Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-4843

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-20 Mar, 2018 | 14:00
Updated At-05 Aug, 2024 | 05:18
Rejected At-
Credits

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system. The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:20 Mar, 2018 | 14:00
Updated At:05 Aug, 2024 | 05:18
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system. The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system.

Affected Products
Vendor
Siemens AGSiemens
Product
SIMATIC S7-400 CPU 414-3 PN/DP V7
Default Status
unknown
Versions
Affected
  • All versions < V7.0.3
Vendor
Siemens AGSiemens
Product
SIMATIC S7-400 CPU 414F-3 PN/DP V7
Default Status
unknown
Versions
Affected
  • All versions < V7.0.3
Vendor
Siemens AGSiemens
Product
SIMATIC S7-400 CPU 416-3 PN/DP V7
Default Status
unknown
Versions
Affected
  • All versions < V7.0.3
Vendor
Siemens AGSiemens
Product
SIMATIC S7-400 CPU 416F-3 PN/DP V7
Default Status
unknown
Versions
Affected
  • All versions < V7.0.3
Vendor
Siemens AGSiemens
Product
SIMATIC CP 343-1 (incl. SIPLUS variants)
Default Status
unknown
Versions
Affected
  • All versions
Vendor
Siemens AGSiemens
Product
SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)
Default Status
unknown
Versions
Affected
  • All versions
Vendor
Siemens AGSiemens
Product
SIMATIC CP 443-1
Default Status
unknown
Versions
Affected
  • All versions < V3.3
Vendor
Siemens AGSiemens
Product
SIMATIC CP 443-1
Default Status
unknown
Versions
Affected
  • All versions < V3.3
Vendor
Siemens AGSiemens
Product
SIMATIC CP 443-1 Advanced
Default Status
unknown
Versions
Affected
  • All versions < V3.3
Vendor
Siemens AGSiemens
Product
SIMATIC ET 200pro IM154-8 PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC ET 200pro IM154-8F PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC ET 200pro IM154-8FX PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC ET 200S IM151-8 PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC ET 200S IM151-8F PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)
Default Status
unknown
Versions
Affected
  • All versions < V1.7.0
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1500 Software Controller
Default Status
unknown
Versions
Affected
  • All versions < V1.7.0
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 314C-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.3.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 315-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 315F-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 315T-3 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 317-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 317F-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 317T-3 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 317TF-3 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 319-3 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 319F-3 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIMATIC S7-400 CPU 412-2 PN V7
Default Status
unknown
Versions
Affected
  • All versions < V7.0.3
Vendor
Siemens AGSiemens
Product
SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)
Default Status
unknown
Versions
Affected
  • All versions < V6.0.9
Vendor
Siemens AGSiemens
Product
SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)
Default Status
unknown
Versions
Affected
  • All versions < V6.0.7
Vendor
Siemens AGSiemens
Product
SIMATIC S7-410 CPU family (incl. SIPLUS variants)
Default Status
unknown
Versions
Affected
  • All versions < V8.1
Vendor
Siemens AGSiemens
Product
SIMATIC WinAC RTX 2010
Default Status
unknown
Versions
Affected
  • All versions < V2010 SP3
Vendor
Siemens AGSiemens
Product
SIMATIC WinAC RTX F 2010
Default Status
unknown
Versions
Affected
  • All versions < V2010 SP3
Vendor
Siemens AGSiemens
Product
SINUMERIK 828D
Default Status
unknown
Versions
Affected
  • All versions < V4.7 SP6 HF1
Vendor
Siemens AGSiemens
Product
SIPLUS ET 200S IM151-8 PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIPLUS ET 200S IM151-8F PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIPLUS NET CP 443-1
Default Status
unknown
Versions
Affected
  • All versions < V3.3
Vendor
Siemens AGSiemens
Product
SIPLUS NET CP 443-1 Advanced
Default Status
unknown
Versions
Affected
  • All versions < V3.3
Vendor
Siemens AGSiemens
Product
SIPLUS S7-300 CPU 314C-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.3.16
Vendor
Siemens AGSiemens
Product
SIPLUS S7-300 CPU 315-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIPLUS S7-300 CPU 315F-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIPLUS S7-300 CPU 317-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIPLUS S7-300 CPU 317F-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.2.16
Vendor
Siemens AGSiemens
Product
SIPLUS S7-400 CPU 414-3 PN/DP V7
Default Status
unknown
Versions
Affected
  • All versions < V7.0.3
Vendor
Siemens AGSiemens
Product
SIPLUS S7-400 CPU 416-3 PN/DP V7
Default Status
unknown
Versions
Affected
  • All versions < V7.0.3
Vendor
Siemens AGSiemens
Product
Softnet PROFINET IO for PC-based Windows systems
Default Status
unknown
Versions
Affected
  • All versions
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20: Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20: Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf
N/A
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:20 Mar, 2018 | 14:29
Updated At:09 May, 2023 | 13:15

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system. The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.06.1MEDIUM
AV:A/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 6.1
Base severity: MEDIUM
Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Siemens AG
siemens
>>simatic_cp_343-1_firmware>>-
cpe:2.3:o:siemens:simatic_cp_343-1_firmware:-:*:*:*:advanced:*:*:*
Siemens AG
siemens
>>simatic_cp_343-1>>-
cpe:2.3:h:siemens:simatic_cp_343-1:-:*:*:*:advanced:*:*:*
Siemens AG
siemens
>>simatic_cp_343-1_firmware>>-
cpe:2.3:o:siemens:simatic_cp_343-1_firmware:-:*:*:*:standard:*:*:*
Siemens AG
siemens
>>simatic_cp_343-1>>-
cpe:2.3:h:siemens:simatic_cp_343-1:-:*:*:*:standard:*:*:*
Siemens AG
siemens
>>simatic_cp_443-1_firmware>>-
cpe:2.3:o:siemens:simatic_cp_443-1_firmware:-:*:*:*:advanced:*:*:*
Siemens AG
siemens
>>simatic_cp_443-1>>-
cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:advanced:*:*:*
Siemens AG
siemens
>>simatic_cp_443-1_firmware>>-
cpe:2.3:o:siemens:simatic_cp_443-1_firmware:-:*:*:*:standard:*:*:*
Siemens AG
siemens
>>simatic_cp_443-1>>-
cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:standard:*:*:*
Siemens AG
siemens
>>simatic_s7-1500_firmware>>Versions before 1.7.0(exclusive)
cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-1500>>-
cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_firmware>>-
cpe:2.3:o:siemens:simatic_s7-300_firmware:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300>>-
cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-400_h_v6_firmware>>-
cpe:2.3:o:siemens:simatic_s7-400_h_v6_firmware:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-400_h_v6>>-
cpe:2.3:h:siemens:simatic_s7-400_h_v6:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-400_pn\/dp_v6_firmware>>Versions before 6.0.7(exclusive)
cpe:2.3:o:siemens:simatic_s7-400_pn\/dp_v6_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-400_pn\/dp_v6>>-
cpe:2.3:h:siemens:simatic_s7-400_pn\/dp_v6:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-400_pn\/dp_v7_firmware>>-
cpe:2.3:o:siemens:simatic_s7-400_pn\/dp_v7_firmware:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-400_pn\/dp_v7>>-
cpe:2.3:h:siemens:simatic_s7-400_pn\/dp_v7:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-410_firmware>>Versions before 8.1(exclusive)
cpe:2.3:o:siemens:simatic_s7-410_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-410>>-
cpe:2.3:h:siemens:simatic_s7-410:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_winac_rtx_2010_firmware>>-
cpe:2.3:o:siemens:simatic_winac_rtx_2010_firmware:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_winac_rtx_2010>>-
cpe:2.3:h:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>sinumerik_828d_firmware>>-
cpe:2.3:o:siemens:sinumerik_828d_firmware:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>sinumerik_828d>>-
cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>softnet_pn-io_linux_firmware>>-
cpe:2.3:o:siemens:softnet_pn-io_linux_firmware:-:*:*:*:*:windows:*:*
Siemens AG
siemens
>>softnet_pn-io_linux>>-
cpe:2.3:h:siemens:softnet_pn-io_linux:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primaryproductcert@siemens.com
CWE-20Secondarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: productcert@siemens.com
CWE ID: CWE-20
Type: Secondary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

