Every CVE whose affected-product data names Siemens Simatic Pcs7, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2014-8551 — CVSS 10.0 (critical): The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0…
CVE-2017-12069 — CVSS 8.2 (high): An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before…
CVE-2013-3957 — CVSS 7.5 (high): SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1…
CVE-2013-3958 — CVSS 7.5 (high): The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other…
CVE-2012-3032 — CVSS 7.5 (high): SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote…
CVE-2012-3015 — CVSS 6.9 (medium): Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other…
CVE-2012-3028 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other…
CVE-2013-0674 — CVSS 6.8 (medium): Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products…
CVE-2014-4686 — CVSS 6.8 (medium): The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption…
CVE-2016-7165 — CVSS 6.4 (medium): A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0…
CVE-2013-0675 — CVSS 6.1 (medium): Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1…
CVE-2014-4684 — CVSS 6.0 (medium): The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain…
CVE-2013-0677 — CVSS 5.8 (medium): The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain…
CVE-2014-4682 — CVSS 5.0 (medium): The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain…
CVE-2012-3030 — CVSS 5.0 (medium): WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web…
CVE-2014-8552 — CVSS 5.0 (medium): The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0…
CVE-2014-4683 — CVSS 4.9 (medium): The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain…
CVE-2017-14023 — CVSS 4.9 (medium): An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all…
CVE-2014-4685 — CVSS 4.6 (medium): Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak…
CVE-2012-3031 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other…
CVE-2012-3034 — CVSS 4.3 (medium): WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a…
CVE-2013-0676 — CVSS 4.0 (medium): Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database…
CVE-2013-0678 — CVSS 4.0 (medium): Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials…
CVE-2013-3959 — CVSS 4.0 (medium): The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different…
CVE-2013-0679 — CVSS 4.0 (medium): Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products…