VDB
GCVE-110-NCSC-2025-61
GCVE-110-NCSC-2025-61
Advisory PublishedCVSS 3.7/10
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weaknesses (CWE)
CWE-201Insertion of Sensitive Information Into Sent DataCWE-770Allocation of Resources Without Limits or ThrottlingCWE-190Integer Overflow or WraparoundCWE-125Out-of-bounds ReadCWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')CWE-20Improper Input ValidationCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')CWE-787Out-of-bounds WriteCWE-489Active Debug CodeCWE-312Cleartext Storage of Sensitive InformationCWE-427Uncontrolled Search Path ElementCWE-1392Use of Default CredentialsCWE-113Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')CWE-326Inadequate Encryption StrengthCWE-601URL Redirection to Untrusted Site ('Open Redirect')CWE-732Incorrect Permission Assignment for Critical ResourceCWE-284Improper Access ControlCWE-404Improper Resource Shutdown or ReleaseCWE-1286Improper Validation of Syntactic Correctness of InputCWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')CWE-416Use After FreeCWE-923Improper Restriction of Communication Channel to Intended EndpointsCWE-415Double FreeCWE-122Heap-based Buffer OverflowCWE-476NULL Pointer DereferenceCWE-610Externally Controlled Reference to a Resource in Another SphereCWE-704Incorrect Type Conversion or CastCWE-295Improper Certificate ValidationCWE-401Missing Release of Memory after Effective LifetimeCWE-400Uncontrolled Resource ConsumptionCWE-325Missing Cryptographic StepCWE-754Improper Check for Unusual or Exceptional ConditionsCWE-328Use of Weak HashCWE-183Permissive List of Allowed InputsCWE-843Access of Resource Using Incompatible Type ('Type Confusion')CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-369Divide By ZeroCWE-203Observable DiscrepancyCWE-425Direct Request ('Forced Browsing')CWE-252Unchecked Return ValueCWE-502Deserialization of Untrusted DataCWE-222Truncation of Security-relevant InformationCWE-304Missing Critical Step in AuthenticationCWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')CWE-606Unchecked Input for Loop ConditionCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-310-CWE-613Insufficient Session Expiration
Risk Scores
CVSS 3.1
3.7/10
Low · CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| siemens | siprotec | — | — |
| siemens | teamcenter | — | — |
| siemens | scalance | — | — |
| siemens | apogee_pxc_series__p2_ethernet_ | — | — |
| siemens | _simatic | — | — |
| siemens | simatic | — | — |
| siemens | _simatic_s7 | — | — |
| siemens | opcenter_intelligence | — | — |
| siemens | simatic_s7 | — | — |
| siemens | ruggedcom | — | — |
| siemens | apogee_pxc_series__bacnet_ | — | — |
Aliases
CVE-2022-22127CVE-2022-22128CVE-2022-2588CVE-2022-2663CVE-2022-3524CVE-2022-39188CVE-2022-39842CVE-2022-40303CVE-2022-40304CVE-2022-4304CVE-2022-43750CVE-2022-4450CVE-2022-47069CVE-2022-47929CVE-2023-0045CVE-2023-0215CVE-2023-0286CVE-2023-0464CVE-2023-0465CVE-2023-0466CVE-2023-0590CVE-2023-1073CVE-2023-1074CVE-2023-1118CVE-2023-1206CVE-2023-1380CVE-2023-1670CVE-2023-2194CVE-2023-23454CVE-2023-23455CVE-2023-23559CVE-2023-26545CVE-2023-28484CVE-2023-28578CVE-2023-29469CVE-2023-31085CVE-2023-31315CVE-2023-3446CVE-2023-35001CVE-2023-3611CVE-2023-37482CVE-2023-39192CVE-2023-39193CVE-2023-42754CVE-2023-43522CVE-2023-44320CVE-2023-44322CVE-2023-45853CVE-2023-45863CVE-2023-4623CVE-2023-46604CVE-2023-48795CVE-2023-4921CVE-2023-51384CVE-2023-51385CVE-2023-5363CVE-2023-5678CVE-2023-5717CVE-2023-6129CVE-2023-6237CVE-2023-7250CVE-2024-0727CVE-2024-23814CVE-2024-2511CVE-2024-26306CVE-2024-33016CVE-2024-36504CVE-2024-45386CVE-2024-4603CVE-2024-46665CVE-2024-46666CVE-2024-46668CVE-2024-46669CVE-2024-46670CVE-2024-4741CVE-2024-48884CVE-2024-48885CVE-2024-50560CVE-2024-50561CVE-2024-50572CVE-2024-52963CVE-2024-53648CVE-2024-53651CVE-2024-53977CVE-2024-54015CVE-2024-54021CVE-2024-54089CVE-2024-54090CVE-2024-5535CVE-2024-6119CVE-2024-9143CVE-2025-23363CVE-2025-23403CVE-2025-24499CVE-2025-24532CVE-2025-24811CVE-2025-24812CVE-2025-24956
References
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.