Siemens SIMATIC WinCC OA 3.16

CPE Details

Siemens SIMATIC WinCC OA 3.16
siemens
simatic_wincc_oa
3.16
2022-12-15
17h14 +00:00
2022-12-30
11h55 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:siemens:simatic_wincc_oa:3.16:-:*:*:*:*:*:*

Informations

Vendor

siemens

Product

simatic_wincc_oa

Version

3.16

Update

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-44731 2022-12-12 23h00 +00:00 A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions < V3.15 P038), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035), SIMATIC WinCC OA V3.17 (All versions < V3.17 P024), SIMATIC WinCC OA V3.18 (All versions < V3.18 P014). The affected component allows to inject custom arguments to the Ultralight Client backend application under certain circumstances. This could allow an authenticated remote attacker to inject arbitrary parameters when starting the client via the web interface (e.g., open attacker chosen panels with the attacker's credentials or start a Ctrl script).
5.4
Medium
CVE-2021-41057 2021-11-14 19h21 +00:00 In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions.
7.1
High