Vulnerabilities
Prioritised list of detected vulnerabilities across your OT assets.
93 findings
| Risk | Vulnerability | CVE | Device | Detected | CVSS | |
|---|---|---|---|---|---|---|
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | pcs7_engineering_01Siemens · PCS 7 V8.2 | 1968-12-06 | 6.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | switch_24Siemens · SCALANCE X-216 | 1967-09-27 | 3.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | pcs7_server_01Siemens · PCS 7 V9.1 | 1968-07-10 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | pcs7_engineering_01Siemens · PCS 7 V8.2 | 1969-12-22 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | hmi_mixer_03Siemens · SIMATIC HMI KTP1200 | 1968-05-21 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | switch_25Siemens · SCALANCE X-307-2 EEC | 1969-04-09 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | switch_24Siemens · SCALANCE X-216 | 1969-10-01 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | switch_02Cisco · Catalyst IE 3400 | 1967-10-07 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | ewon_flexy_02HMS · Ewon Flexy 14.x | 1969-08-02 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | mix_switchSiemens · CPU 1215C AC/DC/Rly SIPLUS | 1968-08-22 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | peripheral_001Siemens · IM 154-8 PN/DP CPU | 1969-02-13 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | kuka_krc_03KUKA · KSS 8.x | 1967-07-27 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | sinaut_01Siemens · SINAUT SIMATIC Teleservice V16.x | 1968-12-29 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | wincc_server_01Siemens · WinCC V7.5 | 1969-04-08 | 7.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | hmi_mixer_03Siemens · SIMATIC HMI KTP1200 | 1968-11-02 | 6.5 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | oldMachineControlSiemens · SIMATIC CPU 315-2 PN/DP | 1969-12-15 | 6.4 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | switch_25Siemens · SCALANCE X-307-2 EEC | 1968-12-29 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | controllogix_northRockwell · ControlLogix 1756-L8x | 1968-07-02 | 5.9 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | mix_switchSiemens · CPU 1215C AC/DC/Rly SIPLUS | 1969-10-21 | 3.1 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | kuka_krc_03KUKA · KSS 8.x | 1968-12-03 | 3.1 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | hmi_packaging_01Siemens · SIMATIC HMI Comfort V16.x | 1967-08-25 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | switch_01Hirschmann · RSPE 35 | 1968-03-30 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | reactorControl_001Siemens · SIMATIC CPU 416-3 PN/DP | 1968-02-29 | 7.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | pcs7_server_01Siemens · PCS 7 V9.1 | 1969-03-20 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | abb_800xa_node_02ABB · System 800xA V7.1 | 1970-01-01 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | switch_24Siemens · SCALANCE X-216 | 1969-01-29 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | switch_01Hirschmann · RSPE 35 | 1968-02-20 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | cloudconnectorSiemens · Simatic Cloud Connect 7 | 1969-07-08 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | oldMachineControlSiemens · SIMATIC CPU 315-2 PN/DP | 1967-11-27 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | mix_switchSiemens · CPU 1215C AC/DC/Rly SIPLUS | 1967-10-12 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | powerlogic_ion9000Schneider · PowerLogic ION9000 | 1968-05-09 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | kuka_krc_03KUKA · KSS 8.x | 1968-08-29 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | wincc_server_01Siemens · WinCC V7.5 | 1967-12-26 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | aveva_intouch_02AVEVA · InTouch 2023 | 1968-02-29 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | factorytalk_view_03Rockwell · FactoryTalk View SE 13.x | 1968-08-04 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | rexroth_indradrive_03Bosch Rexroth · IndraDrive C V6.x | 1969-12-19 | 6.5 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | pcs7_server_01Siemens · PCS 7 V9.1 | 1968-09-18 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | abb_800xa_node_02ABB · System 800xA V7.1 | 1969-04-21 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | pcs7_engineering_01Siemens · PCS 7 V8.2 | 1969-10-13 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | hmi_packaging_01Siemens · SIMATIC HMI Comfort V16.x | 1967-11-03 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | switch_25Siemens · SCALANCE X-307-2 EEC | 1969-01-29 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | switch_24Siemens · SCALANCE X-216 | 1969-07-23 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | switch_01Hirschmann · RSPE 35 | 1968-01-20 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | reactorControl_001Siemens · SIMATIC CPU 416-3 PN/DP | 1967-12-21 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | mix_switchSiemens · CPU 1215C AC/DC/Rly SIPLUS | 1968-06-13 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | powerlogic_ion9000Schneider · PowerLogic ION9000 | 1969-10-16 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | kuka_krc_03KUKA · KSS 8.x | 1967-10-05 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | wincc_server_01Siemens · WinCC V7.5 | 1969-06-17 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | aveva_intouch_02AVEVA · InTouch 2023 | 1968-07-23 | 6.4 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | pcs7_server_01Siemens · PCS 7 V9.1 | 1968-10-19 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | pcs7_engineering_01Siemens · PCS 7 V8.2 | 1969-09-12 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | hmi_mixer_03Siemens · SIMATIC HMI KTP1200 | 1968-02-10 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | switch_24Siemens · SCALANCE X-216 | 1969-06-22 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | cloudconnectorSiemens · Simatic Cloud Connect 7 | 1968-05-08 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | oldMachineControlSiemens · SIMATIC CPU 315-2 PN/DP | 1969-11-14 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | modicon_m580_01Schneider · Modicon M580 | 1968-01-09 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | fanuc_arm_01FANUC · R-30iB Plus | 1968-10-20 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | scadapack_57x_01Schneider · SCADAPack 57x | 1968-03-28 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | wincc_server_01Siemens · WinCC V7.5 | 1969-07-18 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | aveva_intouch_02AVEVA · InTouch 2023 | 1969-01-24 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | factorytalk_view_03Rockwell · FactoryTalk View SE 13.x | 1968-12-14 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | rexroth_indradrive_03Bosch Rexroth · IndraDrive C V6.x | 1969-02-02 | 5.9 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | altivar_atv930_04Schneider · Altivar ATV930 V4.x | 1968-08-11 | 5.9 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | ewon_flexy_02HMS · Ewon Flexy 14.x | 1969-10-02 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | peripheral_001Siemens · IM 154-8 PN/DP CPU | 1967-10-31 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | sinaut_01Siemens · SINAUT SIMATIC Teleservice V16.x | 1968-08-02 | 3.5 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | switch_02Cisco · Catalyst IE 3400 | 1969-07-29 | 3.1 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | sentron_meter_bSiemens · SENTRON PAC V8.x | 1967-12-31 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | honeywell_st800_01Honeywell · SmartLine ST800 V4.x | 1969-10-09 | 7.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | modicon_m580_01Schneider · Modicon M580 | 1969-10-12 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | sentron_meter_aSiemens · SENTRON PAC V9.x | 1967-10-17 | 6.5 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | hmi_bottling_02Rockwell · PanelView Plus 10.x | 1967-09-19 | 6.4 | ||
OpenSSL Vulnerability in Industrial Products | CVE-2021-3712 | sitrans_p_02Siemens · SITRANS P V3.x | 1969-06-26 | 6.4 | ||
Timing-Based Side-Channel Vulnerability in the OpenSSL RSA Decryption Implementation | CVE-2022-4304 | iot2050_edge_01Siemens · IOT2050 | 1968-10-30 | 5.9 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | pcs7_engineering_01Siemens · PCS 7 V8.2 | 1967-08-04 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | hmi_mixer_03Siemens · SIMATIC HMI KTP1200 | 1969-10-28 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | switch_25Siemens · SCALANCE X-307-2 EEC | 1969-01-06 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | oldMachineControlSiemens · SIMATIC CPU 315-2 PN/DP | 1968-04-17 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | controllogix_northRockwell · ControlLogix 1756-L8x | 1968-04-25 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | fanuc_arm_01FANUC · R-30iB Plus | 1969-03-05 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | abb_robot_02ABB · RobotWare 7.x | 1969-06-08 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | scadapack_57x_01Schneider · SCADAPack 57x | 1967-07-24 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | wincc_server_01Siemens · WinCC V7.5 | 1969-02-08 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | altivar_atv930_04Schneider · Altivar ATV930 V4.x | 1967-11-29 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | promass_flow_05Endress+Hauser · Proline Promass V5.x | 1969-04-21 | 3.5 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | pcs7_engineering_01Siemens · PCS 7 V8.2 | 1968-08-26 | 3.1 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | hmi_mixer_03Siemens · SIMATIC HMI KTP1200 | 1968-11-18 | 3.1 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | switch_25Siemens · SCALANCE X-307-2 EEC | 1967-08-23 | 3.1 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | switch_24Siemens · SCALANCE X-216 | 1968-07-03 | 3.1 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | ewon_flexy_02HMS · Ewon Flexy 14.x | 1968-12-14 | 3.1 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | peripheral_001Siemens · IM 154-8 PN/DP CPU | 1969-05-31 | 3.1 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | controllogix_northRockwell · ControlLogix 1756-L8x | 1968-05-05 | 3.1 | ||
Denial of Service Vulnerability in Webserver of Industrial Products | CVE-2020-15782 | sinaut_01Siemens · SINAUT SIMATIC Teleservice V16.x | 1968-01-27 | 3.1 |
