4web
DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that spe
criticalCVE-2002-1484
Critical Vulnerability: CVE-2022-36323 — siemens — scalance_m-800_firmware, scalance_m-800
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.
criticalCVE-2022-36323
Critical Vulnerability: CVE-2023-44373 — siemens — 6gk5205-3bb00-2ab2_firmware, 6gk5205-3bb00-2ab2
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CV
criticalCVE-2023-44373

Track siemens exposure across your environment

Vulnios automatically cross-references your asset inventory against new siemens CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.

Start a free scan

siemens security advisories

Critical Vulnerability: CVE-2016-9157 — siemens — sicam_pas\/pqs

Critical Vulnerability: CVE-2016-9155 — siemens — ccid1445-dn18_firmware, ccid1445-dn28_firmware

Critical Vulnerability: CVE-2016-8565 — siemens — automation_license_manager

Critical Vulnerability: CVE-2016-7112 — siemens — en100_ethernet_module_firmware, en100_ethernet_module

Critical Vulnerability: CVE-2016-5743 — siemens — simatic_batch, simatic_wincc

Critical Vulnerability: CVE-2017-9944 — siemens — 7kt_pac1200_data_manager_firmware, 7kt_pac1200_data_manager

Critical Vulnerability: CVE-2017-12739 — siemens — sm-2556_firmware, sm-2556

Critical Vulnerability: CVE-2017-9939 — siemens — sipass_integrated

Critical Vulnerability: CVE-2017-6869 — siemens — viewport_for_web_office_portal

Critical Vulnerability: CVE-2017-2684 — siemens — simatic_logon

Critical Vulnerability: CVE-2016-8567 — siemens — sicam_pas\/pqs

Critical Vulnerability: CVE-2002-1484 — siemens — db4web

Critical Vulnerability: CVE-2022-36323 — siemens — scalance_m-800_firmware, scalance_m-800

Critical Vulnerability: CVE-2023-44373 — siemens — 6gk5205-3bb00-2ab2_firmware, 6gk5205-3bb00-2ab2

Track siemens exposure across your environment