287Records found
CVE-2025-24510
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.13% / 32.73%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-13 May, 2025 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in MS/TP Point Pickup Module (All versions). Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device's normal operation.

Action-Not Available
Vendor-Siemens AG
Product-MS/TP Point Pickup Module
CWE ID-CWE-20
Improper Input Validation
CVE-2022-28329
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 32.79%
||
7 Day CHG-0.12%
Published-12 Apr, 2022 | 09:08
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle malformed TCP packets received over the RemoteCapture feature. This could allow an attacker to lead to a denial of service condition which only affects the port used by the RemoteCapture feature.

Action-Not Available
Vendor-Siemens AG
Product-scalance_w1788-2ia_m12scalance_w1788-2ia_m12_firmwarescalance_w1788-2_m12_firmwarescalance_w1788-1_m12_firmwarescalance_w1788-2_eec_m12_firmwarescalance_w1788-1_m12scalance_w1788-2_eec_m12scalance_w1788-2_m12SCALANCE W1788-1 M12SCALANCE W1788-2IA M12SCALANCE W1788-2 M12SCALANCE W1788-2 EEC M12
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6865
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 24.49%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover.

Action-Not Available
Vendor-Siemens AG
Product-simatic_automation_toolsinaut_st7ccsimatic_step_7_\(tia_portal\)simatic_winccsimatic_winac_rtx_2010smart_pc_accesssimatic_wincc_flexible_2008simatic_winac_rtx_f_2010security_configuration_toolsinema_serverpcs_7sinumerik_808d_programming_toolsimatic_wincc_\(tia_portal\)primary_setup_toolsimatic_step_7_micro\/win_smartsimatic_net_pc-softwareSIMATIC WinAC RTX F 2010 SP2Security Configuration Tool (SCT)SIMATIC STEP 7 (TIA Portal) V13SIMATIC WinCC (TIA Portal) V14SIMATIC Automation ToolSIMATIC WinCC (TIA Portal) V13SIMATIC WinCC V7.2 and priorSIMATIC NET PC-SoftwareSIMATIC WinCC V7.3SIMATIC WinCC flexible 2008STEP 7 - Micro/WIN SMARTSIMATIC WinCC V7.4Primary Setup Tool (PST)SMART PC AccessSIMATIC PCS 7 V8.1SIMATIC STEP 7 V5.XSINEMA ServerSINUMERIK 808D Programming ToolSINAUT ST7CCSIMATIC WinAC RTX 2010 SP2SIMATIC PCS 7 V8.2SIMATIC STEP 7 (TIA Portal) V14
CWE ID-CWE-20
Improper Input Validation
CVE-2017-9945
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 34.94%
||
7 Day CHG~0.00%
Published-30 Aug, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Ethernet (Layer 2) broadcast. The affected component requires a manual restart via the main device to recover.

Action-Not Available
Vendor-n/aSiemens AG
Product-7km_pac_switched_ethernet_profinet_expansion_module_firmware7km_pac_switched_ethernet_profinet_expansion_moduleSiemens 7KM PAC Switched Ethernet PROFINET expansion module: All versions < V2.1.3
CWE ID-CWE-20
Improper Input Validation
CVE-2025-40556
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.13% / 32.73%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-13 May, 2025 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in BACnet ATEC 550-440 (All versions), BACnet ATEC 550-441 (All versions), BACnet ATEC 550-445 (All versions), BACnet ATEC 550-446 (All versions). Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device's normal operation.

Action-Not Available
Vendor-Siemens AG
Product-BACnet ATEC 550-446BACnet ATEC 550-445BACnet ATEC 550-441BACnet ATEC 550-440
CWE ID-CWE-20
Improper Input Validation
CVE-2022-37894
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 32.26%
||
7 Day CHG-0.11%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InstantOS that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-arubaosscalance_w1750d_firmwareinstantscalance_w1750dAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;
CVE-2023-48364
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.07% / 22.70%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 08:59
Updated-18 Oct, 2024 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server.

Action-Not Available
Vendor-Siemens AG
Product-openpcs_7simatic_winccsimatic_pcs_7simatic_route_controlsimatic_wincc_runtime_professionalsimatic_batchSIMATIC WinCC Runtime Professional V19SIMATIC PCS 7 V9.1OpenPCS 7 V9.1SIMATIC BATCH V9.1SIMATIC WinCC V7.4SIMATIC WinCC V7.5SIMATIC Route Control V9.1SIMATIC WinCC V8.0SIMATIC WinCC Runtime Professional V18
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-37183
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 32.10%
||
7 Day CHG~0.00%
Published-14 Sep, 2021 | 10:47
Updated-23 Apr, 2025 | 19:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software allows sending send-to-sleep notifications to the managed devices. An unauthenticated attacker in the same network of the affected system can abuse these notifications to cause a Denial-of-Service condition in the managed devices.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Server
CWE ID-CWE-284
Improper Access Control
CVE-2014-2253
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.16% / 36.90%
||
7 Day CHG~0.00%
Published-16 Mar, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted Profinet packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_s7-1500_cpu_firmwaren/a
CVE-2014-2252
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.16% / 36.90%
||
7 Day CHG~0.00%
Published-22 Mar, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted PROFINET packets, a different vulnerability than CVE-2014-2253.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_s7_cpu_1200_firmwaresimatic_s7_cpu_1212csimatic_s7_cpu_1215csimatic_s7_cpu-1211csimatic_s7_cpu_1214csimatic_s7_cpu_1217cn/a
CVE-2026-27663
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.02% / 6.13%
||
7 Day CHG~0.00%
Published-26 Mar, 2026 | 14:03
Updated-14 Apr, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), RTUM85 RTU Base (All versions < V26.10). The affected application contains denial-of-service (DoS) vulnerability. The remote operation mode is susceptible to a resource exhaustion condition when subjected to a high volume of requests. Sending multiple requests can exhaust resources, preventing parameterization and requiring a reset or reboot to restore functionality.

