Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for tia_administrator by siemens

    CVE-2025-23365 (GCVE-0-2025-23365)

    Vulnerability from nvd – Published: 2025-07-08 10:34 – Updated: 2025-07-08 16:11
    VLAI
    Summary
    A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application allows low-privileged users to trigger installations by overwriting cache files and modifying the downloads path. This would allow an attacker to escalate privilege and exceute arbitrary code.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Siemens TIA Administrator Affected: 0 , < V3.0.6 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-23365",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-08T14:26:04.504131Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-08T16:11:49.350Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "TIA Administrator",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V3.0.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V3.0.6). The affected application allows low-privileged users to trigger installations by overwriting cache files and modifying the downloads path. This would allow an attacker to escalate privilege and exceute arbitrary code."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284: Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-08T10:34:30.226Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-573669.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2025-23365",
        "datePublished": "2025-07-08T10:34:30.226Z",
        "dateReserved": "2025-01-14T14:17:17.382Z",
        "dateUpdated": "2025-07-08T16:11:49.350Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-23364 (GCVE-0-2025-23364)

    Vulnerability from nvd – Published: 2025-07-08 10:34 – Updated: 2025-07-08 16:11
    VLAI
    Summary
    A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and exceute arbitrary code during installations.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    Impacted products
    Vendor Product Version
    Siemens TIA Administrator Affected: 0 , < V3.0.6 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-23364",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-08T14:26:22.894853Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-08T16:11:54.563Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "TIA Administrator",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V3.0.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V3.0.6). The affected application improperly validates code signing certificates.\r\nThis could allow an attacker to bypass the check and exceute arbitrary code during installations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347: Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-08T10:34:28.904Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-573669.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2025-23364",
        "datePublished": "2025-07-08T10:34:28.904Z",
        "dateReserved": "2025-01-14T14:16:18.187Z",
        "dateUpdated": "2025-07-08T16:11:54.563Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-38533 (GCVE-0-2023-38533)

    Vulnerability from nvd – Published: 2024-06-11 11:14 – Updated: 2024-08-02 17:46
    VLAI
    Summary
    A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-379 - Creation of Temporary File in Directory with Insecure Permissions
    Assigner
    Impacted products
    Vendor Product Version
    Siemens TIA Administrator Affected: 0 , < V3 SP2 (custom)
    Create a notification for this product.
    siemens tia_administrator Affected: 0 , < v3sp2 (custom)
        cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tia_administrator",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "v3sp2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-38533",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-11T13:18:41.492079Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-11T13:32:12.104Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:46:55.859Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-319319.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "TIA Administrator",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V3 SP2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:T/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-379",
                  "description": "CWE-379: Creation of Temporary File in Directory with Insecure Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-11T14:20:02.683Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-319319.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-38533",
        "datePublished": "2024-06-11T11:14:55.951Z",
        "dateReserved": "2023-07-19T13:07:08.565Z",
        "dateUpdated": "2024-08-02T17:46:55.859Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-3449 (GCVE-0-2021-3449)

    Vulnerability from nvd – Published: 2021-03-25 14:25 – Updated: 2024-09-17 03:43
    VLAI
    Title
    NULL pointer deref in signature_algorithms processing
    Summary
    An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
    Severity
    No CVSS data available.
    CWE
    • NULL pointer dereference
    Assigner
    References
    URL Tags
    https://www.openssl.org/news/secadv/20210325.txt
    https://git.openssl.org/gitweb/?p=openssl.git%3Ba…
    https://tools.cisco.com/security/center/content/C… vendor-advisory
    https://www.debian.org/security/2021/dsa-4875 vendor-advisory
    http://www.openwall.com/lists/oss-security/2021/03/27/1 mailing-list
    http://www.openwall.com/lists/oss-security/2021/03/27/2 mailing-list
    http://www.openwall.com/lists/oss-security/2021/03/28/3 mailing-list
    http://www.openwall.com/lists/oss-security/2021/03/28/4 mailing-list
    https://security.gentoo.org/glsa/202103-03 vendor-advisory
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisory
    https://www.oracle.com/security-alerts/cpuApr2021.html
    https://www.tenable.com/security/tns-2021-10
    https://www.tenable.com/security/tns-2021-09
    https://security.netapp.com/advisory/ntap-2021051…
    https://security.netapp.com/advisory/ntap-2021032…
    https://security.FreeBSD.org/advisories/FreeBSD-S…
    https://www.tenable.com/security/tns-2021-06
    https://www.tenable.com/security/tns-2021-05
    https://kc.mcafee.com/corporate/index?page=conten…
    https://www.oracle.com//security-alerts/cpujul2021.html
    https://cert-portal.siemens.com/productcert/pdf/s…
    https://kb.pulsesecure.net/articles/Pulse_Securit…
    https://psirt.global.sonicwall.com/vuln-detail/SN…
    https://lists.debian.org/debian-lts-announce/2021… mailing-list
    https://www.oracle.com/security-alerts/cpuoct2021.html
    https://www.oracle.com/security-alerts/cpuapr2022.html
    https://cert-portal.siemens.com/productcert/pdf/s…
    https://www.oracle.com/security-alerts/cpujul2022.html
    https://security.netapp.com/advisory/ntap-2024062…
    Impacted products
    Vendor Product Version
    OpenSSL OpenSSL Affected: Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)
    Create a notification for this product.
    Date Public
    2021-03-25 00:00
    Credits
    Peter Kästle (Nokia) and Samuel Sapalski (Nokia)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:53:17.609Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.openssl.org/news/secadv/20210325.txt"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
              },
              {
                "name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
              },
              {
                "name": "DSA-4875",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2021/dsa-4875"
              },
              {
                "name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
              },
              {
                "name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
              },
              {
                "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
              },
              {
                "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
              },
              {
                "name": "GLSA-202103-03",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202103-03"
              },
              {
                "name": "FEDORA-2021-cbf14ab8f9",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/tns-2021-10"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/tns-2021-09"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/tns-2021-06"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/tns-2021-05"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
              },
              {
                "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenSSL",
              "vendor": "OpenSSL",
              "versions": [
                {
                  "status": "affected",
                  "version": "Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Peter K\u00e4stle (Nokia) and Samuel Sapalski (Nokia)"
            }
          ],
          "datePublic": "2021-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "lang": "eng",
                  "url": "https://www.openssl.org/policies/secpolicy.html#High",
                  "value": "High"
                },
                "type": "unknown"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "NULL pointer dereference",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-21T19:05:57.096Z",
            "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
            "shortName": "openssl"
          },
          "references": [
            {
              "url": "https://www.openssl.org/news/secadv/20210325.txt"
            },
            {
              "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
            },
            {
              "name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
            },
            {
              "name": "DSA-4875",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.debian.org/security/2021/dsa-4875"
            },
            {
              "name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
            },
            {
              "name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
            },
            {
              "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
            },
            {
              "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
            },
            {
              "name": "GLSA-202103-03",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202103-03"
            },
            {
              "name": "FEDORA-2021-cbf14ab8f9",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
            },
            {
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            },
            {
              "url": "https://www.tenable.com/security/tns-2021-10"
            },
            {
              "url": "https://www.tenable.com/security/tns-2021-09"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
            },
            {
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
            },
            {
              "url": "https://www.tenable.com/security/tns-2021-06"
            },
            {
              "url": "https://www.tenable.com/security/tns-2021-05"
            },
            {
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
            },
            {
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
            },
            {
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
            },
            {
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
            },
            {
              "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
            },
            {
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            },
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
            },
            {
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
            }
          ],
          "title": "NULL pointer deref in signature_algorithms processing"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "assignerShortName": "openssl",
        "cveId": "CVE-2021-3449",
        "datePublished": "2021-03-25T14:25:13.659Z",
        "dateReserved": "2021-03-17T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:43:55.497Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-10915 (GCVE-0-2019-10915)

    Vulnerability from nvd – Published: 2019-07-11 21:17 – Updated: 2024-08-04 22:40
    VLAI
    Summary
    A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
    Severity
    No CVSS data available.
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Siemens AG TIA Administrator Affected: All versions < V1.0 SP1 Upd1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T22:40:15.369Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
              },
              {
                "name": "109124",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/109124"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TIA Administrator",
              "vendor": "Siemens AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V1.0 SP1 Upd1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306: Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-09-24T15:35:14.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
            },
            {
              "name": "109124",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/109124"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2019-10915",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "TIA Administrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V1.0 SP1 Upd1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens AG"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-306: Missing Authentication for Critical Function"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf",
                  "refsource": "MISC",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
                },
                {
                  "name": "109124",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/109124"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf"
                },
                {
                  "name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02",
                  "refsource": "MISC",
                  "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2019-10915",
        "datePublished": "2019-07-11T21:17:46.000Z",
        "dateReserved": "2019-04-08T00:00:00.000Z",
        "dateUpdated": "2024-08-04T22:40:15.369Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-23365 (GCVE-0-2025-23365)

    Vulnerability from cvelistv5 – Published: 2025-07-08 10:34 – Updated: 2025-07-08 16:11
    VLAI
    Summary
    A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application allows low-privileged users to trigger installations by overwriting cache files and modifying the downloads path. This would allow an attacker to escalate privilege and exceute arbitrary code.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Siemens TIA Administrator Affected: 0 , < V3.0.6 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-23365",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-08T14:26:04.504131Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-08T16:11:49.350Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "TIA Administrator",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V3.0.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V3.0.6). The affected application allows low-privileged users to trigger installations by overwriting cache files and modifying the downloads path. This would allow an attacker to escalate privilege and exceute arbitrary code."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284: Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-08T10:34:30.226Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-573669.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2025-23365",
        "datePublished": "2025-07-08T10:34:30.226Z",
        "dateReserved": "2025-01-14T14:17:17.382Z",
        "dateUpdated": "2025-07-08T16:11:49.350Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-23364 (GCVE-0-2025-23364)

    Vulnerability from cvelistv5 – Published: 2025-07-08 10:34 – Updated: 2025-07-08 16:11
    VLAI
    Summary
    A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and exceute arbitrary code during installations.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    Impacted products
    Vendor Product Version
    Siemens TIA Administrator Affected: 0 , < V3.0.6 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-23364",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-08T14:26:22.894853Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-08T16:11:54.563Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "TIA Administrator",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V3.0.6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V3.0.6). The affected application improperly validates code signing certificates.\r\nThis could allow an attacker to bypass the check and exceute arbitrary code during installations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347: Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-08T10:34:28.904Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-573669.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2025-23364",
        "datePublished": "2025-07-08T10:34:28.904Z",
        "dateReserved": "2025-01-14T14:16:18.187Z",
        "dateUpdated": "2025-07-08T16:11:54.563Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-38533 (GCVE-0-2023-38533)

    Vulnerability from cvelistv5 – Published: 2024-06-11 11:14 – Updated: 2024-08-02 17:46
    VLAI
    Summary
    A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-379 - Creation of Temporary File in Directory with Insecure Permissions
    Assigner
    Impacted products
    Vendor Product Version
    Siemens TIA Administrator Affected: 0 , < V3 SP2 (custom)
    Create a notification for this product.
    siemens tia_administrator Affected: 0 , < v3sp2 (custom)
        cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tia_administrator",
                "vendor": "siemens",
                "versions": [
                  {
                    "lessThan": "v3sp2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-38533",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-11T13:18:41.492079Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-11T13:32:12.104Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:46:55.859Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-319319.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "TIA Administrator",
              "vendor": "Siemens",
              "versions": [
                {
                  "lessThan": "V3 SP2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:T/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV4_0": {
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-379",
                  "description": "CWE-379: Creation of Temporary File in Directory with Insecure Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-11T14:20:02.683Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/html/ssa-319319.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-38533",
        "datePublished": "2024-06-11T11:14:55.951Z",
        "dateReserved": "2023-07-19T13:07:08.565Z",
        "dateUpdated": "2024-08-02T17:46:55.859Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-3449 (GCVE-0-2021-3449)

