CVE-2024-49775

CVSS 9.8 · Critical EPSS 5.52% · P90 Updated Jan 13, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-49775

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2501.0001), Opcenter Intelligence (All versions < V2501.0001), Opcenter Quality (All versions < V2512), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC < V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

堆缓冲区溢出

Source: NVD (National Vulnerability Database)

Vulnerability Title

Siemens Opcenter Execution Foundation 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Siemens Opcenter Execution Foundation是德国西门子（Siemens）公司的一种本地整体设备效率解决方案，用于计算 OEE 值并执行停机时间分析。 Siemens Opcenter Execution Foundation存在安全漏洞，该漏洞源于包含基于堆的缓冲区溢出漏洞，可能允许未经身份验证的远程攻击者执行任意代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE
Siemens	Opcenter Execution Foundation	0 ~ V2501.0001	-
Siemens	Opcenter Intelligence	0 ~ V2501.0001	-
Siemens	Opcenter Quality	0 ~ V2512	-
Siemens	Opcenter RDnL	0 ~ V2410	-
Siemens	SIMATIC PCS neo V4.0	0 ~ *	-
Siemens	SIMATIC PCS neo V4.1	0 ~ V4.1 Update 3	-
Siemens	SIMATIC PCS neo V5.0	0 ~ V5.0 Update 1	-
Siemens	SINEC NMS	0 ~ *	-
Siemens	Totally Integrated Automation Portal (TIA Portal) V16	0 ~ *	-
Siemens	Totally Integrated Automation Portal (TIA Portal) V17	0 ~ *	-
Siemens	Totally Integrated Automation Portal (TIA Portal) V18	0 ~ *	-
Siemens	Totally Integrated Automation Portal (TIA Portal) V19	0 ~ *	-

II. Public POCs for CVE-2024-49775

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-49775

请登录查看更多情报信息。

IV. Related Vulnerabilities

Same product: Opcenter Execution Foundation

Same vendor: Siemens

Same weakness: CWE-122

V. Comments for CVE-2024-49775

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-49775

I. Basic Information for CVE-2024-49775

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2024-49775

III. Intelligence Information for CVE-2024-49775

IV. Related Vulnerabilities

V. Comments for CVE-2024-49775

Leave a comment