Action-Not Available
Vendor-Siemens AG
Product-CPCI85 Central Processing/CommunicationRTUM85 RTU Base
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-31882
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-1.41% / 80.57%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-11 Mar, 2025 | 09:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011)

Action-Not Available
Vendor-Siemens AG
Product-nucleus_readystart_v3talon_tc_compactnucleus_nettalon_tc_compact_firmwareapogee_pxc_compactapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwareapogee_modular_equiment_controllerapogee_modular_building_controllercapital_vstarapogee_pxc_modular_firmwareapogee_pxc_modulartalon_tc_modular_firmwaretalon_tc_modularapogee_modular_building_controller_firmwarenucleus_source_codeCapital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-2681
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.44% / 63.33%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf685r_firmwaresinamics_g150simatic_s7-200_smartsimatic_et_200m_firmwareek-ertec_200_pn_iosinamics_g150_firmwaresinamics_g120\(c\/p\/d\)_pn_firmwaresimatic_rf680r_firmwaresimatic_cp_343-1_advsimatic_s7-300sitop_psu8600sinamics_g130simatic_rf650r_firmwaresinamics_v90_pnsimatic_et_200mp_firmwaresinumerik_840d_sl_firmwaresimatic_s7-1500_firmwaredk_standard_ethernet_controller_firmwaresimatic_cp_443-1_adv_firmwarescalance_x200sinamics_dcpscalance_w700scalance_s615_firmwaresimocode_pro_v_profinetsimatic_cm_1542sp-1simatic_s7-1200_firmwaresimatic_teleservice_adapter_ie_basic_modem_firmwaresimatic_rf680rsirius_motor_starter_m200d_profinet_firmwaresimatic_cp_443-1_stdsimatic_cp_1543sp-1_firmwaresimatic_teleservice_adapter_ie_advanced_modem_firmwaresimatic_et_200ecopnsinamics_g110msimatic_s7-1200sinamics_s110_pn_firmwaresimatic_cp_1542sp-1_irc_firmwaresimatic_cp_1243-1_dnp3_firmwaresimatic_s7-400simatic_teleservice_adapter_ie_advanced_modemsimatic_hmi_mobile_panelssimatic_cp_1243-1sinamics_v90_pn_firmwaresinumerik_828d_firmwaresimatic_winac_rtx_firmwaresimatic_s7-400_firmwaresimatic_cp_343-1_lean_firmwaresimatic_cp_1243-1_firmwareie\/pb-linkpn\/pn_coupler_firmwaresinamics_s150simotionsimatic_cp_1616_firmwaresimatic_et_200s_firmwaresimatic_cp_1543-1simatic_cp_1616ie\/as-i_link_pn_io_firmwarescalance_x300scalance_m-800_firmwaresimatic_hmi_multi_panelssirius_act_3su1simatic_cp_343-1_adv_firmwaresirius_soft_starter_3rw44_pn_firmwareie\/as-i_link_pn_iosimatic_cp_443-1_std_firmwarescalance_xm400scalance_m-800ek-ertec_200_pn_io_firmwaresinamics_s110_pnsimatic_et_200al_firmwaresimatic_cp_1243-1_ircscalance_w700_firmwaresinamics_g110m_firmwarescalance_x200_irt_firmwaresimatic_cp_1542sp-1_ircsimatic_et_200propn\/pn_couplersinamics_dcp_firmwaresimatic_teleservice_adapter_standard_modem_firmwaresimatic_cp_1543-1_firmwarescalance_x408simatic_hmi_comfort_panelssirius_act_3su1_firmwarescalance_x200_firmwaresinamics_dcm_firmwaresoftnet_profinet_io_firmwaresimatic_winac_rtxsimatic_cm_1542-1scalance_xm400_firmwaresimatic_tdc_cp51m1simatic_cp_343-1_stdsinamics_g120\(c\/p\/d\)_pnsimatic_cm_1542sp-1_firmwareups1600_profinet_firmwaresimatic_cp_1243-1_iec_firmwarescalance_xr500_firmwaresimatic_cp_1243-1_iecsimatic_rf685rsimatic_teleservice_adapter_ie_basic_modemsimatic_tdc_cpu555_firmwaredk_standard_ethernet_controllersimatic_et_200alsimatic_cp_443-1_opc-ua_firmwaresimatic_et_200sscalance_s615simatic_cp_1543sp-1simocode_pro_v_profinet_firmwaresimatic_s7-200_smart_firmwaresimatic_cp_443-1_advsinamics_dcmsimotion_firmwaresimatic_dk-16xx_pn_iosimatic_cp_1243-1_dnp3simatic_cp_443-1_opc-uasinumerik_840d_slsimatic_et_200ecopn_firmwaresimatic_cp_1243-1_irc_firmwaresimatic_dk-16xx_pn_io_firmwarescalance_x414_firmwaresimatic_et_200sp_firmwaresirius_motor_starter_m200d_profinetsimatic_s7-1500simatic_cp_1604scalance_xr500scalance_x414ie\/pb-link_firmwarescalance_x200_irtsimatic_et_200pro_firmwaresinumerik_828dsinamics_s120simatic_s7-1500_software_controllersoftnet_profinet_ioek-ertec_200p_pn_io_firmwaresimatic_cp_343-1_leansimatic_cp_1542sp-1sinamics_s120_firmwaresimatic_s7-300_firmwaresinamics_g130_firmwarescalance_x408_firmwaresimatic_teleservice_adapter_standard_modemsimatic_et_200mpsimatic_tdc_cpu555simatic_rf650rsitop_psu8600_firmwaresimatic_et_200spscalance_x300_firmwaresinamics_s150_firmwareek-ertec_200p_pn_iosimatic_et_200msimatic_cp_1604_firmwareups1600_profinetsimatic_tdc_cp51m1_firmwaresimatic_cp_343-1_std_firmwaresirius_soft_starter_3rw44_pnsimatic_cm_1542-1_firmwareSINAMICS S110 w. PNSIMATIC RF685RSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SITOP UPS1600 PROFINET (incl. SIPLUS variants)SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASIMATIC CM 1542-1SCALANCE X408 familySIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC Teleservice Adapter IE StandardSIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC ET 200SP IM 155-6 PN HFSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIRIUS Motor Starter M200D PROFINETSIPLUS ET 200SP IM 155-6 PN HFSCALANCE X-200 family (incl. SIPLUS NET variants)SIMATIC CP 1543SP-1 (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN STSIMATIC MV440 HRSCALANCE X-200IRT family (incl. SIPLUS NET variants)SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC ET200ecoPN: IO-Link MasterSoftnet PROFINET IO for PC-based Windows systemsSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC Teleservice Adapter IE AdvancedSIMATIC MV420 SR-BSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSCALANCE XR-500 familySIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC CP 1604SIMATIC ET 200MP IM 155-5 PN STSIMATIC S7-1500 Software ControllerSIMATIC DK-16xx PN IOSIMATIC MV420 SR-PSINUMERIK 840D sl V4.7SIMATIC TDC CPU555SIMATIC ET200S (incl. SIPLUS variants)IE/AS-i Link PN IOSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC CP 1243-1 (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC CP 343-1 (incl. SIPLUS variants)SITOP PSU8600 PROFINETSIMATIC TDC CP51M1SIMATIC CM 1542SP-1IE/PB-Link (incl. SIPLUS NET variants)SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SINUMERIK 828D V4.7SIMATIC ET 200MP IM 155-5 PN BASINUMERIK 828D V4.5 and priorSINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SIMATIC CP 1616SINAMICS V90 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSCALANCE X-300 family (incl. X408 and SIPLUS NET variants)SIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants)SINAMICS DCM w. PNSIMATIC MV420 SR-B BodySINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC RF650RDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSCALANCE M-800 family (incl. S615, MUM-800 and RM1224)SINUMERIK 840D sl V4.5 and priorSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SCALANCE XM-400 familySIMATIC Teleservice Adapter IE BasicSINAMICS DCP w. PNSINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySINAMICS S150 V4.8 w. PNSIMATIC ET 200M (incl. SIPLUS variants)SIMATIC CP 443-1 (incl. SIPLUS variants)SIMATIC MV440 SRSIMATIC S7-200 SMARTSIMATIC CP 1243-8 IRCSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)SINAMICS S150 V4.7 w. PNSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200SP IM 155-6 PN STSIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC MV440 URSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIMATIC RF680RSIRIUS ACT 3SU1 interface module PROFINETSIPLUS ET 200MP IM 155-5 PN HFSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SCALANCE X414SINAMICS G150 V4.8 w. PNSIMATIC CP 1543-1 (incl. SIPLUS variants)SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMOTION
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-2680
