Publication Date:
Last Update:
Current Version: V1.8
CVSS v3.1 Base Score: 9.8
CVSS v4.0 Base Score: 8.2
Affected Product and Versions Remediation

All versions < V1.1
affected by all CVEs
CVE-2020-12762
CVE-2021-3759
CVE-2021-4037
CVE-2021-33655
CVE-2021-44879
CVE-2022-0171
CVE-2022-1012
CVE-2022-1015
CVE-2022-1184
CVE-2022-1292
CVE-2022-1343
CVE-2022-1434
CVE-2022-1462
CVE-2022-1473
CVE-2022-1679
CVE-2022-1852
CVE-2022-1882
CVE-2022-2068
CVE-2022-2078
CVE-2022-2097
CVE-2022-2153
CVE-2022-2274
CVE-2022-2327
CVE-2022-2503
CVE-2022-2586
CVE-2022-2588
CVE-2022-2602
CVE-2022-2663
CVE-2022-2905
CVE-2022-2959
CVE-2022-2978
CVE-2022-3028
CVE-2022-3104
CVE-2022-3115
CVE-2022-3169
CVE-2022-3303
CVE-2022-3521
CVE-2022-3524
CVE-2022-3534
CVE-2022-3545
CVE-2022-3564
CVE-2022-3565
CVE-2022-3586
CVE-2022-3594
CVE-2022-3606
CVE-2022-3621
CVE-2022-3625
CVE-2022-3628
CVE-2022-3629
CVE-2022-3633
CVE-2022-3635
CVE-2022-3646
CVE-2022-3649
CVE-2022-4095
CVE-2022-4129
CVE-2022-4139
CVE-2022-4269
CVE-2022-4304
CVE-2022-4450
CVE-2022-4662
CVE-2022-20421
CVE-2022-20422
CVE-2022-20566
CVE-2022-20572
CVE-2022-21123
CVE-2022-21125
CVE-2022-21166
CVE-2022-21505
CVE-2022-26373
CVE-2022-32250
CVE-2022-32296
CVE-2022-34918
CVE-2022-36123
CVE-2022-36280
CVE-2022-36879
CVE-2022-36946
CVE-2022-39188
CVE-2022-39190
CVE-2022-40307
CVE-2022-40768
CVE-2022-41218
CVE-2022-41222
CVE-2022-41674
CVE-2022-41849
CVE-2022-41850
CVE-2022-42328
CVE-2022-42329
CVE-2022-42432
CVE-2022-42703
CVE-2022-42719
CVE-2022-42720
CVE-2022-42721
CVE-2022-42722
CVE-2022-42895
CVE-2022-42896
CVE-2022-43750
CVE-2022-47518
CVE-2022-47520
CVE-2022-47929
CVE-2022-47946
CVE-2023-0215
CVE-2023-0286
CVE-2023-0464
CVE-2023-0465
CVE-2023-0466
CVE-2023-0590
CVE-2023-1077
CVE-2023-1095
CVE-2023-1206
CVE-2023-2898
CVE-2023-3141
CVE-2023-3268
CVE-2023-3338
CVE-2023-3389
CVE-2023-3446
CVE-2023-3609
CVE-2023-3610
CVE-2023-3611
CVE-2023-3772
CVE-2023-3773
CVE-2023-3777
CVE-2023-4004
CVE-2023-4015
CVE-2023-4273
CVE-2023-4623
CVE-2023-4911
CVE-2023-4921
CVE-2023-5178
CVE-2023-5197
CVE-2023-5678
CVE-2023-5717
CVE-2023-6606
CVE-2023-6931
CVE-2023-6932
CVE-2023-7008
CVE-2023-7104
CVE-2023-23454
CVE-2023-23455
CVE-2023-23559
CVE-2023-26607
CVE-2023-31085
CVE-2023-31436
CVE-2023-32233
CVE-2023-35001
CVE-2023-35827
CVE-2023-36660
CVE-2023-37453
CVE-2023-39189
CVE-2023-39192
CVE-2023-39193
CVE-2023-39194
CVE-2023-42753
CVE-2023-42754
CVE-2023-42755
CVE-2023-45863
CVE-2023-45871
CVE-2023-48795
CVE-2023-50495
CVE-2023-51384
CVE-2023-51385
CVE-2023-51767
CVE-2024-0232
CVE-2024-0553
CVE-2024-0567
CVE-2024-0584
CVE-2024-0684
CVE-2024-22365
CVE-2024-25062
Update to V1.1 or later version
  • Only build and run applications from trusted sources

