Siemens Simatic Step 7 — known CVE vulnerabilities
Every CVE whose affected-product data names Siemens Simatic Step 7, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2023-25910 — CVSS 10.0 (critical): A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC…
CVE-2020-7587 — CVSS 8.2 (high): A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions <…
CVE-2020-7586 — CVSS 7.8 (high): A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC…
CVE-2020-7585 — CVSS 7.8 (high): A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC…
CVE-2021-42029 — CVSS 7.8 (high): A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16…
CVE-2012-3015 — CVSS 6.9 (medium): Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other…
CVE-2015-1594 — CVSS 6.9 (medium): Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC…
CVE-2015-1601 — CVSS 6.8 (medium): Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or…
CVE-2020-7580 — CVSS 6.7 (medium): A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1…
CVE-2020-7581 — CVSS 6.7 (medium): A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions <…
CVE-2016-7165 — CVSS 6.4 (medium): A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0…
CVE-2019-10929 — CVSS 5.9 (medium): A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS…
CVE-2020-7588 — CVSS 5.3 (medium): A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions <…
CVE-2016-7959 — CVSS 4.7 (medium): Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local…
CVE-2015-1356 — CVSS 4.4 (medium): Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity…
CVE-2022-46141 — CVSS 4.2 (medium): A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could…
CVE-2016-7960 — CVSS 2.5 (low): Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it…
CVE-2015-1355 — CVSS 2.1 (low): Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine…
CVE-2015-1602 — CVSS 2.1 (low): Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it…