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-2.33% / 84.87%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf685r_firmwaresinamics_g150simatic_s7-200_smartsimatic_et_200m_firmwareextension_unit_15_profinet_firmwareek-ertec_200_pn_iosinamics_g150_firmwaresimatic_rf680r_firmwaresimatic_cp_343-1_advsimatic_s7-300sitop_psu8600sinamics_gh150simatic_dk-1604_pn_iosinamics_g130simatic_rf650r_firmwaresinamics_v90_pnsimatic_et_200mp_firmwaresimatic_s7-1500_software_controller_firmwaresinumerik_840d_sl_firmwaresimatic_s7-1500_firmwareextension_unit_19_profinet_firmwaredk_standard_ethernet_controller_firmwaresimatic_cp_443-1_adv_firmwarescalance_x200sinamics_gm150_firmwaresinamics_dcpscalance_w700scalance_s615_firmwaresimocode_pro_v_profinetsimatic_s7-1200_firmwaresimatic_rf680rsirius_motor_starter_m200d_profinet_firmwaresimatic_cp_443-1_stdsimatic_cp_1543sp-1_firmwaresimatic_et_200ecopnsinamics_g110m_s110_pnsimatic_s7-1200simatic_cp_1542sp-1_irc_firmwaresimatic_cp_1243-1_dnp3_firmwaresimatic_cp_1626_firmwareextension_unit_12_profinet_firmwaresinamics_g120\(c\/p\/d\)_w._pnsimatic_s7-400simatic_teleservice_adapter_ie_advanced_modemsimatic_hmi_mobile_panelssimatic_cp_1243-1sinamics_v90_pn_firmwaresinumerik_828d_firmwareextension_unit_22_profinetsimatic_winac_rtx_firmwaresimatic_s7-400_firmwareextension_unit_15_profinetsimatic_cp_343-1_lean_firmwaresimatic_cp_1243-1_firmwaresimatic_dk-1604_pn_io_firmwareie\/pb-linksimatic_dk-1616_pn_io_firmwarepn\/pn_coupler_firmwaresinamics_s150simotionsimatic_cp_1616_firmwaresimatic_et_200s_firmwaresimatic_cp_1543-1simatic_cp_1616ie\/as-i_link_pn_io_firmwarescalance_x300sinamics__s110_pn_firmwarescalance_m-800_firmwaresimatic_hmi_multi_panelssirius_act_3su1simatic_cp_343-1_adv_firmwaresirius_soft_starter_3rw44_pn_firmwaresimatic_dk-1616_pn_ioie\/as-i_link_pn_iosimatic_cp_443-1_std_firmwarescalance_xm400sinamics_sm120_firmwarescalance_m-800ek-ertec_200_pn_io_firmwaresimatic_teleservice_adapter_ie_basic_firmwaresimatic_et_200al_firmwaresinamics_sm120simatic_cp_1243-1_ircscalance_w700_firmwaresinamics_g110m_firmwarescalance_x200_irt_firmwaresimatic_cp_1542sp-1_ircsimatic_et_200propn\/pn_couplersinamics_sl150sinamics_dcp_firmwaresimatic_cp_1543-1_firmwareextension_unit_19_profinetscalance_x408simatic_hmi_comfort_panelssirius_act_3su1_firmwarescalance_x200_firmwaresinamics_dcm_firmwaresoftnet_profinet_io_firmwaresimatic_teleservice_adapter_ie_basicsimatic_winac_rtxsimatic_cm_1542-1scalance_xm400_firmwaresimatic_tdc_cp51m1simatic_cp_343-1_stdsimatic_cp_1243-8ups1600_profinet_firmwaresimatic_cp_1243-1_iec_firmwarescalance_xr500_firmwaresimatic_cp_1243-1_iecsimatic_rf685rsimatic_tdc_cpu555_firmwaresimatic_cp_1243-7_lte\/us_firmwaredk_standard_ethernet_controllerextension_unit_12_profinetsimatic_cp_1243-8_firmwaresimatic_et_200alsimatic_cp_443-1_opc-ua_firmwaresimatic_et_200sscalance_s615simatic_cp_1543sp-1simatic_teleservice_adapter_ie_standard_firmwaresinamics_gl150_firmwaresimocode_pro_v_profinet_firmwaresimatic_s7-200_smart_firmwaresinamics_gm150simatic_cp_443-1_advsimatic_cp_1243-7_lte\/ussinamics_dcmsimotion_firmwaresimatic_cp_1243-1_dnp3simatic_cp_443-1_opc-uasinumerik_840d_slsimatic_et_200ecopn_firmwaresimatic_cp_1243-1_irc_firmwarescalance_x414_firmwaresimatic_et_200sp_firmwaresirius_motor_starter_m200d_profinetsimatic_s7-1500simatic_cp_1604scalance_xr500scalance_x414ie\/pb-link_firmwarescalance_x200_irtsimatic_et_200pro_firmwaresinumerik_828dsinamics_gh150_firmwaresimatic_s7-1500_software_controllersinamics_s120simatic_cp_1242-7_gprs_firmwaresoftnet_profinet_ioek-ertec_200p_pn_io_firmwaresimatic_cp_343-1_leansimatic_cp_1542sp-1sinamics_s120_firmwaresimatic_s7-300_firmwareextension_unit_22_profinet_firmwaresinamics_g130_firmwarescalance_x408_firmwaresimatic_et_200mpsimatic_tdc_cpu555sinamics_g120\(c\/p\/d\)_w._pn_firmwaresimatic_rf650rsitop_psu8600_firmwaresimatic_et_200spsimatic_cp_1542sp-1_firmwarescalance_x300_firmwaresimatic_teleservice_adapter_ie_advanced_firmwaresimatic_cp_1242-7_gprssinamics_s150_firmwareek-ertec_200p_pn_iosimatic_teleservice_adapter_ie_standardsimatic_et_200msimatic_cp_1604_firmwareups1600_profinetsinamics_gl150simatic_cp_1626sinamics_sl150_firmwaresimatic_tdc_cp51m1_firmwaresimatic_cp_343-1_std_firmwaresirius_soft_starter_3rw44_pnsimatic_cm_1542-1_firmwareSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)SINAMICS SL150 V4.7.5 w. PROFINETSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC Teleservice Adapter IE StandardSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIRIUS Motor Starter M200D PROFINETSCALANCE X-200 family (incl. SIPLUS NET variants)SIMATIC CP 1543SP-1 (incl. SIPLUS variants)SIMATIC MV440 HRSINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN: IO-Link MasterSINAMICS SL150 V4.7.4 w. PROFINETSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC Teleservice Adapter IE AdvancedSIMATIC CP 1626SIMATIC MV420 SR-BSCALANCE XR-500 familySIMATIC ET200ecoPN, 16DI, DC24V, 8xM12Extension Unit 19" PROFINETSIMATIC ET 200MP IM 155-5 PN STSIMATIC DK-16xx PN IOSIMATIC MV420 SR-PSINUMERIK 840D sl V4.7SIMATIC TDC CPU555SIMATIC TDC CP51M1IE/PB-Link (incl. SIPLUS NET variants)SIMATIC ET 200MP IM 155-5 PN BASINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants)SIMATIC MV420 SR-B BodyDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC RF650RSCALANCE XM-400 familySINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySINAMICS S150 V4.8 w. PNSIMATIC MV440 SRSIMATIC S7-200 SMARTSIMATIC CP 1243-8 IRCExtension Unit 22" PROFINETSIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)SINAMICS S150 V4.7 w. PNSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)SINAMICS SM120 V4.7 w. PROFINETSIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIMATIC RF680RSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SINAMICS GH150 V4.7 w. PROFINETSIMATIC CP 1543-1 (incl. SIPLUS variants)SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMOTIONSINAMICS GL150 V4.7 w. PROFINETSINAMICS S110 w. PNSIMATIC RF685RSITOP UPS1600 PROFINET (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASIMATIC CM 1542-1SCALANCE X408 familySIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC ET 200SP IM 155-6 PN HFSIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 PN STSCALANCE X-200IRT family (incl. SIPLUS NET variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC CP 1243-7 LTE USSoftnet PROFINET IO for PC-based Windows systemsSIMATIC CP 1242-7 V2 (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASINAMICS SL150 V4.7.0 w. PROFINETSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC CP 1604SIMATIC S7-1500 Software ControllerSIMATIC ET200S (incl. SIPLUS variants)IE/AS-i Link PN IOSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC CP 1243-1 (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC CP 343-1 (incl. SIPLUS variants)SITOP PSU8600 PROFINETSIMATIC CM 1542SP-1SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SINUMERIK 828D V4.7SINUMERIK 828D V4.5 and priorExtension Unit 12" PROFINETSIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)SIMATIC CP 1616SINAMICS V90 w. PNSCALANCE X-300 family (incl. X408 and SIPLUS NET variants)SINAMICS DCM w. PNSINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSCALANCE M-800 family (incl. S615, MUM-800 and RM1224)SINUMERIK 840D sl V4.5 and priorSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIMATIC Teleservice Adapter IE BasicSINAMICS DCP w. PNSINAMICS GM150 V4.7 w. PROFINETSIMATIC ET 200M (incl. SIPLUS variants)Extension Unit 15" PROFINETSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SIPLUS ET 200SP IM 155-6 PN STSIMATIC MV440 URSIRIUS ACT 3SU1 interface module PROFINETSIPLUS ET 200MP IM 155-5 PN HFSCALANCE X414SINAMICS G150 V4.8 w. PNSIMATIC CP 443-1 (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2012-1800
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-6.1||MEDIUM
EPSS-1.52% / 81.28%
||
7 Day CHG~0.00%
Published-18 Apr, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a crafted DCP frame.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_s_firmwarescalance_s602scalance_s612scalance_s613n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-48363
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.09% / 26.23%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 08:59
Updated-18 Oct, 2024 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain unorganized RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server.

