Browse all 135 CVE security advisories affecting Siemens AG. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Siemens AG operates as a global conglomerate specializing in industrial automation, energy infrastructure, and healthcare technology. Its extensive portfolio of programmable logic controllers, human-machine interfaces, and medical imaging systems presents a broad attack surface, resulting in 135 recorded Common Vulnerabilities and Exposures. Historically, the most prevalent vulnerability classes affecting Siemens products include remote code execution, cross-site scripting, and privilege escalation flaws. These defects often stem from legacy protocols lacking robust authentication mechanisms or insecure default configurations in industrial control systems. Notable security incidents have highlighted risks associated with unpatched firmware and weak cryptographic implementations, particularly within SCADA environments. The company has responded by enhancing its product security lifecycle and issuing regular security advisories. However, the complexity of integrating these devices into critical infrastructure continues to pose significant challenges for defenders seeking to mitigate potential exploitation vectors effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-11464 | 多款Siemens产品安全漏洞 — SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8CWE-248 | 7.5 | - | 2018-12-12 |
| CVE-2018-11465 | 多款Siemens产品安全漏洞 — SINUMERIK 808D V4.7, SINUMERIK 808D V4.8, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8CWE-248 | 7.8 | - | 2018-12-12 |
| CVE-2018-11466 | 多款Siemens产品安全漏洞 — SINUMERIK 808D V4.7, SINUMERIK 808D V4.8, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8CWE-248 | 7.8 | - | 2018-12-12 |
| CVE-2018-13816 | Siemens TIM 1531 IRC 授权问题漏洞 — TIM 1531 IRCCWE-284 | 9.8 | - | 2018-12-12 |
| CVE-2018-13800 | Siemens SIMATIC S7-1200 CPU family 跨站请求伪造漏洞 — SIMATIC S7-1200 CPU family version 4CWE-352 | 8.1 | - | 2018-10-10 |
| CVE-2018-13801 | Siemens RuggedCom ROX II 安全漏洞 — ROX IICWE-264 | 8.8 | - | 2018-10-10 |
| CVE-2018-13802 | Siemens RuggedCom ROX II 安全漏洞 — ROX IICWE-264 | 7.2 | - | 2018-10-10 |
| CVE-2018-13805 | 多款Siemens产品安全漏洞 — SIMATIC ET 200SP Open Controller | 7.5 | - | 2018-10-10 |
| CVE-2018-13799 | Siemens SIMATIC WinCC OA 访问控制错误漏洞 — SIMATIC WinCC OA V3.14 and priorCWE-269 | 9.1 | - | 2018-09-12 |
| CVE-2018-13806 | Siemens TD Keypad Designer 安全漏洞 — SIEMENS TD Keypad DesignerCWE-427 | 7.8 | - | 2018-09-12 |
| CVE-2018-13807 | Siemens SCALANCE X300、SCALANCE X408和SCALANCE X414 安全漏洞 — SCALANCE X300, SCALANCE X408, SCALANCE X414CWE-20 | 8.6 | - | 2018-09-12 |
| CVE-2018-11453 | Siemens SIMATIC STEP 7和WinCC 安全漏洞 — SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15CWE-276 | 8.4 | - | 2018-08-07 |
| CVE-2018-11454 | Siemens SIMATIC STEP 7和WinCC 安全漏洞 — SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15CWE-276 | 8.4 | - | 2018-08-07 |
| CVE-2018-11455 | Siemens Automation License Manager 安全漏洞 — Automation License Manager 5, Automation License Manager 6CWE-22 | 8.8 | - | 2018-08-07 |
| CVE-2018-11456 | Siemens Automation License Manager 安全漏洞 — Automation License Manager 5CWE-284 | 5.8 | - | 2018-08-07 |
| CVE-2018-11451 | Siemens EN100 Ethernet Communication Module和SIPROTEC 5 relays 输入验证漏洞 — Firmware variant IEC 61850 for EN100 Ethernet module | 7.5 | - | 2018-07-23 |
| CVE-2018-11452 | Siemens EN100 Ethernet Communication Module 输入验证漏洞 — Firmware variant IEC 61850 for EN100 Ethernet module | 7.5 | - | 2018-07-23 |
| CVE-2018-11450 | Siemens PLM Software TEAMCENTER 跨站脚本漏洞 — Siemens PLM Software TEAMCENTERCWE-79 | 6.1 | - | 2018-07-09 |
| CVE-2018-4858 | 多款Siemens产品安全漏洞 — IEC 61850 system configurator, DIGSI 5 (affected as IEC 61850 system configurator is incorporated), DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, SICAM SCCCWE-284 | 7.1 | - | 2018-07-09 |
| CVE-2018-4851 | Siemens SICLOCK TC100和SICLOCK TC400 安全漏洞 — SICLOCK TC100, SICLOCK TC400CWE-399 | 7.5 | - | 2018-07-03 |
| CVE-2018-4852 | Siemens SICLOCK TC100和SICLOCK TC400 安全漏洞 — SICLOCK TC100, SICLOCK TC400CWE-288 | 9.8 | - | 2018-07-03 |
| CVE-2018-4853 | Siemens SICLOCK TC100和SICLOCK TC400 安全漏洞 — SICLOCK TC100, SICLOCK TC400CWE-306 | 7.5 | - | 2018-07-03 |
| CVE-2018-4854 | Siemens SICLOCK TC100和SICLOCK TC400 安全漏洞 — SICLOCK TC100, SICLOCK TC400CWE-306 | 8.8 | - | 2018-07-03 |
| CVE-2018-4855 | Siemens SICLOCK TC100和SICLOCK TC400 安全漏洞 — SICLOCK TC100, SICLOCK TC400CWE-311 | 5.7 | - | 2018-07-03 |
| CVE-2018-4856 | Siemens SICLOCK TC100和SICLOCK TC400 安全漏洞 — SICLOCK TC100, SICLOCK TC400CWE-287 | 4.9 | - | 2018-07-03 |
| CVE-2018-11447 | Siemens SCALANCE M875 跨站请求伪造漏洞 — SCALANCE M875CWE-121 | 8.8 | - | 2018-06-26 |
| CVE-2018-11448 | Siemens SCALANCE M875 跨站脚本漏洞 — SCALANCE M875CWE-352 | 4.8 | - | 2018-06-26 |
| CVE-2018-11449 | Siemens SCALANCE M875 信任管理漏洞 — SCALANCE M875CWE-79 | 7.8 | - | 2018-06-26 |
| CVE-2018-4845 | Siemens RAPIDLab和RAPIDPoint 权限许可和访问控制问题漏洞 — RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems, RAPIDLab 1200 Series, RAPIDPoint 500 systems, RAPIDPoint 500 systems, RAPIDPoint 500 systems, RAPIDPoint 400 systemsCWE-284 | 8.8 | - | 2018-06-26 |
| CVE-2018-4846 | 多款Siemens产品安全漏洞 — RAPIDLab 1200 systems RAPIDPoint 400 systems RAPIDPoint 500 systems RAPIDLab 1200 Series RAPIDPoint 500 systems RAPIDPoint 500 systems RAPIDPoint 500 systems RAPIDPoint 400 systemsCWE-798 | 8.8 | - | 2018-06-26 |
This page lists every published CVE security advisory associated with Siemens AG. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.