Siemens Simatic Wincc Open Architecture — known CVE vulnerabilities
Every CVE whose affected-product data names Siemens Simatic Wincc Open Architecture, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2018-3991 — CVSS 10.0 (critical): An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version…
CVE-2018-13799 — CVSS 9.1 (critical): A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Improper access control to a data…
CVE-2014-1697 — CVSS 7.5 (high): The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via…
CVE-2020-7580 — CVSS 6.7 (medium): A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1…
CVE-2019-10929 — CVSS 5.9 (medium): A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS…
CVE-2014-1699 — CVSS 5.0 (medium): Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via…
CVE-2014-1698 — CVSS 5.0 (medium): Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via…
CVE-2014-1696 — CVSS 5.0 (medium): Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash algorithm for passwords, which makes it easier for remote attackers to…