Action-Not Available
Vendor-Siemens AG
Product-openpcs_7simatic_winccsimatic_pcs_7simatic_route_controlsimatic_wincc_runtime_professionalsimatic_batchSIMATIC WinCC Runtime Professional V19SIMATIC PCS 7 V9.1OpenPCS 7 V9.1SIMATIC BATCH V9.1SIMATIC WinCC V7.4SIMATIC WinCC V7.5SIMATIC Route Control V9.1SIMATIC WinCC V8.0SIMATIC WinCC Runtime Professional V18
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-27640
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 48.45%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:47
Updated-03 Aug, 2024 | 05:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP 443-1 RNA (All versions < V1.5.18). The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming attacks, which can cause the device to reboot.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cp_443-1_rna_firmwaresimatic_cp_442-1_rnasimatic_cp_442-1_rna_firmwaresimatic_cp_443-1_rnaSIMATIC CP 442-1 RNASIMATIC CP 443-1 RNA
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2013-0675
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-6.1||MEDIUM
EPSS-0.06% / 19.93%
||
7 Day CHG~0.00%
Published-21 Mar, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_pcs7winccn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-19298
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.75% / 73.24%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:16
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0), SiNVR/SiVMS Video Server (All versions >= V5.0.0 < V5.0.2). The streaming service (default port 5410/tcp) of the SiVMS/SiNVR Video Server contains a input validation vulnerability, that could allow an unauthenticated remote attacker to cause a Denial-of-Service condition by sending malformed HTTP requests.

Action-Not Available
Vendor-Siemens AG
Product-sinvr\/sivms_video_serverSiNVR/SiVMS Video Server
CWE ID-CWE-20
Improper Input Validation
CVE-2019-19279
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.45%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:16
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens.

Action-Not Available
Vendor-Siemens AG
Product-siprotec_4siprotec_compactSIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules
CWE ID-CWE-20
Improper Input Validation
CVE-2019-17006
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.04% / 86.69%
||
7 Day CHG~0.00%
Published-22 Oct, 2020 | 20:24
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.

Action-Not Available
Vendor-Mozilla CorporationNetApp, Inc.Siemens AG
Product-ruggedcom_rox_rx1511ruggedcom_rox_rx1512hci_storage_nodenetwork_security_servicesruggedcom_rox_mx5000_firmwareruggedcom_rox_rx5000_firmwareruggedcom_rox_rx1511_firmwareruggedcom_rox_rx1510hci_compute_noderuggedcom_rox_rx1400_firmwaresolidfireruggedcom_rox_rx1400ruggedcom_rox_rx1510_firmwareruggedcom_rox_rx1500ruggedcom_rox_rx5000ruggedcom_rox_rx1501hci_management_noderuggedcom_rox_mx5000ruggedcom_rox_rx1500_firmwareruggedcom_rox_rx1501_firmwareruggedcom_rox_rx1512_firmwareNSS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2019-13939
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.34% / 57.11%
||
7 Day CHG~0.00%
Published-16 Jan, 2020 | 15:35
Updated-10 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8.2 < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8.2 < V2.8.19), Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Desigo PXC00-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC100-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC12-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC22-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC22.1-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC36.1-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC50-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3 < V6.0.327), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.

Action-Not Available
Vendor-Siemens AG
Product-nucleus_source_codenucleus_safetycertdesigo_pxc00-u_firmwaretalon_tcnucleus_netsimotics_connect_400desigo_pxm20desigopxc50-e.d_firmwaredesigo_pxc36.1-e.dtalon_tc_firmwaredesigopxc200-e.d_firmwaredesigo_pxc001-e.ddesigopxm20-e_firmwaredesigo_pxc00-usimotics_connect_400_firmwarenucleus_readystartdesigopxc128-u_firmwaredesigopxc64-udesigo_pxc22.1-e.ddesigo_pxc22-e.d_firmwaredesigopxc64-u_firmwaredesigopxc128-ucapital_vstarapogee_modular_building_controllerdesigopxc200-e.dapogee_modular_equiment_controllerdesigopxm20-edesigo_pxc12-e.ddesigo_pxc22-e.ddesigo_pxc36.1-e.d_firmwareapogee_modular_equiment_controller_firmwaredesigopxc50-e.ddesigo_pxc00-e.ddesigo_pxc00-e.d_firmwaredesigo_pxc22.1-e.d_firmwaredesigo_pxc001-e.d_firmwaredesigo_pxc12-e.d_firmwareapogee_pxc_firmwaredesigo_pxm20_firmwaredesigopxc100-e.d_firmwareapogee_modular_building_controller_firmwareapogee_pxcdesigo_pxcdesigo_pxc_firmwaredesigopxc100-e.dnucleus_rtosAPOGEE PXC Modular (BACnet)Desigo PXC36.1-E.DDesigo PXC001-E.DNucleus NETDesigo PXC200-E.DDesigo PXC22-E.DDesigo PXC00-UAPOGEE MEC/MBC/PXC (P2)Capital Embedded AR Classic R20-11APOGEE PXC Compact (P2 Ethernet)Desigo PXC00-E.DCapital Embedded AR Classic 431-422APOGEE PXC Modular (P2 Ethernet)Desigo PXC12-E.DNucleus ReadyStart V3Desigo PXC128-UDesigo PXC22.1-E.DDesigo PXC50-E.DNucleus Source CodeAPOGEE PXC Compact (BACnet)SIMOTICS CONNECT 400Desigo PXC64-UDesigo PXC100-E.DTALON TC Compact (BACnet)Desigo PXM20-ETALON TC Modular (BACnet)
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34293
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.88%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Gif_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13020)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34309
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.88%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13350)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2017-0148
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.1||HIGH
EPSS-94.07% / 99.91%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 00:00
Updated-22 Oct, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-27||Apply updates per vendor instructions.

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.

Action-Not Available
Vendor-Siemens AGMicrosoft Corporation
Product-windows_7acuson_p300windows_server_2012acuson_x700versant_kpcr_molecular_systemacuson_x700_firmwarewindows_rt_8.1windows_8.1tissue_preparation_systemwindows_10_1511versant_kpcr_sample_prepacuson_p500_firmwareacuson_p500acuson_p300_firmwarewindows_10_1507versant_kpcr_sample_prep_firmwareserver_message_blockwindows_server_2008tissue_preparation_system_firmwarewindows_10_1607syngo_sc2000windows_vistaacuson_sc2000_firmwareacuson_sc2000syngo_sc2000_firmwareversant_kpcr_molecular_system_firmwarewindows_server_2016Windows SMBSMBv1 server
CWE ID-CWE-20
Improper Input Validation
CVE-2025-27494
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.27% / 50.07%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize input for the pubkey endpoint of the REST API. This could allow an authenticated remote administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-sipass_integrated_ac5102_\(acc-g2\)_firmwaresipass_integrated_acc-ap_firmwaresipass_integrated_acc-apsipass_integrated_ac5102_\(acc-g2\)SiPass integrated ACC-APSiPass integrated AC5102 (ACC-G2)
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9158
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.15% / 78.48%
||
7 Day CHG~0.00%
Published-17 Dec, 2016 | 03:34
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 V6 and earlier CPU family (All versions), SIMATIC S7-400 V7 CPU family (All versions). Specially crafted packets sent to port 80/tcp could cause the affected devices to go into defect mode. A cold restart is required to recover the system.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-300_cpu_315-2_pn\/dpsimatic_s7-400_cpu_416f-2simatic_s7-300_cpu_314simatic_s7-300_cpu_317-_2_dpsimatic_s7-400_cpu_416-3simatic_s7-400_cpu_412-2simatic_s7-400_cpu_416-2simatic_s7-400_cpu_412-1simatic_s7-400_cpu_414-3simatic_s7-300_cpu_317-2_pn\/dpsimatic_s7-400_cpu_412-2_pnsimatic_s7-300_cpu_312simatic_s7-300_cpu_319-3_pn\/dpsimatic_s7-400_cpu_414-3_pn\/dpsimatic_s7-400_cpu_417-4simatic_s7-400_cpu_416-3_pn\/dpsimatic_s7-300_cpu_firmwaresimatic_s7-400_cpu_414-2simatic_s7-300_cpu_315-2_dpsimatic_s7-400_cpu_416f-3_pn\/dpsimatic_s7-400_cpu_firmwareSIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIMATIC S7-400 V6 and earlier CPU familySIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-400 V7 CPU familySIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-300 CPU family
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9157
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-1.46% / 80.85%
||
7 Day CHG~0.00%
Published-05 Dec, 2016 | 08:09
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by sending specially crafted packets to port 19234/TCP.

Action-Not Available
Vendor-n/aSiemens AG
Product-sicam_pas\/pqsSiemens SICAM PAS through V8.08
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-284
Improper Access Control
CVE-2021-31401
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.50% / 65.92%
||
7 Day CHG~0.00%
Published-19 Aug, 2021 | 11:25
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet.

Action-Not Available
Vendor-hcc-embeddedn/aSiemens AG
Product-sentron_3wa_com190_firmwaresentron_3wl_com35_firmwaresentron_3wa_com190sentron_3wl_com35nichestackn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-27388
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-1.86% / 83.10%
||
7 Day CHG~0.00%
Published-15 Jun, 2021 | 19:40
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control commands on the SINAMICS Medium Voltage Products, Remote Access (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).

Action-Not Available
Vendor-n/aSiemens AG
Product-sinamics_sl150sinamics_sm150isinamics_sm150_firmwaresinamics_sl150_firmwaresinamics_sm150i_firmwaresinamics_sm150SINAMICS Medium Voltage Products, Remote Access
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43546
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.66% / 82.10%
||
7 Day CHG+0.19%
Published-08 Nov, 2022 | 00:00
Updated-21 Oct, 2024 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa17kg9501-0aa31-2aa1_firmware7kg9501-0aa31-2aa1SICAM P850POWER METER SICAM Q100SICAM P855sicam_q100_firmwaresicam_p855_firmwaresicam_p850_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43439
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-2.29% / 84.74%
||
7 Day CHG+0.26%
Published-08 Nov, 2022 | 00:00
Updated-09 Dec, 2025 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions < V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions < V3.10), SICAM T (All versions < V3.0). Affected devices do not properly validate the Language-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa31-2aa17kg9501-0aa31-2aa1_firmware7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa1SICAM P850SICAM TSICAM P855POWER METER SICAM Q100
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43723
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.11% / 78.21%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0 < V8.06). Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the application crashes. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.

