Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Opcenter RDnL by Siemens

    CVE-2024-49775 (GCVE-0-2024-49775)

    Vulnerability from nvd – Published: 2024-12-16 15:06 – Updated: 2026-01-13 09:43
    VLAI
    Summary
    A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2501.0001), Opcenter Intelligence (All versions < V2501.0001), Opcenter Quality (All versions < V2512), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC < V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-49775",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-16T16:33:33.058713Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-12T16:34:51.664Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Opcenter Execution Foundation",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2501.0001",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Opcenter Intelligence",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2501.0001",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Opcenter Quality",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2512",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Opcenter RDnL",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2410",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V4.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V4.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V4.1 Update 3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V5.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V5.0 Update 1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SINEC NMS",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V16",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V17",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V18",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V19",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2501.0001), Opcenter Intelligence (All versions \u003c V2501.0001), Opcenter Quality (All versions \u003c V2512), Opcenter RDnL (All versions \u003c V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions \u003c V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions \u003c V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC \u003c V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component.\r\nThis could allow an unauthenticated remote attacker to execute arbitrary code."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-13T09:43:48.714Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-928984.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2024-49775",
        "datePublished": "2024-12-16T15:06:04.714Z",
        "dateReserved": "2024-10-18T14:25:05.725Z",
        "dateUpdated": "2026-01-13T09:43:48.714Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-33698 (GCVE-0-2024-33698)

    Vulnerability from nvd – Published: 2024-09-10 09:36 – Updated: 2025-10-14 09:15
    VLAI
    Summary
    A vulnerability has been identified in Opcenter Quality (All versions < V2406), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions < V3.2 SP3), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 5), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 3). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Siemens Opcenter Quality Affected: 0 , < V2406 (custom)
    Create a notification for this product.
    Siemens Opcenter RDnL Affected: 0 , < V2410 (custom)
    Create a notification for this product.
    Siemens SIMATIC PCS neo V4.0 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC PCS neo V4.1 Affected: 0 , < V4.1 Update 2 (custom)
    Create a notification for this product.
    Siemens SIMATIC PCS neo V5.0 Affected: 0 , < V5.0 Update 1 (custom)
    Create a notification for this product.
    Siemens SINEC NMS Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SINEMA Remote Connect Client Affected: 0 , < V3.2 SP3 (custom)
    Create a notification for this product.
    Siemens Totally Integrated Automation Portal (TIA Portal) V16 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Totally Integrated Automation Portal (TIA Portal) V17 Affected: 0 , < V17 Update 8 (custom)
    Create a notification for this product.
    Siemens Totally Integrated Automation Portal (TIA Portal) V18 Affected: 0 , < V18 Update 5 (custom)
    Create a notification for this product.
    Siemens Totally Integrated Automation Portal (TIA Portal) V19 Affected: 0 , < V19 Update 3 (custom)
    Create a notification for this product.
    siemens simatic_pcs_neo Affected: 4.0 , < 4.1_update_2 (custom)
        cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens simatic_information_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:totally_integrated_automation_portal:16:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:totally_integrated_automation_portal:19:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:simatic_pcs_neo:5.0:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:simatic_information_server:2022:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:simatic_information_server:2024:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens totally_integrated_automation_portal Affected: 17 , < 17_update_8 (custom)
        cpe:2.3:a:siemens:totally_integrated_automation_portal:17:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "simatic_pcs_neo",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "4.1_update_2",
                    "status": "affected",
                    "version": "4.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:totally_integrated_automation_portal:16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:totally_integrated_automation_portal:19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:simatic_pcs_neo:5.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:simatic_information_server:2022:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:simatic_information_server:2024:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "simatic_information_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:totally_integrated_automation_portal:17:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "totally_integrated_automation_portal",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "17_update_8",
                    "status": "affected",
                    "version": "17",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-33698",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T17:32:07.999463Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T18:26:36.889Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Opcenter Quality",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2406",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Opcenter RDnL",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2410",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V4.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V4.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V4.1 Update 2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V5.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V5.0 Update 1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SINEC NMS",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SINEMA Remote Connect Client",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V3.2 SP3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V16",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V17",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V17 Update 8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V18",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V18 Update 5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V19",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V19 Update 3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Opcenter Quality (All versions \u003c V2406), Opcenter RDnL (All versions \u003c V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions \u003c V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions \u003c V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions \u003c V3.2 SP3), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 5), Totally Integrated Automation Portal (TIA Portal) V19 (All versions \u003c V19 Update 3). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-14T09:15:00.448Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-039007.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2024-33698",
        "datePublished": "2024-09-10T09:36:31.009Z",
        "dateReserved": "2024-04-26T12:32:09.263Z",
        "dateUpdated": "2025-10-14T09:15:00.448Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-49775 (GCVE-0-2024-49775)

    Vulnerability from cvelistv5 – Published: 2024-12-16 15:06 – Updated: 2026-01-13 09:43
    VLAI
    Summary
    A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2501.0001), Opcenter Intelligence (All versions < V2501.0001), Opcenter Quality (All versions < V2512), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC < V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-49775",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-16T16:33:33.058713Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-12T16:34:51.664Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Opcenter Execution Foundation",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2501.0001",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Opcenter Intelligence",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2501.0001",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Opcenter Quality",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2512",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Opcenter RDnL",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2410",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V4.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V4.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V4.1 Update 3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V5.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V5.0 Update 1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SINEC NMS",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V16",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V17",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V18",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V19",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2501.0001), Opcenter Intelligence (All versions \u003c V2501.0001), Opcenter Quality (All versions \u003c V2512), Opcenter RDnL (All versions \u003c V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions \u003c V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions \u003c V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC \u003c V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component.\r\nThis could allow an unauthenticated remote attacker to execute arbitrary code."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-13T09:43:48.714Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-928984.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2024-49775",
        "datePublished": "2024-12-16T15:06:04.714Z",
        "dateReserved": "2024-10-18T14:25:05.725Z",
        "dateUpdated": "2026-01-13T09:43:48.714Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-33698 (GCVE-0-2024-33698)

    Vulnerability from cvelistv5 – Published: 2024-09-10 09:36 – Updated: 2025-10-14 09:15
    VLAI
    Summary
    A vulnerability has been identified in Opcenter Quality (All versions < V2406), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions < V3.2 SP3), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 5), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 3). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Siemens Opcenter Quality Affected: 0 , < V2406 (custom)
    Create a notification for this product.
    Siemens Opcenter RDnL Affected: 0 , < V2410 (custom)
    Create a notification for this product.
    Siemens SIMATIC PCS neo V4.0 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC PCS neo V4.1 Affected: 0 , < V4.1 Update 2 (custom)
    Create a notification for this product.
    Siemens SIMATIC PCS neo V5.0 Affected: 0 , < V5.0 Update 1 (custom)
    Create a notification for this product.
    Siemens SINEC NMS Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SINEMA Remote Connect Client Affected: 0 , < V3.2 SP3 (custom)
    Create a notification for this product.
    Siemens Totally Integrated Automation Portal (TIA Portal) V16 Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens Totally Integrated Automation Portal (TIA Portal) V17 Affected: 0 , < V17 Update 8 (custom)
    Create a notification for this product.
    Siemens Totally Integrated Automation Portal (TIA Portal) V18 Affected: 0 , < V18 Update 5 (custom)
    Create a notification for this product.
    Siemens Totally Integrated Automation Portal (TIA Portal) V19 Affected: 0 , < V19 Update 3 (custom)
    Create a notification for this product.
    siemens simatic_pcs_neo Affected: 4.0 , < 4.1_update_2 (custom)
        cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens simatic_information_server Affected: 0 , < * (custom)
        cpe:2.3:a:siemens:totally_integrated_automation_portal:16:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:totally_integrated_automation_portal:19:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:simatic_pcs_neo:5.0:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:simatic_information_server:2022:*:*:*:*:*:*:*
        cpe:2.3:a:siemens:simatic_information_server:2024:*:*:*:*:*:*:*
    Create a notification for this product.
    siemens totally_integrated_automation_portal Affected: 17 , < 17_update_8 (custom)
        cpe:2.3:a:siemens:totally_integrated_automation_portal:17:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "simatic_pcs_neo",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "4.1_update_2",
                    "status": "affected",
                    "version": "4.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:totally_integrated_automation_portal:16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:totally_integrated_automation_portal:19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:simatic_pcs_neo:5.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:simatic_information_server:2022:*:*:*:*:*:*:*",
                  "cpe:2.3:a:siemens:simatic_information_server:2024:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "simatic_information_server",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:siemens:totally_integrated_automation_portal:17:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "totally_integrated_automation_portal",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "17_update_8",
                    "status": "affected",
                    "version": "17",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-33698",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T17:32:07.999463Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T18:26:36.889Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Opcenter Quality",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2406",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Opcenter RDnL",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V2410",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V4.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V4.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V4.1 Update 2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SIMATIC PCS neo V5.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V5.0 Update 1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SINEC NMS",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "SINEMA Remote Connect Client",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V3.2 SP3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V16",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V17",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V17 Update 8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V18",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V18 Update 5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Totally Integrated Automation Portal (TIA Portal) V19",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V19 Update 3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Opcenter Quality (All versions \u003c V2406), Opcenter RDnL (All versions \u003c V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions \u003c V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions \u003c V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions \u003c V3.2 SP3), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 5), Totally Integrated Automation Portal (TIA Portal) V19 (All versions \u003c V19 Update 3). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-14T09:15:00.448Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-039007.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2024-33698",
        "datePublished": "2024-09-10T09:36:31.009Z",
        "dateReserved": "2024-04-26T12:32:09.263Z",
        "dateUpdated": "2025-10-14T09:15:00.448Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }