Filtered by vendor Siemens Subscriptions
Filtered by product Simatic Easie Core Package Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-44222 1 Siemens 1 Simatic Easie Core Package 2024-11-21 9.1 Critical
A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems does not perform authentication in the default configuration. This could allow an unauthenticated remote attacker to send arbitrary messages to the service and thereby issue arbitrary requests in the affected system.
CVE-2021-44221 1 Siemens 1 Simatic Easie Core Package 2024-11-21 7.5 High
A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system.