Product-specific remediations or mitigations can be found in the section Affected Products and Solution.
Please follow the General Security Recommendations.

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Un-/Collapse All

This chapter describes all vulnerabilities (CVE-IDs) addressed in this security advisory. Wherever applicable, it also documents the product-specific impact of the individual vulnerabilities.

CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-190: Integer Overflow or Wraparound
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-400: Uncontrolled Resource Consumption
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-284: Improper Access Control
CVSS v3.1 Base Score 6.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-459: Incomplete Cleanup
CVSS v3.1 Base Score 8.2
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-401: Missing Release of Memory after Effective Lifetime
CVSS v3.1 Base Score 6.6
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 9.8
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSS v3.1 Base Score 5.3
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
CWE CWE-295: Improper Certificate Validation
CVSS v3.1 Base Score 5.9
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
CWE CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CVSS v3.1 Base Score 6.3
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS v3.1 Base Score 7.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-404: Improper Resource Shutdown or Release
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 9.8
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-121: Stack-based Buffer Overflow
CVSS v3.1 Base Score 5.3
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-326: Inadequate Encryption Strength
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 9.8
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-415: Double Free
CVSS v3.1 Base Score 6.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-287: Improper Authentication
CVSS v3.1 Base Score 6.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 7.0
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 5.3
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
CWE CWE-923: Improper Restriction of Communication Channel to Intended Endpoints
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 7.0
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.0
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 4.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS v3.1 Base Score 2.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
CWE CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS v3.1 Base Score 5.3
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-404: Improper Resource Shutdown or Release
CVSS v3.1 Base Score 8.0
CVSS v3.1 Vector CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS v3.1 Base Score 7.1
CVSS v3.1 Vector CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 5.3
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
CWE CWE-404: Improper Resource Shutdown or Release
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 6.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS v3.1 Base Score 6.6
CVSS v3.1 Vector CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVSS v3.1 Base Score 3.3
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
CWE CWE-401: Missing Release of Memory after Effective Lifetime
CVSS v3.1 Base Score 3.3
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
CWE CWE-401: Missing Release of Memory after Effective Lifetime
CVSS v3.1 Base Score 7.0
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS v3.1 Base Score 4.3
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
CWE CWE-404: Improper Resource Shutdown or Release
CVSS v3.1 Base Score 7.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-667: Improper Locking
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-401: Missing Release of Memory after Effective Lifetime
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-833: Deadlock
CVSS v3.1 Base Score 5.9
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
CWE CWE-326: Inadequate Encryption Strength
CVSS v3.1 Base Score 5.9
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
CWE CWE-415: Double Free
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-455: Non-exit on Failed Initialization
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.0
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 6.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-863: Incorrect Authorization
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-459: Incomplete Cleanup
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-459: Incomplete Cleanup
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-459: Incomplete Cleanup
CVSS v3.1 Base Score 6.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-305: Authentication Bypass by Primary Weakness
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-311: Missing Encryption of Sensitive Data
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 3.3
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-203: Observable Discrepancy
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-311: Missing Encryption of Sensitive Data
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 7.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 4.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-400: Uncontrolled Resource Consumption
CVSS v3.1 Base Score 4.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-668: Exposure of Resource to Wrong Sphere
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.0
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 8.1
CVSS v3.1 Vector CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 4.2
CVSS v3.1 Vector CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS v3.1 Base Score 4.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-667: Improper Locking
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-667: Improper Locking
CVSS v3.1 Base Score 4.4
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-457: Use of Uninitialized Variable
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 8.8
CVSS v3.1 Vector CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 6.5
CVSS v3.1 Vector CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-824: Access of Uninitialized Pointer
CVSS v3.1 Base Score 8.8
CVSS v3.1 Vector CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 6.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 7.1
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 5.9
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.4
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 7.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-295: Improper Certificate Validation
CVSS v3.1 Base Score 5.3
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
CWE CWE-295: Improper Certificate Validation
CVSS v3.1 Base Score 5.3
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
CWE CWE-295: Improper Certificate Validation
CVSS v3.1 Base Score 4.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 5.7
CVSS v3.1 Vector CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-400: Uncontrolled Resource Consumption
CVSS v3.1 Base Score 4.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 7.1
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.1
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 6.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 5.3
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
CWE CWE-1333: Inefficient Regular Expression Complexity
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 8.4
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 6.0
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
CWE CWE-121: Stack-based Buffer Overflow
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-121: Stack-based Buffer Overflow
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 8.8
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 5.3
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
CWE CWE-754: Improper Check for Unusual or Exceptional Conditions
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 7.1
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 5.9
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
CWE CWE-300: Channel Accessible by Non-Endpoint
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE CWE-122: Heap-based Buffer Overflow
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-190: Integer Overflow or Wraparound
CVSS v3.1 Base Score 7.1
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-369: Divide By Zero
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 7.8
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 7.0
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 9.8
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 4.6
CVSS v3.1 Vector CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 5.1
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 6.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 6.1
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 3.2
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 7.0
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-476: NULL Pointer Dereference
CVSS v3.1 Base Score 6.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CWE CWE-125: Out-of-bounds Read
CVSS v3.1 Base Score 6.4
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-787: Out-of-bounds Write
CVSS v3.1 Base Score 9.8
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVSS v3.1 Base Score 5.9
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
CVSS v4.0 Base Score 8.2
CVSS v4.0 Vector CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
CWE CWE-222: Truncation of Security-relevant Information
CVSS v3.1 Base Score 6.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 6.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
CWE CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSS v3.1 Base Score 7.0
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 4.7
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 7.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CWE CWE-203: Observable Discrepancy
CVSS v3.1 Base Score 7.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-347: Improper Verification of Cryptographic Signature
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE CWE-416: Use After Free
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-122: Heap-based Buffer Overflow
CVSS v3.1 Base Score 5.5
CVSS v3.1 Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-20: Improper Input Validation
CVSS v3.1 Base Score 5.9
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE CWE-416: Use After Free

This advisory is no longer maintained.
It listed vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (https://cert-portal.siemens.com/productcert/html/ssa-265688.html).

https://www.siemens.com/cert/advisories
V1.0 (2023-06-13): Publication Date
V1.1 (2023-07-11): Added CVE-2022-4269, CVE-2023-3141, CVE-2023-3268, CVE-2023-31436, CVE-2023-32233
V1.2 (2023-08-08): Added CVE-2023-3446, CVE-2023-3389, CVE-2022-1015, CVE-2023-3609
V1.3 (2023-09-12): Added CVE-2023-3338
V1.4 (2023-11-14): Added CVE-2023-1206, CVE-2023-2898, CVE-2023-3610, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4273, CVE-2023-4623, CVE-2023-4921, CVE-2023-35001, CVE-2023-37453, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42753, CVE-2023-42755
V1.5 (2023-12-12): Added CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5678, CVE-2023-5717, CVE-2023-31085, CVE-2023-35827, CVE-2023-39189, CVE-2023-42754, CVE-2023-45863, CVE-2023-45871
V1.6 (2024-01-09): Added CVE-2023-48795
V1.7 (2024-02-13): Added CVE-2020-12762, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932, CVE-2023-7008, CVE-2023-7104, CVE-2023-36660, CVE-2023-50495, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-0232, CVE-2024-0553, CVE-2024-0567, CVE-2024-0584, CVE-2024-0684, CVE-2024-22365, CVE-2024-25062
V1.8 (2024-04-09): Added fix for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem