Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-31790 (GCVE-0-2026-31790)
Vulnerability from cvelistv5 – Published: 2026-04-07 22:00 – Updated: 2026-05-12 12:09
VLAI
EPSS
Title
Incorrect Failure Handling in RSA KEM RSASVE Encapsulation
Summary
Issue summary: Applications using RSASVE key encapsulation to establish
a secret encryption key can send contents of an uninitialized memory buffer to
a malicious peer.
Impact summary: The uninitialized buffer might contain sensitive data from the
previous execution of the application process which leads to sensitive data
leakage to an attacker.
RSA_public_encrypt() returns the number of bytes written on success and -1
on error. The affected code tests only whether the return value is non-zero.
As a result, if RSA encryption fails, encapsulation can still return success to
the caller, set the output lengths, and leave the caller to use the contents of
the ciphertext buffer as if a valid KEM ciphertext had been produced.
If applications use EVP_PKEY_encapsulate() with RSA/RSASVE on an
attacker-supplied invalid RSA public key without first validating that key,
then this may cause stale or uninitialized contents of the caller-provided
ciphertext buffer to be disclosed to the attacker in place of the KEM
ciphertext.
As a workaround calling EVP_PKEY_public_check() or
EVP_PKEY_public_check_quick() before EVP_PKEY_encapsulate() will mitigate
the issue.
The FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.1 and 3.0 are affected by this issue.
Severity
No CVSS data available.
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
6 references
Impacted products
Date Public
2026-04-07 14:00
Credits
Simo Sorce (Red Hat)
Nikola Pajkovsky
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-31790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-08T14:32:04.700201Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T14:32:37.439Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CN 4100",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T12:09:06.208Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.6.2",
"status": "affected",
"version": "3.6.0",
"versionType": "semver"
},
{
"lessThan": "3.5.6",
"status": "affected",
"version": "3.5.0",
"versionType": "semver"
},
{
"lessThan": "3.4.5",
"status": "affected",
"version": "3.4.0",
"versionType": "semver"
},
{
"lessThan": "3.3.7",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThan": "3.0.20",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Simo Sorce (Red Hat)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Nikola Pajkovsky"
}
],
"datePublic": "2026-04-07T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Issue summary: Applications using RSASVE key encapsulation to establish\u003cbr\u003ea secret encryption key can send contents of an uninitialized memory buffer to\u003cbr\u003ea malicious peer.\u003cbr\u003e\u003cbr\u003eImpact summary: The uninitialized buffer might contain sensitive data from the\u003cbr\u003eprevious execution of the application process which leads to sensitive data\u003cbr\u003eleakage to an attacker.\u003cbr\u003e\u003cbr\u003eRSA_public_encrypt() returns the number of bytes written on success and -1\u003cbr\u003eon error. The affected code tests only whether the return value is non-zero.\u003cbr\u003eAs a result, if RSA encryption fails, encapsulation can still return success to\u003cbr\u003ethe caller, set the output lengths, and leave the caller to use the contents of\u003cbr\u003ethe ciphertext buffer as if a valid KEM ciphertext had been produced.\u003cbr\u003e\u003cbr\u003eIf applications use EVP_PKEY_encapsulate() with RSA/RSASVE on an\u003cbr\u003eattacker-supplied invalid RSA public key without first validating that key,\u003cbr\u003ethen this may cause stale or uninitialized contents of the caller-provided\u003cbr\u003eciphertext buffer to be disclosed to the attacker in place of the KEM\u003cbr\u003eciphertext.\u003cbr\u003e\u003cbr\u003eAs a workaround calling EVP_PKEY_public_check() or\u003cbr\u003eEVP_PKEY_public_check_quick() before EVP_PKEY_encapsulate() will mitigate\u003cbr\u003ethe issue.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.1 and 3.0 are affected by this issue."
}
],
"value": "Issue summary: Applications using RSASVE key encapsulation to establish\na secret encryption key can send contents of an uninitialized memory buffer to\na malicious peer.\n\nImpact summary: The uninitialized buffer might contain sensitive data from the\nprevious execution of the application process which leads to sensitive data\nleakage to an attacker.\n\nRSA_public_encrypt() returns the number of bytes written on success and -1\non error. The affected code tests only whether the return value is non-zero.\nAs a result, if RSA encryption fails, encapsulation can still return success to\nthe caller, set the output lengths, and leave the caller to use the contents of\nthe ciphertext buffer as if a valid KEM ciphertext had been produced.\n\nIf applications use EVP_PKEY_encapsulate() with RSA/RSASVE on an\nattacker-supplied invalid RSA public key without first validating that key,\nthen this may cause stale or uninitialized contents of the caller-provided\nciphertext buffer to be disclosed to the attacker in place of the KEM\nciphertext.\n\nAs a workaround calling EVP_PKEY_public_check() or\nEVP_PKEY_public_check_quick() before EVP_PKEY_encapsulate() will mitigate\nthe issue.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.1 and 3.0 are affected by this issue."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "Moderate"
},
"type": "https://openssl-library.org/policies/general/security-policy/"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T22:00:56.698Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://openssl-library.org/news/secadv/20260407.txt"
},
{
"name": "3.6.2 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482"
},
{
"name": "3.5.6 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac"
},
{
"name": "3.4.5 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790"
},
{
"name": "3.3.7 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406"
},
{
"name": "3.0.20 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incorrect Failure Handling in RSA KEM RSASVE Encapsulation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2026-31790",
"datePublished": "2026-04-07T22:00:56.698Z",
"dateReserved": "2026-03-09T15:56:53.191Z",
"dateUpdated": "2026-05-12T12:09:06.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-31790",
"date": "2026-05-26",
"epss": "0.00042",
"percentile": "0.12852"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-31790\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2026-04-07T22:16:21.770\",\"lastModified\":\"2026-05-12T13:17:34.750\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: Applications using RSASVE key encapsulation to establish\\na secret encryption key can send contents of an uninitialized memory buffer to\\na malicious peer.\\n\\nImpact summary: The uninitialized buffer might contain sensitive data from the\\nprevious execution of the application process which leads to sensitive data\\nleakage to an attacker.\\n\\nRSA_public_encrypt() returns the number of bytes written on success and -1\\non error. The affected code tests only whether the return value is non-zero.\\nAs a result, if RSA encryption fails, encapsulation can still return success to\\nthe caller, set the output lengths, and leave the caller to use the contents of\\nthe ciphertext buffer as if a valid KEM ciphertext had been produced.\\n\\nIf applications use EVP_PKEY_encapsulate() with RSA/RSASVE on an\\nattacker-supplied invalid RSA public key without first validating that key,\\nthen this may cause stale or uninitialized contents of the caller-provided\\nciphertext buffer to be disclosed to the attacker in place of the KEM\\nciphertext.\\n\\nAs a workaround calling EVP_PKEY_public_check() or\\nEVP_PKEY_public_check_quick() before EVP_PKEY_encapsulate() will mitigate\\nthe issue.\\n\\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.1 and 3.0 are affected by this issue.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.0.20\",\"matchCriteriaId\":\"B28A8143-89A4-4332-A1F8-A65FB5AA829F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3.0\",\"versionEndExcluding\":\"3.3.7\",\"matchCriteriaId\":\"CF303B21-D9BF-461D-B7B0-A3FE1D557A9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.0\",\"versionEndExcluding\":\"3.4.5\",\"matchCriteriaId\":\"DCCE43D0-8F17-475D-9EE6-842F758A9905\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5.0\",\"versionEndExcluding\":\"3.5.6\",\"matchCriteriaId\":\"F6BC0271-444D-4597-BF05-DC60034EAA49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.6.0\",\"versionEndExcluding\":\"3.6.2\",\"matchCriteriaId\":\"4A9E621D-29D8-418A-BF37-BED333C14507\"}]}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://openssl-library.org/news/secadv/20260407.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-032379.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-31790\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-08T14:32:04.700201Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-08T14:18:22.785Z\"}}], \"cna\": {\"title\": \"Incorrect Failure Handling in RSA KEM RSASVE Encapsulation\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Simo Sorce (Red Hat)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Nikola Pajkovsky\"}], \"metrics\": [{\"other\": {\"type\": \"https://openssl-library.org/policies/general/security-policy/\", \"content\": {\"text\": \"Moderate\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.6.0\", \"lessThan\": \"3.6.2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.5.0\", \"lessThan\": \"3.5.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.4.0\", \"lessThan\": \"3.4.5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.20\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2026-04-07T14:00:00.000Z\", \"references\": [{\"url\": \"https://openssl-library.org/news/secadv/20260407.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482\", \"name\": \"3.6.2 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac\", \"name\": \"3.5.6 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790\", \"name\": \"3.4.5 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406\", \"name\": \"3.3.7 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e\", \"name\": \"3.0.20 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: Applications using RSASVE key encapsulation to establish\\na secret encryption key can send contents of an uninitialized memory buffer to\\na malicious peer.\\n\\nImpact summary: The uninitialized buffer might contain sensitive data from the\\nprevious execution of the application process which leads to sensitive data\\nleakage to an attacker.\\n\\nRSA_public_encrypt() returns the number of bytes written on success and -1\\non error. The affected code tests only whether the return value is non-zero.\\nAs a result, if RSA encryption fails, encapsulation can still return success to\\nthe caller, set the output lengths, and leave the caller to use the contents of\\nthe ciphertext buffer as if a valid KEM ciphertext had been produced.\\n\\nIf applications use EVP_PKEY_encapsulate() with RSA/RSASVE on an\\nattacker-supplied invalid RSA public key without first validating that key,\\nthen this may cause stale or uninitialized contents of the caller-provided\\nciphertext buffer to be disclosed to the attacker in place of the KEM\\nciphertext.\\n\\nAs a workaround calling EVP_PKEY_public_check() or\\nEVP_PKEY_public_check_quick() before EVP_PKEY_encapsulate() will mitigate\\nthe issue.\\n\\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.1 and 3.0 are affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: Applications using RSASVE key encapsulation to establish\u003cbr\u003ea secret encryption key can send contents of an uninitialized memory buffer to\u003cbr\u003ea malicious peer.\u003cbr\u003e\u003cbr\u003eImpact summary: The uninitialized buffer might contain sensitive data from the\u003cbr\u003eprevious execution of the application process which leads to sensitive data\u003cbr\u003eleakage to an attacker.\u003cbr\u003e\u003cbr\u003eRSA_public_encrypt() returns the number of bytes written on success and -1\u003cbr\u003eon error. The affected code tests only whether the return value is non-zero.\u003cbr\u003eAs a result, if RSA encryption fails, encapsulation can still return success to\u003cbr\u003ethe caller, set the output lengths, and leave the caller to use the contents of\u003cbr\u003ethe ciphertext buffer as if a valid KEM ciphertext had been produced.\u003cbr\u003e\u003cbr\u003eIf applications use EVP_PKEY_encapsulate() with RSA/RSASVE on an\u003cbr\u003eattacker-supplied invalid RSA public key without first validating that key,\u003cbr\u003ethen this may cause stale or uninitialized contents of the caller-provided\u003cbr\u003eciphertext buffer to be disclosed to the attacker in place of the KEM\u003cbr\u003eciphertext.\u003cbr\u003e\u003cbr\u003eAs a workaround calling EVP_PKEY_public_check() or\u003cbr\u003eEVP_PKEY_public_check_quick() before EVP_PKEY_encapsulate() will mitigate\u003cbr\u003ethe issue.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.1 and 3.0 are affected by this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-754\", \"description\": \"CWE-754 Improper Check for Unusual or Exceptional Conditions\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2026-04-07T22:00:56.698Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-31790\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-08T14:32:37.439Z\", \"dateReserved\": \"2026-03-09T15:56:53.191Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2026-04-07T22:00:56.698Z\", \"assignerShortName\": \"openssl\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
alsa-2026:19066
Vulnerability from osv_almalinux
Published
2026-05-19 00:00
Modified
2026-05-26 12:28
Summary
Moderate: openssl security update
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
- openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key (CVE-2026-31790)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "openssl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.5.5-2.el10_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "openssl-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.5.5-2.el10_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "openssl-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.5.5-2.el10_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "openssl-perl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.5.5-2.el10_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. \n\nSecurity Fix(es): \n\n * openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key (CVE-2026-31790)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:19066",
"modified": "2026-05-26T12:28:44Z",
"published": "2026-05-19T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:19066"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-31790"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2451094"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/10/ALSA-2026-19066.html"
}
],
"related": [
"CVE-2026-31790"
],
"summary": "Moderate: openssl security update"
}
alsa-2026:19218
Vulnerability from osv_almalinux
Published
2026-05-19 00:00
Modified
2026-05-26 12:29
Summary
Moderate: openssl security update
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
- openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key (CVE-2026-31790)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "openssl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.5.5-2.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "openssl-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.5.5-2.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "openssl-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.5.5-2.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "openssl-perl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.5.5-2.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. \n\nSecurity Fix(es): \n\n * openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key (CVE-2026-31790)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:19218",
"modified": "2026-05-26T12:29:44Z",
"published": "2026-05-19T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:19218"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-31790"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2451094"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2026-19218.html"
}
],
"related": [
"CVE-2026-31790"
],
"summary": "Moderate: openssl security update"
}
CERTFR-2026-AVI-0403
Vulnerability from certfr_avis - Published: 2026-04-08 - Updated: 2026-04-08
De multiples vulnérabilités ont été découvertes dans OpenSSL. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
L'éditeur indique que les modules FIPS des versions 3.6, 3.5, 3.4, 3.3, 3.1 et 3.0 sont affectés par la vulnérabilité CVE-2026-31790 et les versions 3.6 par la vulnérabilité CVE-2026-31790, sur systèmes x86-64 avec les instructions AVX-512 er VAES activées.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| OpenSSL | OpenSSL | OpenSSL versions 3.6.x antérieures à 3.6.2 | ||
| OpenSSL | OpenSSL | OpenSSL versions 3.5.x antérieures à 3.5.6 | ||
| OpenSSL | OpenSSL | OpenSSL versions 1.1.1 antérieures à 1.1.1zg | ||
| OpenSSL | OpenSSL | OpenSSL versions 3.0.x antérieures à 3.0.20 | ||
| OpenSSL | OpenSSL | OpenSSL versions 3.4.x antérieures à 3.4.5 | ||
| OpenSSL | OpenSSL | OpenSSL versions 3.3.x antérieures à 3.3.7 | ||
| OpenSSL | OpenSSL | OpenSSL versions 1.0.2 antérieures à 1.0.2zp |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OpenSSL versions 3.6.x ant\u00e9rieures \u00e0 3.6.2",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 3.5.x ant\u00e9rieures \u00e0 3.5.6",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 1.1.1 ant\u00e9rieures \u00e0 1.1.1zg",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 3.0.x ant\u00e9rieures \u00e0 3.0.20",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 3.4.x ant\u00e9rieures \u00e0 3.4.5",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 3.3.x ant\u00e9rieures \u00e0 3.3.7",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 1.0.2 ant\u00e9rieures \u00e0 1.0.2zp",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
}
],
"affected_systems_content": "L\u0027\u00e9diteur indique que les modules FIPS des versions 3.6, 3.5, 3.4, 3.3, 3.1 et 3.0 sont affect\u00e9s par la vuln\u00e9rabilit\u00e9 CVE-2026-31790 et les versions 3.6 par la vuln\u00e9rabilit\u00e9 CVE-2026-31790, sur syst\u00e8mes x86-64 avec les instructions AVX-512 er VAES activ\u00e9es.",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-28386",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28386"
},
{
"name": "CVE-2026-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28389"
},
{
"name": "CVE-2026-28387",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28387"
},
{
"name": "CVE-2026-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28388"
},
{
"name": "CVE-2026-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28390"
},
{
"name": "CVE-2026-31789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31789"
},
{
"name": "CVE-2026-31790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31790"
}
],
"initial_release_date": "2026-04-08T00:00:00",
"last_revision_date": "2026-04-08T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0403",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans OpenSSL. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenSSL",
"vendor_advisories": [
{
"published_at": "2026-04-07",
"title": "Bulletin de s\u00e9curit\u00e9 OpenSSL 20260407",
"url": "https://openssl-library.org/news/secadv/20260407.txt"
}
]
}
CERTFR-2026-AVI-0428
Vulnerability from certfr_avis - Published: 2026-04-13 - Updated: 2026-04-13
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | azl3 openssl 3.3.5-4 versions antérieures à 3.3.5-5 | ||
| Microsoft | N/A | azl3 sudo 1.9.17-1 versions antérieures à 1.9.17-2 | ||
| Microsoft | N/A | azl3 openssh 9.8p1-5 versions antérieures à 9.8p1-6 | ||
| Microsoft | N/A | azl3 vim 9.2.0240-1 versions antérieures à 9.2.0323-1 | ||
| Microsoft | N/A | azl3 sleuthkit 4.12.1-1 versions antérieures à 4.12.1-2 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "azl3 openssl 3.3.5-4 versions ant\u00e9rieures \u00e0 3.3.5-5",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 sudo 1.9.17-1 versions ant\u00e9rieures \u00e0 1.9.17-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 openssh 9.8p1-5 versions ant\u00e9rieures \u00e0 9.8p1-6",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 vim 9.2.0240-1 versions ant\u00e9rieures \u00e0 9.2.0323-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 sleuthkit 4.12.1-1 versions ant\u00e9rieures \u00e0 4.12.1-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-40024",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40024"
},
{
"name": "CVE-2026-35388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35388"
},
{
"name": "CVE-2026-35386",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35386"
},
{
"name": "CVE-2026-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40026"
},
{
"name": "CVE-2026-39881",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39881"
},
{
"name": "CVE-2026-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28389"
},
{
"name": "CVE-2026-35535",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35535"
},
{
"name": "CVE-2026-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28388"
},
{
"name": "CVE-2026-35385",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35385"
},
{
"name": "CVE-2026-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28390"
},
{
"name": "CVE-2026-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40025"
},
{
"name": "CVE-2026-31789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31789"
},
{
"name": "CVE-2026-31790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31790"
}
],
"initial_release_date": "2026-04-13T00:00:00",
"last_revision_date": "2026-04-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0428",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-40024",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40024"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-40025",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40025"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-40026",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40026"
},
{
"published_at": "2026-04-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-35386",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35386"
},
{
"published_at": "2026-04-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-35388",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35388"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-39881",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-39881"
},
{
"published_at": "2026-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-31790",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-31790"
},
{
"published_at": "2026-04-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-35535",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35535"
},
{
"published_at": "2026-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28388",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28388"
},
{
"published_at": "2026-04-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28390",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28390"
},
{
"published_at": "2026-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-31789",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-31789"
},
{
"published_at": "2026-04-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-35385",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35385"
},
{
"published_at": "2026-04-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28389",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28389"
}
]
}
CERTFR-2026-AVI-0467
Vulnerability from certfr_avis - Published: 2026-04-22 - Updated: 2026-04-22
De multiples vulnérabilités ont été découvertes dans Oracle Database Server. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | Database Server | Oracle Database Server (RDBMS) version 19.3 à 19.30 | ||
| Oracle | Database Server | Oracle Database Server (Data Mining) version 23.4.0 à 23.26.1 | ||
| Oracle | Database Server | Oracle Database Server (RDBMS) version 23.4.0 à 23.26.1 | ||
| Oracle | Database Server | Oracle Database Server (XML Database) version 23.4.0 à 23.26.1 | ||
| Oracle | Database Server | Oracle Database Server (Java VM) version 21.3 à 21.21 | ||
| Oracle | Database Server | Oracle Database Server (Data Mining) version 19.3 à 19.30 | ||
| Oracle | Database Server | Oracle Database Server (Java VM) version 19.3 à 19.30 | ||
| Oracle | Database Server | Oracle Database Server (Data Mining) version 21.3 à 21.21 | ||
| Oracle | Database Server | Oracle Database Server (RDBMS) version 21.3 à 21.21 | ||
| Oracle | Database Server | Oracle Database Server (Clusterware) version 23.4.0 à 23.26.1 | ||
| Oracle | Database Server | Oracle Database Server (Clusterware) version 19.3 à 19.30 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Database Server (RDBMS) version 19.3 \u00e0 19.30",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Data Mining) version 23.4.0 \u00e0 23.26.1",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (RDBMS) version 23.4.0 \u00e0 23.26.1",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (XML Database) version 23.4.0 \u00e0 23.26.1",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Java VM) version 21.3 \u00e0 21.21",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Data Mining) version 19.3 \u00e0 19.30",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Java VM) version 19.3 \u00e0 19.30",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Data Mining) version 21.3 \u00e0 21.21",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (RDBMS) version 21.3 \u00e0 21.21",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Clusterware) version 23.4.0 \u00e0 23.26.1",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Clusterware) version 19.3 \u00e0 19.30",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-26007",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26007"
},
{
"name": "CVE-2026-34312",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34312"
},
{
"name": "CVE-2025-31948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31948"
},
{
"name": "CVE-2026-35229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35229"
},
{
"name": "CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"name": "CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"name": "CVE-2026-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21999"
},
{
"name": "CVE-2026-33013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33013"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2026-31790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31790"
}
],
"initial_release_date": "2026-04-22T00:00:00",
"last_revision_date": "2026-04-22T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0467",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Database Server. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Database Server",
"vendor_advisories": [
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Database Server cpuapr2026",
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html"
}
]
}
CERTFR-2026-AVI-0550
Vulnerability from certfr_avis - Published: 2026-05-07 - Updated: 2026-05-07
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | AIX | AIX 7.2 et 7.3 sans le correctif 301610mc.260424.epkg.Z | ||
| IBM | Sterling | IBM Sterling Transformation Extender versions 11.0.0.0 sans le correctif PH71092 | ||
| IBM | Sterling | IBM Sterling Transformation Extender versions 10.1.0.3 sans le correctif PH71092 | ||
| IBM | QRadar | SOAR QRadar Plugin App versions antérieures à 5.6.4 | ||
| IBM | QRadar | QRadar AI Assistant versions antérieures à 1.5.0 | ||
| IBM | Sterling | IBM Sterling Transformation Extender versions 10.1.1.2 sans le correctif PH71092 | ||
| IBM | Sterling | IBM Sterling Transformation Extender versions 10.1.2.2 sans le correctif PH71092 | ||
| IBM | VIOS | VIOS 4.1 sans le correctif 301610mc.260424.epkg.Z |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AIX 7.2 et 7.3 sans le correctif 301610mc.260424.epkg.Z",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Transformation Extender versions 11.0.0.0 sans le correctif PH71092",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Transformation Extender versions 10.1.0.3 sans le correctif PH71092",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "SOAR QRadar Plugin App versions ant\u00e9rieures \u00e0 5.6.4",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar AI Assistant versions ant\u00e9rieures \u00e0 1.5.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Transformation Extender versions 10.1.1.2 sans le correctif PH71092",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Transformation Extender versions 10.1.2.2 sans le correctif PH71092",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS 4.1 sans le correctif 301610mc.260424.epkg.Z",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-40087",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40087"
},
{
"name": "CVE-2026-39892",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
},
{
"name": "CVE-2026-33123",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33123"
},
{
"name": "CVE-2026-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22013"
},
{
"name": "CVE-2026-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22018"
},
{
"name": "CVE-2026-34073",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34073"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"name": "CVE-2026-25645",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25645"
},
{
"name": "CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"name": "CVE-2026-0540",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0540"
},
{
"name": "CVE-2026-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28389"
},
{
"name": "CVE-2026-33671",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33671"
},
{
"name": "CVE-2026-34515",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34515"
},
{
"name": "CVE-2026-34519",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34519"
},
{
"name": "CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"name": "CVE-2026-34518",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34518"
},
{
"name": "CVE-2026-34525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34525"
},
{
"name": "CVE-2026-28387",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28387"
},
{
"name": "CVE-2026-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28388"
},
{
"name": "CVE-2026-4539",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4539"
},
{
"name": "CVE-2026-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2950"
},
{
"name": "CVE-2026-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22016"
},
{
"name": "CVE-2026-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22021"
},
{
"name": "CVE-2026-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22007"
},
{
"name": "CVE-2026-27124",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27124"
},
{
"name": "CVE-2026-34268",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34268"
},
{
"name": "CVE-2026-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28390"
},
{
"name": "CVE-2026-33672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33672"
},
{
"name": "CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"name": "CVE-2026-34516",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34516"
},
{
"name": "CVE-2026-27448",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27448"
},
{
"name": "CVE-2026-31789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31789"
},
{
"name": "CVE-2026-34517",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34517"
},
{
"name": "CVE-2026-32871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32871"
},
{
"name": "CVE-2026-34513",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34513"
},
{
"name": "CVE-2026-34514",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34514"
},
{
"name": "CVE-2026-34520",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34520"
},
{
"name": "CVE-2025-64340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64340"
},
{
"name": "CVE-2026-28804",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28804"
},
{
"name": "CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"name": "CVE-2026-22815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22815"
},
{
"name": "CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"name": "CVE-2025-67221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67221"
},
{
"name": "CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"name": "CVE-2026-31790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31790"
},
{
"name": "CVE-2026-34070",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34070"
}
],
"initial_release_date": "2026-05-07T00:00:00",
"last_revision_date": "2026-05-07T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0550",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-05-05",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7271707",
"url": "https://www.ibm.com/support/pages/node/7271707"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7271922",
"url": "https://www.ibm.com/support/pages/node/7271922"
},
{
"published_at": "2026-05-04",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7271681",
"url": "https://www.ibm.com/support/pages/node/7271681"
},
{
"published_at": "2026-05-05",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7271765",
"url": "https://www.ibm.com/support/pages/node/7271765"
}
]
}
CERTFR-2026-AVI-0565
Vulnerability from certfr_avis - Published: 2026-05-12 - Updated: 2026-05-12
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE XR524-8C, 2x230V (6GK5524-8GS00-4AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XR552-12M (2HR2) (6GK5552-0AA00-2HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X208PRO (6GK5208-0HA10-2AA6) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à 8.3 | ||
| Siemens | N/A | SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC HMI MTP1000 Unified Comfort Panel (6AV2128-3KB06-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE X224 (6GK5224-0BA00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP2200 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3XB27-0BX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE SC646-2C (6GK5646-2GS00-2AC2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG10-1CR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE X310 (6GK5310-0FA00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SCALANCE XM408-4C (6GK5408-4GP00-2AM2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) versions antérieures à 8.3 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SIMATIC HMI MTP1500 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3QB57-0BX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE X308-2 (6GK5308-2FL00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR526-8C, 1x230V (6GK5526-8GS00-3AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP2200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3XB57-0BX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC HMI MTP700 Unified Comfort Panel (6AV2128-3GB06-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR528-6M (6GK5528-0AA00-2AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP Open Controller CPU 1515SP PC3 V4 CPUs toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SIMATIC HMI MTP1500 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3QB27-1BX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC HMI MTP1500 Unified Comfort Panel (6AV2128-3QB06-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SIMATIC CFU PA (6ES7655-5PX11-0XX0) versions antérieures à 2.0.0 | ||
| Siemens | N/A | SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XR526-8C, 24V (6GK5526-8GS00-2AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) versions antérieures à 8.3 | ||
| Siemens | N/A | SIMATIC HMI MTP1500 Unified Comfort Panel neutral design (6AV2128-3QB36-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC CFU PA (6ES7655-5PX11-1XX0) versions antérieures à 2.0.0 | ||
| Siemens | N/A | SIMATIC HMI MTP1500 Unified Comfort Panel hygienic (6AV2128-3QB40-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE X212-2 (6GK5212-2BB00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIPROTEC 5 versions supérieures ou égales à7.80 pour la vulnérabilité CVE-2024-54017 | ||
| Siemens | N/A | SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XF204-2 (6GK5204-2BC00-2AF2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG10-3HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X310FE (6GK5310-0BA00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC HMI MTP1500 Unified Comfort Panel hygienic neutral design (6AV2128-3QB70-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3MB57-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG10-1HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SIMATIC HMI MTP1000 Unified Comfort Panel hygienic neutral design (6AV2128-3KB70-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC HMI MTP1900 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3UB27-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC HMI MTP2200 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3XB27-1BX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC S7 PLCs Web Server versions antérieures à 2.9.9 | ||
| Siemens | N/A | SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X204-2LD (6GK5204-2BC10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE XR552-12M (2HR2) (6GK5552-0AR00-2HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XF204 (6GK5204-0BA00-2AF2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X308-2M (6GK5308-2GG10-2AA2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC HMI MTP1900 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3UB57-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SIPROTEC 5 versions supérieures ou égales à7.80 et versions antérieures à 11.0 | ||
| Siemens | N/A | SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X307-3 (6GK5307-3BL10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP1900 Unified Comfort Panel (6AV2128-3UB06-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SIMATIC CN 4100 versions antérieures à 5.0 | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à 8.3 | ||
| Siemens | N/A | SIMATIC HMI MTP1500 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3QB57-1BX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE X308-2M (6GK5308-2GG00-2AA2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP2200 Unified Comfort Panel (6AV2128-3XB06-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE X204-2 (6GK5204-2BB10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X212-2LD (6GK5212-2BC00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SIMATIC HMI MTP1500 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3QB27-0BX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC HMI MTP2200 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3XB57-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0) versions antérieures à 2.9.9 | ||
| Siemens | N/A | SCALANCE XR552-12M (6GK5552-0AA00-2AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR526-8C, 24V (L3 int.) (6GK5526-8GR00-2AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC HMI MTP2200 Unified Comfort Panel neutral design (6AV2128-3XB36-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC HMI MTP1900 Unified Comfort Panel hygienic (6AV2128-3UB40-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SIMATIC HMI MTP1500 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3QB57-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XR524-8C, 24V (L3 int.) (6GK5524-8GR00-2AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0) versions antérieures à 2.9.9 | ||
| Siemens | N/A | SIMATIC HMI MTP1000, Unified Comfort Panel neutral (6AV2128-3KB36-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE X308-2LH (6GK5308-2FN10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SIMATIC HMI MTP1900 Unified Comfort Panel hygienic neutral design (6AV2128-3UB70-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC S7 PLCs Web Server versions antérieures à 3.1.6 | ||
| Siemens | N/A | SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SCALANCE X307-3 (6GK5307-3BL00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0) versions antérieures à 2.9.9 | ||
| Siemens | N/A | SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE X308-2M TS (6GK5308-2GG00-2CA2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE X204-2FM (6GK5204-2BB11-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SCALANCE X304-2FE (6GK5304-2BD00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE X308-2LH (6GK5308-2FN00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7 PLCs Web Server toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC HMI MTP1200 Unified Comfort Panel hygienic neutral design (6AV2128-3MB70-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE X208 (6GK5208-0BA10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XM416-4C (6GK5416-4GS00-2AM2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE X308-2M TS (6GK5308-2GG10-2CA2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR528-6M (2HR2) (6GK5528-0AA00-2HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X206-1 (6GK5206-1BB10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP1200 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3MB27-0BX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE M876-3 (6GK5876-3AA02-2BA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE XM416-4C (L3 int.) (6GK5416-4GR00-2AM2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC HMI MTP1500 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3QB27-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions antérieures à 3.1.6 | ||
| Siemens | N/A | SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP2200 Unified Comfort Hygienic neutral design (6AV2128-3XB70-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE SC626-2C (6GK5626-2GS00-2AC2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC HMI MTP1900 Unified Comfort Panel neutral design (6AV2128-3UB36-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design (6AV2128-3GB40-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE X310 (6GK5310-0FA10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design (6AV2128-3GB70-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP1900 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3UB27-1BX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE X408-2 (6GK5408-2FD00-2AA2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIPROTEC 5 versions antérieures à 11.0 | ||
| Siemens | N/A | SCALANCE X308-2LD (6GK5308-2FM00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE XR528-6M (L3 int.) (6GK5528-0AR00-2AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X310FE (6GK5310-0BA10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP1200 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3MB27-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC HMI MTP700, Unified Comfort Panel neutral design (6AV2128-3GB36-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XM408-8C (L3 int.) (6GK5408-8GR00-2AM2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7 PLCs Web Server toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE X308-2LD (6GK5308-2FM10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG10-1AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à 8.3 | ||
| Siemens | N/A | SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3MB57-0BX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SIMATIC ET 200SP HA IM155-6 PN versions antérieures à 1.3 | ||
| Siemens | N/A | SCALANCE SC642-2C (6GK5642-2GS00-2AC2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X308-2 RD (inkl. SIPLUS variants) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X307-3LD (6GK5307-3BM10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP2200 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3XB27-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP2200 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3XB57-1BX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) versions antérieures à 10.2 | ||
| Siemens | N/A | SIMATIC HMI MTP1900 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3UB57-1BX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE XF206-1 (6GK5206-1BC00-2AF2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions antérieures à 3.1.6 | ||
| Siemens | N/A | SCALANCE XR524-8C, 1x230V (6GK5524-8GS00-3AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE SC632-2C (6GK5632-2GS00-2AC2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XR526-8C, 2x230V (6GK5526-8GS00-4AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X307-3LD (6GK5307-3BM00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC HMI MTP2200 Unified Comfort Hygienic (6AV2128-3XB40-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE X320-1 FE (6GK5320-1BD00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X216 (6GK5216-0BA00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC CFU DIQ (6ES7655-5PX31-1XX0) versions antérieures à 2.0.0 | ||
| Siemens | N/A | SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SIMATIC HMI MTP1200 Unified Comfort Panel (6AV2128-3MB06-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP1200 Unified Comfort Panel hygienic (6AV2128-3MB40-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE SC636-2C (6GK5636-2GS00-2AC2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0) versions antérieures à 2.9.9 | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SIMATIC HMI MTP1000 Unified Comfort Panel hygienic (6AV2128-3KB40-0AX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC HMI MTP1200 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3MB27-1BX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE X206-1LD (6GK5206-1BC10-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG10-3AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XR524-8C, 24V (6GK5524-8GS00-2AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE SC622-2C (6GK5622-2GS00-2AC2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE XF208 (6GK5208-0BA00-2AF2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SIMATIC HMI MTP1200 Unified Comfort Panel neutral design (6AV2128-3MB36-0AX1) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SIMATIC HMI MTP1200 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3MB57-1BX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC HMI MTP1900 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3UB27-0BX0) versions antérieures à 21 | ||
| Siemens | N/A | SIMATIC HMI MTP1900 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3UB57-0BX0) versions antérieures à 21 | ||
| Siemens | N/A | SCALANCE XM408-8C (6GK5408-8GS00-2AM2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) versions antérieures à 3.2.0 | ||
| Siemens | N/A | SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) toutes versions pour les vulnérabilités CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789. | ||
| Siemens | N/A | SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE X204-2TS (6GK5204-2BB10-2CA2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) versions antérieures à 6.6.0 | ||
| Siemens | N/A | SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40833. | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à 8.3 | ||
| Siemens | N/A | SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3) toutes versions pour la vulnérabilité CVE-2025-40833 | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à 8.3 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 2x230V (6GK5524-8GS00-4AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR552-12M (2HR2) (6GK5552-0AA00-2HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X208PRO (6GK5208-0HA10-2AA6) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1000 Unified Comfort Panel (6AV2128-3KB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X224 (6GK5224-0BA00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3XB27-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG10-1CR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X310 (6GK5310-0FA00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM408-4C (6GK5408-4GP00-2AM2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3QB57-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2 (6GK5308-2FL00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 1x230V (6GK5526-8GS00-3AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3XB57-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP700 Unified Comfort Panel (6AV2128-3GB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR528-6M (6GK5528-0AA00-2AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP Open Controller CPU 1515SP PC3 V4 CPUs toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3QB27-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Unified Comfort Panel (6AV2128-3QB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CFU PA (6ES7655-5PX11-0XX0) versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 24V (6GK5526-8GS00-2AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Unified Comfort Panel neutral design (6AV2128-3QB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CFU PA (6ES7655-5PX11-1XX0) versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Unified Comfort Panel hygienic (6AV2128-3QB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X212-2 (6GK5212-2BB00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPROTEC 5 versions sup\u00e9rieures ou \u00e9gales \u00e07.80 pour la vuln\u00e9rabilit\u00e9 CVE-2024-54017",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204-2 (6GK5204-2BC00-2AF2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG10-3HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X310FE (6GK5310-0BA00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Unified Comfort Panel hygienic neutral design (6AV2128-3QB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3MB57-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG10-1HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1000 Unified Comfort Panel hygienic neutral design (6AV2128-3KB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3UB27-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3XB27-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7 PLCs Web Server versions ant\u00e9rieures \u00e0 2.9.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X204-2LD (6GK5204-2BC10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR552-12M (2HR2) (6GK5552-0AR00-2HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204 (6GK5204-0BA00-2AF2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2M (6GK5308-2GG10-2AA2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3UB57-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPROTEC 5 versions sup\u00e9rieures ou \u00e9gales \u00e07.80 et versions ant\u00e9rieures \u00e0 11.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-3 (6GK5307-3BL10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Unified Comfort Panel (6AV2128-3UB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CN 4100 versions ant\u00e9rieures \u00e0 5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3QB57-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2M (6GK5308-2GG00-2AA2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Unified Comfort Panel (6AV2128-3XB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X204-2 (6GK5204-2BB10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X212-2LD (6GK5212-2BC00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3QB27-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3XB57-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0) versions ant\u00e9rieures \u00e0 2.9.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR552-12M (6GK5552-0AA00-2AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 24V (L3 int.) (6GK5526-8GR00-2AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Unified Comfort Panel neutral design (6AV2128-3XB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Unified Comfort Panel hygienic (6AV2128-3UB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3QB57-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 24V (L3 int.) (6GK5524-8GR00-2AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0) versions ant\u00e9rieures \u00e0 2.9.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1000, Unified Comfort Panel neutral (6AV2128-3KB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2LH (6GK5308-2FN10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Unified Comfort Panel hygienic neutral design (6AV2128-3UB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7 PLCs Web Server versions ant\u00e9rieures \u00e0 3.1.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-3 (6GK5307-3BL00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0) versions ant\u00e9rieures \u00e0 2.9.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2M TS (6GK5308-2GG00-2CA2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X204-2FM (6GK5204-2BB11-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X304-2FE (6GK5304-2BD00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2LH (6GK5308-2FN00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7 PLCs Web Server toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Unified Comfort Panel hygienic neutral design (6AV2128-3MB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X208 (6GK5208-0BA10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM416-4C (6GK5416-4GS00-2AM2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2M TS (6GK5308-2GG10-2CA2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR528-6M (2HR2) (6GK5528-0AA00-2HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X206-1 (6GK5206-1BB10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3MB27-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM416-4C (L3 int.) (6GK5416-4GR00-2AM2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1500 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3QB27-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions ant\u00e9rieures \u00e0 3.1.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Unified Comfort Hygienic neutral design (6AV2128-3XB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC626-2C (6GK5626-2GS00-2AC2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Unified Comfort Panel neutral design (6AV2128-3UB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design (6AV2128-3GB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X310 (6GK5310-0FA10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design (6AV2128-3GB70-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3UB27-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X408-2 (6GK5408-2FD00-2AA2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPROTEC 5 versions ant\u00e9rieures \u00e0 11.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2LD (6GK5308-2FM00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR528-6M (L3 int.) (6GK5528-0AR00-2AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X310FE (6GK5310-0BA10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3MB27-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP700, Unified Comfort Panel neutral design (6AV2128-3GB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM408-8C (L3 int.) (6GK5408-8GR00-2AM2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7 PLCs Web Server toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2LD (6GK5308-2FM10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG10-1AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3MB57-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP HA IM155-6 PN versions ant\u00e9rieures \u00e0 1.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2 RD (inkl. SIPLUS variants) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-3LD (6GK5307-3BM10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3XB27-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3XB57-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 10.