Action-Not Available
Vendor-Siemens AG
Product-sicam_pas\/pqsSICAM PAS/PQS
CWE ID-CWE-1287
Improper Validation of Specified Type of Input
CWE ID-CWE-20
Improper Input Validation
CVE-2025-24499
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.56%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:29
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices do not properly validate input while loading the configuration files. This could allow an authenticated remote attacker to execute arbitrary shell commands on the device.

Action-Not Available
Vendor-Siemens AG
Product-SCALANCE WUB762-1 iFeaturesSCALANCE WUM763-1SCALANCE WAB762-1SCALANCE WAM763-1 (US)SCALANCE WAM766-1SCALANCE WUB762-1SCALANCE WAM766-1 EECSCALANCE WAM766-1 EEC (US)SCALANCE WAM763-1 (ME)SCALANCE WUM766-1SCALANCE WAM766-1 (US)SCALANCE WUM766-1 (ME)SCALANCE WAM763-1SCALANCE WAM766-1 EEC (ME)SCALANCE WUM766-1 (USA)SCALANCE WUM763-1 (US)SCALANCE WAM766-1 (ME)
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43545
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.60% / 81.77%
||
7 Day CHG+0.18%
Published-08 Nov, 2022 | 00:00
Updated-03 Aug, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa17kg9501-0aa31-2aa17kg9501-0aa31-2aa1_firmwareSICAM P850POWER METER SICAM Q100SICAM P855
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9156
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-0.50% / 65.85%
||
7 Day CHG~0.00%
Published-05 Dec, 2016 | 08:09
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP.

Action-Not Available
Vendor-n/aSiemens AG
Product-sicam_pas\/pqsSiemens SICAM PAS through V8.08
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-284
Improper Access Control
CVE-2022-40227
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.75%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V17 Update 4), SIMATIC HMI KTP1200 Basic (All versions < V17 Update 5), SIMATIC HMI KTP400 Basic (All versions < V17 Update 5), SIMATIC HMI KTP700 Basic (All versions < V17 Update 5), SIMATIC HMI KTP900 Basic (All versions < V17 Update 5), SIPLUS HMI KTP1200 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP400 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP700 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP900 BASIC (All versions < V17 Update 5). Affected devices do not properly validate input sent to certain services over TCP. This could allow an unauthenticated remote attacker to cause a permanent denial of service condition (requiring a device reboot) by sending specially crafted TCP packets.

Action-Not Available
Vendor-Siemens AG
Product-siplus_hmi_ktp900_basicsimatic_hmi_ktp_mobile_panels_firmwaresiplus_hmi_ktp400_basic_firmwaresimatic_hmi_ktp700_basicsimatic_hmi_ktp700_basic_firmwaresimatic_hmi_ktp1200_basic_firmwaresiplus_hmi_ktp400_basicsimatic_hmi_ktp900_basic_firmwaresimatic_hmi_ktp_mobile_panelssimatic_hmi_ktp400_basic_firmwaresimatic_hmi_ktp1200_basicsiplus_hmi_ktp1200_basicsiplus_hmi_ktp700_basicsimatic_hmi_ktp400_basicsiplus_hmi_ktp1200_basic_firmwaresimatic_hmi_comfort_panelssimatic_hmi_ktp900_basicsimatic_hmi_comfort_panels_firmwaresiplus_hmi_ktp900_basic_firmwaresiplus_hmi_ktp700_basic_firmwareSIPLUS HMI KTP1200 BASICSIMATIC HMI KTP700 BasicSIPLUS HMI KTP400 BASICSIMATIC HMI Comfort Panels (incl. SIPLUS variants)SIPLUS HMI KTP700 BASICSIMATIC HMI KTP900 BasicSIMATIC HMI KTP400 BasicSIMATIC HMI KTP1200 BasicSIMATIC HMI KTP Mobile PanelsSIPLUS HMI KTP900 BASIC
CWE ID-CWE-20
Improper Input Validation
CVE-2023-51438
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-10||CRITICAL
EPSS-0.45% / 63.64%
||
7 Day CHG~0.00%
Published-09 Jan, 2024 | 10:00
Updated-22 May, 2025 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.

Action-Not Available
Vendor-microchipSiemens AG
Product-simatic_ipc647esimatic_ipc847emaxview_storage_managersimatic_ipc1047eSIMATIC IPC847ESIMATIC IPC1047ESIMATIC IPC647E
CWE ID-CWE-20
Improper Input Validation
CVE-2016-8563
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.00% / 77.04%
||
7 Day CHG~0.00%
Published-13 Oct, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410.

Action-Not Available
Vendor-n/aSiemens AG
Product-automation_license_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9042
Matching Score-6
Assigner-Talos
ShareView Details
Matching Score-6
Assigner-Talos
CVSS Score-3.7||LOW
EPSS-4.84% / 89.55%
||
7 Day CHG~0.00%
Published-04 Jun, 2018 | 20:00
Updated-17 Sep, 2024 | 03:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.

Action-Not Available
Vendor-ntpFreeBSD FoundationTalos (Cisco Systems, Inc.)Hewlett Packard Enterprise (HPE)Siemens AG
Product-freebsdntpsimatic_net_cp_443-1_opc_uasimatic_net_cp_443-1_opc_ua_firmwarehpux-ntpNetwork Time Protocol
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5743
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-17.78% / 95.14%
||
7 Day CHG~0.00%
Published-22 Jul, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_wincc_runtime_professionalsimatic_batchsimatic_winccsimatic_pcs_7simatic_openpcs_7n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22924
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-3.7||LOW
EPSS-0.75% / 73.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 20:16
Updated-09 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.

Action-Not Available
Vendor-n/aOracle CorporationNetApp, Inc.Fedora ProjectSplunk LLC (Cisco Systems, Inc.)CURLSiemens AGDebian GNU/Linux
Product-scalance_m804pbsimatic_cp_1545-1_firmwarescalance_m826-2simatic_rtu_3041cscalance_m804pb_firmwarescalance_mum856-1_firmwarescalance_m812-1fedoralibcurlsolidfire_\&_hci_management_nodescalance_m874-2simatic_cp_1543-1_firmwaresiplus_net_cp_1543-1_firmwaredebian_linuxcloud_backupsinec_infrastructure_network_servicessimatic_rtu_3041c_firmwarescalance_m876-3simatic_rtu3031c_firmwaresimatic_rtu3031cruggedcomrm_1224_ltescalance_m876-4_firmwarescalance_m876-4scalance_s615simatic_rtu3030cscalance_mum856-1simatic_rtu3010clogo\!_cmr2020logo\!_cmr2040scalance_m826-2_firmwareuniversal_forwarderruggedcomrm_1224_lte_firmwarelogo\!_cmr2020_firmwarescalance_m816-1scalance_m816-1_firmwaremysql_serversinema_remote_connect_serverclustered_data_ontaplogo\!_cmr2040_firmwarescalance_m874-3_firmwaresimatic_cp_1545-1solidfire_baseboard_management_controller_firmwarescalance_s615_firmwarepeoplesoft_enterprise_peopletoolssinema_remote_connectsimatic_cp_1543-1scalance_m874-2_firmwarescalance_m874-3scalance_m812-1_firmwaresimatic_rtu3010c_firmwarescalance_m876-3_firmwaresiplus_net_cp_1543-1simatic_rtu3030c_firmwarehttps://github.com/curl/curl
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-706
Use of Incorrectly-Resolved Name or Reference
CVE-2021-22931
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-0.66% / 71.20%
||
7 Day CHG~0.00%
Published-16 Aug, 2021 | 00:00
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library.

Action-Not Available
Vendor-Oracle CorporationNode.js (OpenJS Foundation)NetApp, Inc.Siemens AG
Product-sinec_infrastructure_network_servicespeoplesoft_enterprise_peopletoolsgraalvmmysql_clusternextgen_apiactive_iq_unified_manageroncommand_workflow_automationsnapcenternode.jsoncommand_insightNode
CWE ID-CWE-170
Improper Null Termination
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36363
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.26% / 49.74%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-08 Oct, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions). Affected devices do not properly validate an offset value which can be defined in TCP packets when calling a method. This could allow an attacker to retrieve parts of the content of the memory.

Action-Not Available
Vendor-Siemens AG
Product-logo\!8_bm_fs-05logo\!8_bm_fs-05_firmwarelogo\!_8_bm_firmwarelogo\!8_bmLOGO! 230RCEoSIPLUS LOGO! 24CEoLOGO! 12/24RCELOGO! 24RCEoSIPLUS LOGO! 12/24RCEoLOGO! 24CEoSIPLUS LOGO! 24RCEoLOGO! 24RCESIPLUS LOGO! 24CELOGO! 12/24RCEoLOGO! 230RCESIPLUS LOGO! 230RCEoLOGO! 24CESIPLUS LOGO! 24RCESIPLUS LOGO! 12/24RCESIPLUS LOGO! 230RCE
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CWE ID-CWE-20
Improper Input Validation
CVE-2022-31808
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.68%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 10:36
Updated-20 Mar, 2025 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V2.85.44), SiPass integrated ACC-AP (All versions < V2.85.43). Affected devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-sipass_integrated_acc-apsipass_integrated_acc-ap_firmwaresipass_integrated_ac5102_\(acc-g2\)_firmwaresipass_integrated_ac5102_\(acc-g2\)SiPass integrated AC5102 (ACC-G2)SiPass integrated ACC-AP
CWE ID-CWE-20
Improper Input Validation
CVE-2022-32253
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 39.61%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:22
Updated-03 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Server
CWE ID-CWE-20
Improper Input Validation
CVE-2022-31810
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.43% / 62.64%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-05 Mar, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-sipass_integratedSiPass integrated
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-4850
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.51% / 66.47%
||
7 Day CHG~0.00%
Published-16 May, 2018 | 17:00
Updated-16 Sep, 2024 | 22:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions < V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-400hsimatic_s7-400h_firmwaresimatic_s7-400simatic_s7-400_firmwareSIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below, SIMATIC S7-400 (incl. F) CPU hardware version 5.0, SIMATIC S7-400H CPU hardware version 4.5 and below
CWE ID-CWE-20
Improper Input Validation
CVE-2018-4833
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.60% / 69.52%
||
7 Day CHG~0.00%
Published-14 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.6), SCALANCE X-300 switch family (incl. SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X408 (All versions < V4.1.3), SCALANCE X414 (All versions), SIMATIC RF182C (All versions). Unprivileged remote attackers located in the same local network segment (OSI Layer 2) could gain remote code execution on the affected products by sending a specially crafted DHCP response to a client's DHCP request.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_wimaxscalance_x414simatic_rf182csimatic_rf182c_firmwarescalance_x408_firmwareruggedcom_wimax_firmwarescalance_x204rna_firmwarescalance_x300rfid_181-eip_firmwarescalance_x200irt_firmwarescalance_x300_firmwarescalance_x200irtscalance_x414_firmwarerfid_181-eipscalance_x200_firmwarescalance_x408scalance_x204rnascalance_x200RFID 181EIPSCALANCE X-200 switch family (incl. SIPLUS NET variants)SCALANCE X408SCALANCE X-200RNA switch familyRUGGEDCOM WinSCALANCE X414SIMATIC RF182CSCALANCE X-300 switch family (incl. SIPLUS NET variants)SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CVE-2018-5391
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-3.83% / 88.15%
||
7 Day CHG~0.00%
Published-06 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Canonical Ltd.F5, Inc.Siemens AGLinux Kernel Organization, IncMicrosoft Corporation
Product-ubuntu_linuxbig-ip_webacceleratorbig-ip_application_acceleration_managerenterprise_linux_server_euswindows_8.1big-ip_policy_enforcement_managerenterprise_linux_server_ausscalance_sc-600_firmwaresimatic_rf188_firmwareruggedcom_rm1224_firmwarebig-ip_local_traffic_managersimatic_net_cp_1243-7_lte_uswindows_10simatic_net_cp_1243-7_lte_us_firmwarescalance_w700_ieee_802.11a\/b\/g\/nsinema_remote_connect_serverenterprise_linux_workstationsimatic_net_cp_1243-1simatic_net_cp_1243-7_lte_eu_firmwaresimatic_rf185c_firmwarescalance_s615_firmwaresimatic_net_cp_1543sp-1enterprise_linux_desktopsimatic_net_cp_1543-1scalance_m-800_firmwaresimatic_net_cp_1242-7_firmwaresimatic_net_cp_1542sp-1_firmwarebig-ip_domain_name_systemsimatic_net_cp_1543sp-1_firmwarescalance_w1700_ieee_802.11ac_firmwareruggedcom_rox_iisimatic_net_cp_1542sp-1big-ip_edge_gatewaydebian_linuxlinux_kernelsimatic_net_cp_1543-1_firmwarescalance_sc-600simatic_net_cp_1242-7simatic_net_cp_1243-1_firmwarewindows_server_2008simatic_net_cp_1542sp-1_irc_firmwareenterprise_linux_serverwindows_server_2016windows_server_2012simatic_rf188big-ip_fraud_protection_serviceruggedcom_rox_ii_firmwarescalance_w700_ieee_802.11a\/b\/g\/n_firmwaresimatic_rf186c_firmwaresimatic_net_cp_1542sp-1_ircbig-ip_application_security_managerruggedcom_rm1224simatic_rf185cscalance_s615simatic_rf186cisimatic_net_cp_1243-8_ircbig-ip_access_policy_managersimatic_net_cp_1243-8_irc_firmwaresimatic_rf186ci_firmwaresimatic_rf188ci_firmwaresinema_remote_connect_server_firmwarewindows_rt_8.1big-ip_global_traffic_managerbig-ip_analyticssimatic_rf186cbig-ip_link_controllerscalance_w1700_ieee_802.11acwindows_7scalance_m-800enterprise_linux_server_tusbig-ip_advanced_firewall_managersimatic_rf188cisimatic_net_cp_1243-7_lte_euKernel
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found