Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Siemens AG — Vulnerabilities & Security Advisories 135

Browse all 135 CVE security advisories affecting Siemens AG. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Siemens AG operates as a global conglomerate specializing in industrial automation, energy infrastructure, and healthcare technology. Its extensive portfolio of programmable logic controllers, human-machine interfaces, and medical imaging systems presents a broad attack surface, resulting in 135 recorded Common Vulnerabilities and Exposures. Historically, the most prevalent vulnerability classes affecting Siemens products include remote code execution, cross-site scripting, and privilege escalation flaws. These defects often stem from legacy protocols lacking robust authentication mechanisms or insecure default configurations in industrial control systems. Notable security incidents have highlighted risks associated with unpatched firmware and weak cryptographic implementations, particularly within SCADA environments. The company has responded by enhancing its product security lifecycle and issuing regular security advisories. However, the complexity of integrating these devices into critical infrastructure continues to pose significant challenges for defenders seeking to mitigate potential exploitation vectors effectively.

Top products by Siemens AG: SICAM MMU SINUMERIK 808D V4.7, SINUMERIK 808D V4.8, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SICLOCK TC100, SICLOCK TC400 SCALANCE M875 SIMATIC PCS 7 V8.0 and earlier SINEMA Remote Connect Server EN100 Ethernet module DNP3 variant SIMATIC HMI Comfort Panels 4" - 22" TeleControl Server Basic Siveillance VMS 2017 R2 SIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) SIMATIC RTLS Locating Manager XHQ Polarion SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 ROX II SCALANCE SC-600 SIEMENS LOGO!8 SINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules Firmware variant IEC 61850 for EN100 Ethernet module SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 TIM 1531 IRC Automation License Manager 5 SIMATIC S7-300 CPU family Polarion Subversion Webclient Spectrum Power 4 SIMATIC S7-1200 CPU family (incl. SIPLUS variants) SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) SIMATIC IT UADM
CVE IDTitleCVSSSeverityPublished
CVE-2018-4859 Siemens SCALANCE M875 操作系统命令注入漏洞 — SCALANCE M875CWE-78 7.2 -2018-06-26
CVE-2018-4860 Siemens SCALANCE M875 操作系统命令注入漏洞 — SCALANCE M875CWE-78 7.2 -2018-06-26
CVE-2018-4861 Siemens SCALANCE M875 信息泄露漏洞 — SCALANCE M875CWE-22 4.9 -2018-06-26
CVE-2018-4850 Siemens SIMATIC S7-400和SIMATIC S7-400H 安全漏洞 — SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below, SIMATIC S7-400 (incl. F) CPU hardware version 5.0, SIMATIC S7-400H CPU hardware version 4.5 and belowCWE-20 7.5 -2018-05-16
CVE-2018-4849 Siemens Siveillance VMS Video for Android和iOS 安全漏洞 — Siveillance VMS Video for Android, Siveillance VMS Video for iOSCWE-295 7.4 -2018-05-03
CVE-2018-4847 Siemens SIMATIC WinCC OA Operator iOS App 安全漏洞 — SIMATIC WinCC OA Operator iOS AppCWE-538 4.6 -2018-04-23
CVE-2018-4841 Siemens TIM 1531 IRC 安全漏洞 — TIM 1531 IRCCWE-303 9.8 -2018-03-29
CVE-2018-4844 Siemens SIMATIC WinCC OA UI for Android和iOS 安全漏洞 — SIMATIC WinCC OA UI for Android, SIMATIC WinCC OA UI for iOSCWE-284 7.3 -2018-03-20
CVE-2018-4838 多款Siemens产品访问控制错误漏洞 — EN100 Ethernet module IEC 61850 variant--2018-03-08
CVE-2018-4835 Siemens TeleControl Server Basic 安全漏洞 — TeleControl Server BasicCWE-287 5.3 -2018-01-25
CVE-2018-4836 Siemens TeleControl Server Basic 安全漏洞 — TeleControl Server BasicCWE-287 8.8 -2018-01-25
CVE-2018-4837 Siemens TeleControl Server Basic 安全漏洞 — TeleControl Server BasicCWE-400 7.5 -2018-01-25
CVE-2017-6865 多款Siemens产品输入验证漏洞 — Primary Setup Tool (PST) 6.2 -2017-05-11
CVE-2016-9158 Siemens SIMATIC S7-300和S7-400 CPUs 输入验证错误漏洞 — SIMATIC S7-300 CPU familyCWE-20 7.5 -2016-12-17
CVE-2016-9159 Siemens SIMATIC S7-300和S7-400 CPUs 信息泄露漏洞 — SIMATIC S7-300 CPU familyCWE-200 7.5 -2016-12-17

This page lists every published CVE security advisory associated with Siemens AG. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.