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3UB57-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF206-1 (6GK5206-1BC00-2AF2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions ant\u00e9rieures \u00e0 3.1.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 1x230V (6GK5524-8GS00-3AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 2x230V (6GK5526-8GS00-4AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-3LD (6GK5307-3BM00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP2200 Unified Comfort Hygienic (6AV2128-3XB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X320-1 FE (6GK5320-1BD00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X216 (6GK5216-0BA00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CFU DIQ (6ES7655-5PX31-1XX0) versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Unified Comfort Panel (6AV2128-3MB06-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Unified Comfort Panel hygienic (6AV2128-3MB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0) versions ant\u00e9rieures \u00e0 2.9.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1000 Unified Comfort Panel hygienic (6AV2128-3KB40-0AX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3MB27-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X206-1LD (6GK5206-1BC10-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG10-3AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 24V (6GK5524-8GS00-2AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF208 (6GK5208-0BA00-2AF2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Unified Comfort Panel neutral design (6AV2128-3MB36-0AX1) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1200 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3MB57-1BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3UB27-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI MTP1900 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3UB57-0BX0) versions ant\u00e9rieures \u00e0 21",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM408-8C (6GK5408-8GS00-2AM2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2026-25786, CVE-2026-25787 et CVE-2026-25789.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X204-2TS (6GK5204-2BB10-2CA2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) versions ant\u00e9rieures \u00e0 6.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833.",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40833",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-47219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47219"
},
{
"name": "CVE-2025-39812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39812"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2025-38711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38711"
},
{
"name": "CVE-2025-39808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39808"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-39757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39757"
},
{
"name": "CVE-2025-39772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39772"
},
{
"name": "CVE-2025-39826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39826"
},
{
"name": "CVE-2025-39716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39716"
},
{
"name": "CVE-2025-39702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39702"
},
{
"name": "CVE-2025-39685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39685"
},
{
"name": "CVE-2025-39827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39827"
},
{
"name": "CVE-2025-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39828"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2025-38491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38491"
},
{
"name": "CVE-2025-38708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38708"
},
{
"name": "CVE-2025-40833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40833"
},
{
"name": "CVE-2025-39701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39701"
},
{
"name": "CVE-2026-25787",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25787"
},
{
"name": "CVE-2026-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22925"
},
{
"name": "CVE-2025-39709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39709"
},
{
"name": "CVE-2025-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39689"
},
{
"name": "CVE-2025-39787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39787"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2025-38695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38695"
},
{
"name": "CVE-2025-39749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39749"
},
{
"name": "CVE-2025-39866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39866"
},
{
"name": "CVE-2025-39843",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39843"
},
{
"name": "CVE-2025-23160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23160"
},
{
"name": "CVE-2025-9820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
},
{
"name": "CVE-2025-39681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39681"
},
{
"name": "CVE-2025-39770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39770"
},
{
"name": "CVE-2025-38706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38706"
},
{
"name": "CVE-2025-38699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38699"
},
{
"name": "CVE-2025-38707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38707"
},
{
"name": "CVE-2025-39692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39692"
},
{
"name": "CVE-2025-38677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38677"
},
{
"name": "CVE-2025-39853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39853"
},
{
"name": "CVE-2025-39857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39857"
},
{
"name": "CVE-2025-39865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39865"
},
{
"name": "CVE-2025-39675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39675"
},
{
"name": "CVE-2025-38693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38693"
},
{
"name": "CVE-2025-38679",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38679"
},
{
"name": "CVE-2025-38685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38685"
},
{
"name": "CVE-2025-38502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38502"
},
{
"name": "CVE-2025-39838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39838"
},
{
"name": "CVE-2025-39823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39823"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2025-39864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39864"
},
{
"name": "CVE-2025-39824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39824"
},
{
"name": "CVE-2025-39737",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39737"
},
{
"name": "CVE-2025-38702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38702"
},
{
"name": "CVE-2025-38724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38724"
},
{
"name": "CVE-2025-38698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38698"
},
{
"name": "CVE-2025-39842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39842"
},
{
"name": "CVE-2025-37931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37931"
},
{
"name": "CVE-2025-39849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39849"
},
{
"name": "CVE-2026-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28389"
},
{
"name": "CVE-2025-39743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39743"
},
{
"name": "CVE-2025-39718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39718"
},
{
"name": "CVE-2025-38712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38712"
},
{
"name": "CVE-2025-38732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38732"
},
{
"name": "CVE-2025-39773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39773"
},
{
"name": "CVE-2025-38696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38696"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2025-38670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38670"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-39845",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39845"
},
{
"name": "CVE-2025-39788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39788"
},
{
"name": "CVE-2025-38735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38735"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-43368",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43368"
},
{
"name": "CVE-2025-38614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38614"
},
{
"name": "CVE-2025-23143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23143"
},
{
"name": "CVE-2025-38322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38322"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-38694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38694"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-38676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38676"
},
{
"name": "CVE-2025-38729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38729"
},
{
"name": "CVE-2025-38681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38681"
},
{
"name": "CVE-2026-28387",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28387"
},
{
"name": "CVE-2025-39795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39795"
},
{
"name": "CVE-2026-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28388"
},
{
"name": "CVE-2025-38687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38687"
},
{
"name": "CVE-2025-38728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38728"
},
{
"name": "CVE-2025-38715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38715"
},
{
"name": "CVE-2025-39710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39710"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2025-39683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39683"
},
{
"name": "CVE-2025-39794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39794"
},
{
"name": "CVE-2025-39697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39697"
},
{
"name": "CVE-2026-25786",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25786"
},
{
"name": "CVE-2025-38713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38713"
},
{
"name": "CVE-2025-39782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39782"
},
{
"name": "CVE-2025-38697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38697"
},
{
"name": "CVE-2025-38691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38691"
},
{
"name": "CVE-2025-39759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39759"
},
{
"name": "CVE-2025-39860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39860"
},
{
"name": "CVE-2025-39760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39760"
},
{
"name": "CVE-2025-39673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39673"
},
{
"name": "CVE-2025-39839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39839"
},
{
"name": "CVE-2025-38723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38723"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-39848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39848"
},
{
"name": "CVE-2025-39800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39800"
},
{
"name": "CVE-2025-39703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39703"
},
{
"name": "CVE-2025-39825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39825"
},
{
"name": "CVE-2025-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38552"
},
{
"name": "CVE-2026-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28390"
},
{
"name": "CVE-2025-39766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39766"
},
{
"name": "CVE-2025-39801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39801"
},
{
"name": "CVE-2025-39724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39724"
},
{
"name": "CVE-2025-39687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39687"
},
{
"name": "CVE-2025-39694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39694"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2025-39806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39806"
},
{
"name": "CVE-2025-38721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38721"
},
{
"name": "CVE-2025-39684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39684"
},
{
"name": "CVE-2025-38725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38725"
},
{
"name": "CVE-2025-38347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38347"
},
{
"name": "CVE-2025-39776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39776"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-37968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37968"
},
{
"name": "CVE-2026-22924",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22924"
},
{
"name": "CVE-2025-38683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38683"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2025-39736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39736"
},
{
"name": "CVE-2025-39846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39846"
},
{
"name": "CVE-2026-31789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31789"
},
{
"name": "CVE-2025-39691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39691"
},
{
"name": "CVE-2025-39844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39844"
},
{
"name": "CVE-2025-39742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39742"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2026-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21947"
},
{
"name": "CVE-2025-38701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38701"
},
{
"name": "CVE-2024-58240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58240"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2024-54017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54017"
},
{
"name": "CVE-2025-39817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39817"
},
{
"name": "CVE-2024-47704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47704"
},
{
"name": "CVE-2025-39790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39790"
},
{
"name": "CVE-2026-2673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2673"
},
{
"name": "CVE-2025-38680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38680"
},
{
"name": "CVE-2025-38684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38684"
},
{
"name": "CVE-2025-39686",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39686"
},
{
"name": "CVE-2025-39798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39798"
},
{
"name": "CVE-2026-27662",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27662"
},
{
"name": "CVE-2025-39714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39714"
},
{
"name": "CVE-2025-39706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39706"
},
{
"name": "CVE-2026-25789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25789"
},
{
"name": "CVE-2025-39719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39719"
},
{
"name": "CVE-2025-39738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39738"
},
{
"name": "CVE-2025-39713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39713"
},
{
"name": "CVE-2025-31257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31257"
},
{
"name": "CVE-2025-39756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39756"
},
{
"name": "CVE-2025-38736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38736"
},
{
"name": "CVE-2025-39693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39693"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2025-39682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39682"
},
{
"name": "CVE-2025-39676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39676"
},
{
"name": "CVE-2025-39813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39813"
},
{
"name": "CVE-2025-39847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39847"
},
{
"name": "CVE-2025-39819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39819"
},
{
"name": "CVE-2025-39783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39783"
},
{
"name": "CVE-2025-39715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39715"
},
{
"name": "CVE-2025-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39835"
},
{
"name": "CVE-2025-38700",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38700"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2025-39841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39841"
},
{
"name": "CVE-2026-31790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31790"
},
{
"name": "CVE-2025-14831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14831"
},
{
"name": "CVE-2025-38714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38714"
},
{
"name": "CVE-2025-39752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39752"
}
],
"initial_release_date": "2026-05-12T00:00:00",
"last_revision_date": "2026-05-12T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0565",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Siemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-392349",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-392349.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-032379",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-786884",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-786884.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-688146",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-688146.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-387223",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-387223.html"
}
]
}
CERTFR-2026-AVI-0627
Vulnerability from certfr_avis - Published: 2026-05-21 - Updated: 2026-05-21
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Splunk Enterprise | Splunk Enterprise versions 10.2.x antérieures à 10.2.3 | ||
| Splunk | N/A | Splunk AI Toolkit versions 5.7.x antérieures à 5.7.3 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 9.3.2411 antérieures à 9.3.2411.129 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.3.2512 antérieures à 10.3.2512.9 | ||
| Splunk | Splunk | image Docker Splunk versions 10.2.x antérieures à 10.2.2 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.4.2603 antérieures à 10.4.2603.1 | ||
| Splunk | Splunk AppDynamics Database Agent | Splunk AppDynamics Database Agent versions antérieures à 26.4.0 | ||
| Splunk | Splunk | image Docker Splunk versions 9.4.x antérieures à 9.4.10 | ||
| Splunk | Splunk User Behavior Analytics (UBA) | Splunk User Behavior Analytics versions 5.4.x antérieures à 5.4.5 | ||
| Splunk | Splunk AppDynamics Private Synthetic Agent | Splunk AppDynamics Private Synthetic Agent versions antérieures à 26.4.0 | ||
| Splunk | Splunk AppDynamics Analytics Agent | Splunk AppDynamics Analytics Agent versions antérieures à 26.4.0 | ||
| Splunk | N/A | Splunk AppDynamics Cluster Agent versions antérieures à 26.4.0 | ||
| Splunk | Splunk AppDynamics Machine Agent | Splunk AppDynamics Machine Agent versions antérieures à 26.4.0 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.2.2510 antérieures à 10.2.2510.11 | ||
| Splunk | N/A | Splunk AppDynamics Python Agent versions antérieures à 26.4.1 | ||
| Splunk | Splunk | image Docker Splunk versions 10.0.x antérieures à 10.0.5 | ||
| Splunk | N/A | Splunk Add-on for Tomcat versions 3.3.x antérieures à 3.3.1 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.1.2507 antérieures à 10.1.2507.21 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 10.0.x antérieures à 10.0.6 | ||
| Splunk | N/A | Splunk AppDynamics Apache Web Server Agent versions 25.11.x antérieures à 25.11.1 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.4.x antérieures à 9.4.11 | ||
| Splunk | Splunk | image Docker Splunk versions 9.3.x antérieures à 9.3.11 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.0.2503 antérieures à 10.0.2503.13 | ||
| Splunk | Universal Forwarder | Splunk Universal Forwarder versions 9.4.x antérieures à 9.4.11 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.3.x antérieures à 9.3.12 | ||
| Splunk | Splunk AppDynamics Java Agent | Splunk AppDynamics Java Agent versions antérieures à 26.4.0 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Splunk Enterprise versions 10.2.x ant\u00e9rieures \u00e0 10.2.3",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AI Toolkit versions 5.7.x ant\u00e9rieures \u00e0 5.7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 9.3.2411 ant\u00e9rieures \u00e0 9.3.2411.129",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.3.2512 ant\u00e9rieures \u00e0 10.3.2512.9",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "image Docker Splunk versions 10.2.x ant\u00e9rieures \u00e0 10.2.2",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.4.2603 ant\u00e9rieures \u00e0 10.4.2603.1",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Database Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "Splunk AppDynamics Database Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "image Docker Splunk versions 9.4.x ant\u00e9rieures \u00e0 9.4.10",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk User Behavior Analytics versions 5.4.x ant\u00e9rieures \u00e0 5.4.5",
"product": {
"name": "Splunk User Behavior Analytics (UBA)",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Private Synthetic Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "Splunk AppDynamics Private Synthetic Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Analytics Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "Splunk AppDynamics Analytics Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Cluster Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Machine Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "Splunk AppDynamics Machine Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.2.2510 ant\u00e9rieures \u00e0 10.2.2510.11",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Python Agent versions ant\u00e9rieures \u00e0 26.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "image Docker Splunk versions 10.0.x ant\u00e9rieures \u00e0 10.0.5",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Add-on for Tomcat versions 3.3.x ant\u00e9rieures \u00e0 3.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.1.2507 ant\u00e9rieures \u00e0 10.1.2507.21",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 10.0.x ant\u00e9rieures \u00e0 10.0.6",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Apache Web Server Agent versions 25.11.x ant\u00e9rieures \u00e0 25.11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.4.x ant\u00e9rieures \u00e0 9.4.11",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "image Docker Splunk versions 9.3.x ant\u00e9rieures \u00e0 9.3.11",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.0.2503 ant\u00e9rieures \u00e0 10.0.2503.13",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Universal Forwarder versions 9.4.x ant\u00e9rieures \u00e0 9.4.11",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.3.x ant\u00e9rieures \u00e0 9.3.12",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Java Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "Splunk AppDynamics Java Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-26007",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26007"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-58436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58436"
},
{
"name": "CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2026-32777",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32777"
},
{
"name": "CVE-2025-61730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
},
{
"name": "CVE-2024-5321",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5321"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2026-41324",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41324"
},
{
"name": "CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"name": "CVE-2026-42308",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42308"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2025-29775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29775"
},
{
"name": "CVE-2026-3543",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3543"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"name": "CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"name": "CVE-2025-15282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
},
{
"name": "CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"name": "CVE-2026-22737",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22737"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2025-68384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68384"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2025-58190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58190"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2026-21637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21637"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2026-22801",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22801"
},
{
"name": "CVE-2026-42309",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42309"
},
{
"name": "CVE-2023-49082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49082"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2026-39892",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
},
{
"name": "CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"name": "CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-29774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29774"
},
{
"name": "CVE-2025-28164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-28164"
},
{
"name": "CVE-2026-3540",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3540"
},
{
"name": "CVE-2024-10220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10220"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"name": "CVE-2025-46762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46762"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2025-68156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68156"
},
{
"name": "CVE-2026-25990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
},
{
"name": "CVE-2026-32288",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32288"
},
{
"name": "CVE-2022-45868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45868"
},
{
"name": "CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-30065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30065"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2026-34876",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34876"
},
{
"name": "CVE-2025-4432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4432"
},
{
"name": "CVE-2023-5590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5590"
},
{
"name": "CVE-2025-11468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
},
{
"name": "CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"name": "CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"name": "CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2020-24616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
},
{
"name": "CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2026-27456",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27456"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-58060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58060"
},
{
"name": "CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2026-1605",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1605"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"name": "CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2026-3061",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3061"
},
{
"name": "CVE-2026-27171",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27171"
},
{
"name": "CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"name": "CVE-2026-3731",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3731"
},
{
"name": "CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"name": "CVE-2026-35469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35469"
},
{
"name": "CVE-2026-3062",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3062"
},
{
"name": "CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"name": "CVE-2020-10650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2026-1861",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1861"
},
{
"name": "CVE-2025-66516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66516"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2251"
},
{
"name": "CVE-2026-25833",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25833"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-49844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49844"
},
{
"name": "CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"name": "CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"name": "CVE-2025-9820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
},
{
"name": "CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"name": "CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"name": "CVE-2026-22690",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22690"
},
{
"name": "CVE-2025-55130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55130"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2022-46337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2021-35516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35516"
},
{
"name": "CVE-2026-3544",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3544"
},
{
"name": "CVE-2024-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12084"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2020-13949",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13949"
},
{
"name": "CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"name": "CVE-2026-2648",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2648"
},
{
"name": "CVE-2023-47627",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47627"
},
{
"name": "CVE-2026-40200",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40200"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2026-27025",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27025"
},
{
"name": "CVE-2025-55131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55131"
},
{
"name": "CVE-2026-32778",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32778"
},
{
"name": "CVE-2026-5121",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5121"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"name": "CVE-2024-41996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41996"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-59465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59465"
},
{
"name": "CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"name": "CVE-2026-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21715"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2026-34073",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34073"
},
{
"name": "CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"name": "CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"name": "CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"name": "CVE-2019-10202",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10202"
},
{
"name": "CVE-2026-25834",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25834"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2026-3537",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3537"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-69225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69225"
},
{
"name": "CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"name": "CVE-2026-27024",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27024"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-35517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
},
{
"name": "CVE-2026-4424",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4424"
},
{
"name": "CVE-2025-67030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67030"
},
{
"name": "CVE-2026-34877",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34877"
},
{
"name": "CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"name": "CVE-2026-27142",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27142"
},
{
"name": "CVE-2026-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28389"
},
{
"name": "CVE-2021-23358",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23358"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2026-34875",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34875"
},
{
"name": "CVE-2026-21717",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21717"
},
{
"name": "CVE-2025-64505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64505"
},
{
"name": "CVE-2025-69227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69227"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-28165",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28165"
},
{
"name": "CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2019-14439",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2026-34478",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34478"
},
{
"name": "CVE-2026-33055",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33055"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2025-11143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11143"
},
{
"name": "CVE-2026-34480",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34480"
},
{
"name": "CVE-2017-7658",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7658"
},
{
"name": "CVE-2026-27699",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27699"
},
{
"name": "CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"name": "CVE-2025-47911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47911"
},
{
"name": "CVE-2025-28162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-28162"
},
{
"name": "CVE-2023-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22946"
},
{
"name": "CVE-2026-33228",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
},
{
"name": "CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"name": "CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"name": "CVE-2025-13151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13151"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2021-36090",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
},
{
"name": "CVE-2026-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21716"
},
{
"name": "CVE-2025-64506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64506"
},
{
"name": "CVE-2024-53899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53899"
},
{
"name": "CVE-2025-68161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
},
{
"name": "CVE-2026-28351",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28351"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-14174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14174"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"name": "CVE-2025-64720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
},
{
"name": "CVE-2024-30251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30251"
},
{
"name": "CVE-2020-11620",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
},
{
"name": "CVE-2026-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2650"
},
{
"name": "CVE-2026-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3541"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"name": "CVE-2026-3539",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3539"
},
{
"name": "CVE-2026-34874",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34874"
},
{
"name": "CVE-2026-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21712"
},
{
"name": "CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"name": "CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"name": "CVE-2024-27306",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27306"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2024-8775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8775"
},
{
"name": "CVE-2026-3538",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3538"
},
{
"name": "CVE-2025-55159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55159"
},
{
"name": "CVE-2025-55132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55132"
},
{
"name": "CVE-2026-22702",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22702"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"name": "CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2025-68390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68390"
},
{
"name": "CVE-2024-11079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11079"
},
{
"name": "CVE-2026-22732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22732"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2026-25210",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25210"
},
{
"name": "CVE-2026-28387",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28387"
},
{
"name": "CVE-2025-65018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
},
{
"name": "CVE-2026-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28388"
},
{
"name": "CVE-2026-40192",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
},
{
"name": "CVE-2025-66293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2026-32289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32289"
},
{
"name": "CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"name": "CVE-2026-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21714"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2026-4111",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4111"
},
{
"name": "CVE-2026-24515",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24515"
},
{
"name": "CVE-2024-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2026-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2441"
},
{
"name": "CVE-2020-14195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
},
{
"name": "CVE-2025-69228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69228"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2025-1948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1948"
},
{
"name": "CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"name": "CVE-2025-27553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27553"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2026-27888",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27888"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2026-33056",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33056"
},
{
"name": "CVE-2026-25835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25835"
},
{
"name": "CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2020-14061",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2017-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7657"
},
{
"name": "CVE-2025-67735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
},
{
"name": "CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"name": "CVE-2026-0965",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0965"
},
{
"name": "CVE-2020-36242",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36242"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2022-40023",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40023"
},
{
"name": "CVE-2020-11619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2026-34872",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34872"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"name": "CVE-2026-3542",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3542"
},
{
"name": "CVE-2023-49081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49081"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2026-34871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34871"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-69226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69226"
},
{
"name": "CVE-2026-3536",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3536"
},
{
"name": "CVE-2026-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28390"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2024-32650",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32650"
},
{
"name": "CVE-2026-34873",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34873"
},
{
"name": "CVE-2026-6042",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6042"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2019-10172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10172"
},
{
"name": "CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"name": "CVE-2026-0967",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0967"
},
{
"name": "CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-59466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59466"
},
{
"name": "CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"name": "CVE-2026-25639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
},
{
"name": "CVE-2026-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21713"
},
{
"name": "CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"name": "CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"name": "CVE-2026-0968",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0968"
},
{
"name": "CVE-2026-27140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27140"
},
{
"name": "CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"name": "CVE-2024-52304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52304"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2023-5408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5408"
},
{
"name": "CVE-2025-69277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69277"
},
{
"name": "CVE-2026-25541",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25541"
},
{
"name": "CVE-2026-31789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31789"
},
{
"name": "CVE-2026-22735",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22735"
},
{
"name": "CVE-2026-42311",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42311"
},
{
"name": "CVE-2026-20239",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20239"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2026-3063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3063"
},
{
"name": "CVE-2019-0210",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0210"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-27308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27308"
},
{
"name": "CVE-2026-42310",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42310"
},
{
"name": "CVE-2026-22695",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22695"
},
{
"name": "CVE-2026-27139",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27139"
},
{
"name": "CVE-2026-20240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20240"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2019-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
},
{
"name": "CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"name": "CVE-2025-66566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66566"
},
{
"name": "CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"name": "CVE-2017-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7656"
},
{
"name": "CVE-2026-27026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27026"
},
{
"name": "CVE-2026-2673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2673"
},
{
"name": "CVE-2018-20225",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20225"
},
{
"name": "CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"name": "CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2025-14819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14819"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2026-27141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27141"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2026-1584",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1584"
},
{
"name": "CVE-2026-20238",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20238"
},
{
"name": "CVE-2024-23829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23829"
},
{
"name": "CVE-2025-59464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59464"
},
{
"name": "CVE-2025-30153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30153"
},
{
"name": "CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2025-69229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69229"
},
{
"name": "CVE-2021-35515",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35515"
},
{
"name": "CVE-2026-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3545"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2026-28804",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28804"
},
{
"name": "CVE-2026-34477",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34477"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2026-2649",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2649"
},
{
"name": "CVE-2024-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
},
{
"name": "CVE-2025-37731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37731"
},
{
"name": "CVE-2026-24688",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24688"
},
{
"name": "CVE-2026-32776",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32776"
},
{
"name": "CVE-2025-12183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12183"
},
{
"name": "CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"name": "CVE-2025-68119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68119"
},
{
"name": "CVE-2025-7338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7338"
},
{
"name": "CVE-2022-23491",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2026-22691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22691"
},
{
"name": "CVE-2026-27628",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27628"
},
{
"name": "CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2026-1225",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
},
{
"name": "CVE-2020-14060",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
},
{
"name": "CVE-2026-31790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31790"
},
{
"name": "CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-14831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14831"
},
{
"name": "CVE-2024-23334",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23334"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"name": "CVE-2019-20445",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20445"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
},
{
"name": "CVE-2020-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
}
],
"initial_release_date": "2026-05-21T00:00:00",
"last_revision_date": "2026-05-21T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0627",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0512",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0512"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0513",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0513"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0509",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0509"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0510",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0510"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0505",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0505"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0515",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0515"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0507",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0507"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0506",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0506"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0508",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0508"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0504",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0504"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0514",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0514"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0516",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0516"
},
{
"published_at": "2026-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0501",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0501"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0503",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0503"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0511",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0511"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0502",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0502"
}
]
}
FKIE_CVE-2026-31790
Vulnerability from fkie_nvd - Published: 2026-04-07 22:16 - Updated: 2026-05-12 13:17
Severity
Summary
Issue summary: Applications using RSASVE key encapsulation to establish
a secret encryption key can send contents of an uninitialized memory buffer to
a malicious peer.
Impact summary: The uninitialized buffer might contain sensitive data from the
previous execution of the application process which leads to sensitive data
leakage to an attacker.
RSA_public_encrypt() returns the number of bytes written on success and -1
on error. The affected code tests only whether the return value is non-zero.
As a result, if RSA encryption fails, encapsulation can still return success to
the caller, set the output lengths, and leave the caller to use the contents of
the ciphertext buffer as if a valid KEM ciphertext had been produced.
If applications use EVP_PKEY_encapsulate() with RSA/RSASVE on an
attacker-supplied invalid RSA public key without first validating that key,
then this may cause stale or uninitialized contents of the caller-provided
ciphertext buffer to be disclosed to the attacker in place of the KEM
ciphertext.
As a workaround calling EVP_PKEY_public_check() or
EVP_PKEY_public_check_quick() before EVP_PKEY_encapsulate() will mitigate
the issue.
The FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.1 and 3.0 are affected by this issue.
References
| URL | Tags | ||
|---|---|---|---|
| openssl-security@openssl.org | https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac | Patch | |
| openssl-security@openssl.org | https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482 | Patch | |
| openssl-security@openssl.org | https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406 | Patch | |
| openssl-security@openssl.org | https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790 | Patch | |
| openssl-security@openssl.org | https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e | Patch | |
| openssl-security@openssl.org | https://openssl-library.org/news/secadv/20260407.txt | Vendor Advisory | |
| 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e | https://cert-portal.siemens.com/productcert/html/ssa-032379.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B28A8143-89A4-4332-A1F8-A65FB5AA829F",
"versionEndExcluding": "3.0.20",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF303B21-D9BF-461D-B7B0-A3FE1D557A9F",
"versionEndExcluding": "3.3.7",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCE43D0-8F17-475D-9EE6-842F758A9905",
"versionEndExcluding": "3.4.5",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6BC0271-444D-4597-BF05-DC60034EAA49",
"versionEndExcluding": "3.5.6",
"versionStartIncluding": "3.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A9E621D-29D8-418A-BF37-BED333C14507",
"versionEndExcluding": "3.6.2",
"versionStartIncluding": "3.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Issue summary: Applications using RSASVE key encapsulation to establish\na secret encryption key can send contents of an uninitialized memory buffer to\na malicious peer.\n\nImpact summary: The uninitialized buffer might contain sensitive data from the\nprevious execution of the application process which leads to sensitive data\nleakage to an attacker.\n\nRSA_public_encrypt() returns the number of bytes written on success and -1\non error. The affected code tests only whether the return value is non-zero.\nAs a result, if RSA encryption fails, encapsulation can still return success to\nthe caller, set the output lengths, and leave the caller to use the contents of\nthe ciphertext buffer as if a valid KEM ciphertext had been produced.\n\nIf applications use EVP_PKEY_encapsulate() with RSA/RSASVE on an\nattacker-supplied invalid RSA public key without first validating that key,\nthen this may cause stale or uninitialized contents of the caller-provided\nciphertext buffer to be disclosed to the attacker in place of the KEM\nciphertext.\n\nAs a workaround calling EVP_PKEY_public_check() or\nEVP_PKEY_public_check_quick() before EVP_PKEY_encapsulate() will mitigate\nthe issue.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.1 and 3.0 are affected by this issue."
}
],
"id": "CVE-2026-31790",
"lastModified": "2026-05-12T13:17:34.750",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2026-04-07T22:16:21.770",
"references": [
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
],
"url": "https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
],
"url": "https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
],
"url": "https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
],
"url": "https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
],
"url": "https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Vendor Advisory"
],
"url": "https://openssl-library.org/news/secadv/20260407.txt"
},
{
"source": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
}
],
"sourceIdentifier": "openssl-security@openssl.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "openssl-security@openssl.org",
"type": "Secondary"
}
]
}
GHSA-VGXX-5XJ5-Q97X
Vulnerability from github – Published: 2026-04-08 00:30 – Updated: 2026-05-12 15:31
VLAI
Details
Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer.
Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process which leads to sensitive data leakage to an attacker.
RSA_public_encrypt() returns the number of bytes written on success and -1 on error. The affected code tests only whether the return value is non-zero. As a result, if RSA encryption fails, encapsulation can still return success to the caller, set the output lengths, and leave the caller to use the contents of the ciphertext buffer as if a valid KEM ciphertext had been produced.
If applications use EVP_PKEY_encapsulate() with RSA/RSASVE on an attacker-supplied invalid RSA public key without first validating that key, then this may cause stale or uninitialized contents of the caller-provided ciphertext buffer to be disclosed to the attacker in place of the KEM ciphertext.
As a workaround calling EVP_PKEY_public_check() or EVP_PKEY_public_check_quick() before EVP_PKEY_encapsulate() will mitigate the issue.
The FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.1 and 3.0 are affected by this issue.
Severity
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2026-31790"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-07T22:16:21Z",
"severity": "HIGH"
},
"details": "Issue summary: Applications using RSASVE key encapsulation to establish\na secret encryption key can send contents of an uninitialized memory buffer to\na malicious peer.\n\nImpact summary: The uninitialized buffer might contain sensitive data from the\nprevious execution of the application process which leads to sensitive data\nleakage to an attacker.\n\nRSA_public_encrypt() returns the number of bytes written on success and -1\non error. The affected code tests only whether the return value is non-zero.\nAs a result, if RSA encryption fails, encapsulation can still return success to\nthe caller, set the output lengths, and leave the caller to use the contents of\nthe ciphertext buffer as if a valid KEM ciphertext had been produced.\n\nIf applications use EVP_PKEY_encapsulate() with RSA/RSASVE on an\nattacker-supplied invalid RSA public key without first validating that key,\nthen this may cause stale or uninitialized contents of the caller-provided\nciphertext buffer to be disclosed to the attacker in place of the KEM\nciphertext.\n\nAs a workaround calling EVP_PKEY_public_check() or\nEVP_PKEY_public_check_quick() before EVP_PKEY_encapsulate() will mitigate\nthe issue.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.1 and 3.0 are affected by this issue.",
"id": "GHSA-vgxx-5xj5-q97x",
"modified": "2026-05-12T15:31:15Z",
"published": "2026-04-08T00:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31790"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
},
{
"type": "WEB",
"url": "https://openssl-library.org/news/secadv/20260407.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…