    Vulnerability from cvelistv5 – Published: 2021-03-25 14:25 – Updated: 2024-09-17 03:43
    VLAI
    Title
    NULL pointer deref in signature_algorithms processing
    Summary
    An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
    Severity
    No CVSS data available.
    CWE
    • NULL pointer dereference
    Assigner
    References
    URL Tags
    https://www.openssl.org/news/secadv/20210325.txt
    https://git.openssl.org/gitweb/?p=openssl.git%3Ba…
    https://tools.cisco.com/security/center/content/C… vendor-advisory
    https://www.debian.org/security/2021/dsa-4875 vendor-advisory
    http://www.openwall.com/lists/oss-security/2021/03/27/1 mailing-list
    http://www.openwall.com/lists/oss-security/2021/03/27/2 mailing-list
    http://www.openwall.com/lists/oss-security/2021/03/28/3 mailing-list
    http://www.openwall.com/lists/oss-security/2021/03/28/4 mailing-list
    https://security.gentoo.org/glsa/202103-03 vendor-advisory
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisory
    https://www.oracle.com/security-alerts/cpuApr2021.html
    https://www.tenable.com/security/tns-2021-10
    https://www.tenable.com/security/tns-2021-09
    https://security.netapp.com/advisory/ntap-2021051…
    https://security.netapp.com/advisory/ntap-2021032…
    https://security.FreeBSD.org/advisories/FreeBSD-S…
    https://www.tenable.com/security/tns-2021-06
    https://www.tenable.com/security/tns-2021-05
    https://kc.mcafee.com/corporate/index?page=conten…
    https://www.oracle.com//security-alerts/cpujul2021.html
    https://cert-portal.siemens.com/productcert/pdf/s…
    https://kb.pulsesecure.net/articles/Pulse_Securit…
    https://psirt.global.sonicwall.com/vuln-detail/SN…
    https://lists.debian.org/debian-lts-announce/2021… mailing-list
    https://www.oracle.com/security-alerts/cpuoct2021.html
    https://www.oracle.com/security-alerts/cpuapr2022.html
    https://cert-portal.siemens.com/productcert/pdf/s…
    https://www.oracle.com/security-alerts/cpujul2022.html
    https://security.netapp.com/advisory/ntap-2024062…
    Impacted products
    Vendor Product Version
    OpenSSL OpenSSL Affected: Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)
    Create a notification for this product.
    Date Public
    2021-03-25 00:00
    Credits
    Peter Kästle (Nokia) and Samuel Sapalski (Nokia)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:53:17.609Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.openssl.org/news/secadv/20210325.txt"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
              },
              {
                "name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
              },
              {
                "name": "DSA-4875",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2021/dsa-4875"
              },
              {
                "name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
              },
              {
                "name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
              },
              {
                "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
              },
              {
                "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
              },
              {
                "name": "GLSA-202103-03",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202103-03"
              },
              {
                "name": "FEDORA-2021-cbf14ab8f9",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/tns-2021-10"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/tns-2021-09"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/tns-2021-06"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/tns-2021-05"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
              },
              {
                "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenSSL",
              "vendor": "OpenSSL",
              "versions": [
                {
                  "status": "affected",
                  "version": "Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Peter K\u00e4stle (Nokia) and Samuel Sapalski (Nokia)"
            }
          ],
          "datePublic": "2021-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "lang": "eng",
                  "url": "https://www.openssl.org/policies/secpolicy.html#High",
                  "value": "High"
                },
                "type": "unknown"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "NULL pointer dereference",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-21T19:05:57.096Z",
            "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
            "shortName": "openssl"
          },
          "references": [
            {
              "url": "https://www.openssl.org/news/secadv/20210325.txt"
            },
            {
              "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
            },
            {
              "name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
            },
            {
              "name": "DSA-4875",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.debian.org/security/2021/dsa-4875"
            },
            {
              "name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
            },
            {
              "name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
            },
            {
              "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
            },
            {
              "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
            },
            {
              "name": "GLSA-202103-03",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202103-03"
            },
            {
              "name": "FEDORA-2021-cbf14ab8f9",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
            },
            {
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            },
            {
              "url": "https://www.tenable.com/security/tns-2021-10"
            },
            {
              "url": "https://www.tenable.com/security/tns-2021-09"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
            },
            {
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
            },
            {
              "url": "https://www.tenable.com/security/tns-2021-06"
            },
            {
              "url": "https://www.tenable.com/security/tns-2021-05"
            },
            {
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
            },
            {
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
            },
            {
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
            },
            {
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
            },
            {
              "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
            },
            {
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            },
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
            },
            {
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
            }
          ],
          "title": "NULL pointer deref in signature_algorithms processing"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "assignerShortName": "openssl",
        "cveId": "CVE-2021-3449",
        "datePublished": "2021-03-25T14:25:13.659Z",
        "dateReserved": "2021-03-17T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:43:55.497Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-10915 (GCVE-0-2019-10915)

    Vulnerability from cvelistv5 – Published: 2019-07-11 21:17 – Updated: 2024-08-04 22:40
    VLAI
    Summary
    A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
    Severity
    No CVSS data available.
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Siemens AG TIA Administrator Affected: All versions < V1.0 SP1 Upd1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T22:40:15.369Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
              },
              {
                "name": "109124",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/109124"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TIA Administrator",
              "vendor": "Siemens AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V1.0 SP1 Upd1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306: Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-09-24T15:35:14.000Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
            },
            {
              "name": "109124",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/109124"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "productcert@siemens.com",
              "ID": "CVE-2019-10915",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "TIA Administrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions \u003c V1.0 SP1 Upd1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Siemens AG"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-306: Missing Authentication for Critical Function"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf",
                  "refsource": "MISC",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
                },
                {
                  "name": "109124",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/109124"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf"
                },
                {
                  "name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02",
                  "refsource": "MISC",
                  "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2019-10915",
        "datePublished": "2019-07-11T21:17:46.000Z",
        "dateReserved": "2019-04-08T00:00:00.000Z",
        "dateUpdated": "2024-08-04T22:40:15.369Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }