Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Siemens AG — Vulnerabilities & Security Advisories 135

Browse all 135 CVE security advisories affecting Siemens AG. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Siemens AG operates as a global conglomerate specializing in industrial automation, energy infrastructure, and healthcare technology. Its extensive portfolio of programmable logic controllers, human-machine interfaces, and medical imaging systems presents a broad attack surface, resulting in 135 recorded Common Vulnerabilities and Exposures. Historically, the most prevalent vulnerability classes affecting Siemens products include remote code execution, cross-site scripting, and privilege escalation flaws. These defects often stem from legacy protocols lacking robust authentication mechanisms or insecure default configurations in industrial control systems. Notable security incidents have highlighted risks associated with unpatched firmware and weak cryptographic implementations, particularly within SCADA environments. The company has responded by enhancing its product security lifecycle and issuing regular security advisories. However, the complexity of integrating these devices into critical infrastructure continues to pose significant challenges for defenders seeking to mitigate potential exploitation vectors effectively.

Top products by Siemens AG: SICAM MMU SINUMERIK 808D V4.7, SINUMERIK 808D V4.8, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SICLOCK TC100, SICLOCK TC400 SCALANCE M875 SIMATIC PCS 7 V8.0 and earlier SINEMA Remote Connect Server EN100 Ethernet module DNP3 variant SIMATIC HMI Comfort Panels 4" - 22" TeleControl Server Basic Siveillance VMS 2017 R2 SIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) SIMATIC RTLS Locating Manager XHQ Polarion SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 ROX II SCALANCE SC-600 SIEMENS LOGO!8 SINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules Firmware variant IEC 61850 for EN100 Ethernet module SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 TIM 1531 IRC Automation License Manager 5 SIMATIC S7-300 CPU family Polarion Subversion Webclient Spectrum Power 4 SIMATIC S7-1200 CPU family (incl. SIPLUS variants) SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) SIMATIC IT UADM
CVE IDTitleCVSSSeverityPublished
CVE-2019-13941 Siemens OZW672和OZW772 授权问题漏洞 — OZW672CWE-552 5.3 -2020-02-11
CVE-2019-19278 Siemens SINAMICS PERFECT HARMONY GH180 竞争条件问题漏洞 — SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR32..-.....-.... MLFB 6SR4...-.....-.... MLFB 6SR5...-.....-.... With option A30 (HMIs 12 inches or larger)CWE-693 6.8 -2020-01-16
CVE-2019-10940 Siemens SINEMA Server 安全漏洞 — SINEMA ServerCWE-266 9.9 -2020-01-16
CVE-2019-13944 Siemens EN100 Ethernet module 路径遍历漏洞 — EN100 Ethernet module DNP3 variantCWE-23 5.3 -2019-12-12
CVE-2019-13943 Siemens EN100 Ethernet Module 跨站脚本漏洞 — EN100 Ethernet module DNP3 variantCWE-79 6.1 -2019-12-12
CVE-2019-13942 Siemens EN100 Ethernet Module 缓冲区错误漏洞 — EN100 Ethernet module DNP3 variantCWE-119 7.5 -2019-12-12
CVE-2019-13932 Siemens XHQ Operations Intelligence 安全漏洞 — XHQCWE-20 8.2 -2019-12-12
CVE-2019-13931 Siemens XHQ Operations Intelligence 跨站脚本漏洞 — XHQCWE-80 5.4 -2019-12-12
CVE-2019-13930 Siemens XHQ Operations Intelligence 跨站请求伪造漏洞 — XHQCWE-352 8.1 -2019-12-12
CVE-2019-13945 Siemens SIMATIC S7-200和S7-1200 输入验证错误漏洞 — SIMATIC S7-1200 CPU family (incl. SIPLUS variants)CWE-749 6.1 -2019-12-12
CVE-2019-13927 Siemens Desigo PX 安全漏洞 — Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2CWE-472 8.2 -2019-12-12
CVE-2019-13936 Siemens Polarion webclient 跨站脚本漏洞 — PolarionCWE-79 3.5 Low2019-11-27
CVE-2019-13935 Siemens Polarion webclient 跨站脚本漏洞 — PolarionCWE-79 3.5 Low2019-11-27
CVE-2019-13934 Siemens Polarion webclient 跨站脚本漏洞 — PolarionCWE-79 3.5 Low2019-11-27
CVE-2019-13929 Siemens SIMATIC IT Unified Architecture Discrete Manufacturing 安全特征问题漏洞 — SIMATIC IT UADMCWE-321 6.5 -2019-10-10
CVE-2019-13921 Siemens SIMATIC WinAC RTX(F)2010 资源管理错误漏洞 — SIMATIC WinAC RTX (F) 2010CWE-410 7.5 -2019-10-10
CVE-2019-13923 Siemens IE-WSN-PA Link WirelessHART Gateway 跨站脚本漏洞 — IE/WSN-PA Link WirelessHART GatewayCWE-80 6.1 -2019-09-13
CVE-2019-13922 Siemens SINEMA Remote Connect Server 安全漏洞 — SINEMA Remote Connect ServerCWE-311 4.9 -2019-09-13
CVE-2019-13920 Siemens SINEMA Remote Connect Server 跨站请求伪造漏洞 — SINEMA Remote Connect ServerCWE-352 4.3 -2019-09-13
CVE-2019-13919 西门子 SINEMA Remote Connect Server 安全漏洞 — SINEMA Remote Connect ServerCWE-284 4.3 -2019-09-13
CVE-2019-13918 Siemens SINEMA Remote Connect Server 安全漏洞 — SINEMA Remote Connect ServerCWE-307 9.8 -2019-09-13
CVE-2019-10937 Siemens SIMATIC TDC CP51M1 输入验证错误漏洞 — SIMATIC TDC CP51M1CWE-20 7.5 -2019-09-13
CVE-2019-10928 Siemens SCALANCE SC-600 命令注入漏洞 — SCALANCE SC-600CWE-703 6.6 -2019-08-13
CVE-2019-10927 多款Siemens产品 安全漏洞 — SCALANCE SC-600CWE-703 6.5 -2019-08-13
CVE-2019-10938 Siemens SIPROTEC 5和Power Meters 访问控制错误漏洞 — SIPROTEC 5 devices with CPU variants CP200CWE-284 9.8 -2019-08-02
CVE-2019-10930 Siemens DIGSI 5 engineering software和SIPROTEC 5 - DIGSI Device Driver 代码问题漏洞 — All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modulesCWE-552 9.1 -2019-07-11
CVE-2019-10935 Siemens SIMATIC PCS 7和SIMATIC WinCC 代码问题漏洞 — SIMATIC PCS 7 V8.0 and earlierCWE-434 8.8 -2019-07-11
CVE-2019-10933 Siemens Spectrum Power 跨站脚本漏洞 — Spectrum Power 3 (Corporate User Interface)CWE-80 6.1 -2019-07-11
CVE-2019-10931 SIEMENS DIGSI 4 安全漏洞 — All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modulesCWE-248 9.1 -2019-07-11
CVE-2019-10915 Siemens TIA Administrator 访问控制错误漏洞 — TIA AdministratorCWE-306 7.8 -2019-07-11

This page lists every published CVE security advisory associated with Siemens AG. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.