Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-7587

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-14 Jul, 2020 | 13:18
Updated At-04 Aug, 2024 | 09:33
Rejected At-
Credits

A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:14 Jul, 2020 | 13:18
Updated At:04 Aug, 2024 | 09:33
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.

Affected Products
Vendor
Siemens AGSiemens
Product
Opcenter Execution Discrete
Versions
Affected
  • All versions < V3.2
Vendor
Siemens AGSiemens
Product
Opcenter Execution Foundation
Versions
Affected
  • All versions < V3.2
Vendor
Siemens AGSiemens
Product
Opcenter Execution Process
Versions
Affected
  • All versions < V3.2
Vendor
Siemens AGSiemens
Product
Opcenter Intelligence
Versions
Affected
  • All versions < V3.3
Vendor
Siemens AGSiemens
Product
Opcenter Quality
Versions
Affected
  • All versions < V11.3
Vendor
Siemens AGSiemens
Product
Opcenter RD&L
Versions
Affected
  • V8.0
Vendor
Siemens AGSiemens
Product
SIMATIC IT LMS
Versions
Affected
  • All versions < V2.6
Vendor
Siemens AGSiemens
Product
SIMATIC IT Production Suite
Versions
Affected
  • All versions < V8.0
Vendor
Siemens AGSiemens
Product
SIMATIC Notifier Server for Windows
Versions
Affected
  • All versions
Vendor
Siemens AGSiemens
Product
SIMATIC PCS neo
Versions
Affected
  • All versions < V3.0 SP1
Vendor
Siemens AGSiemens
Product
SIMATIC STEP 7 (TIA Portal) V15
Versions
Affected
  • All versions < V15.1 Update 5
Vendor
Siemens AGSiemens
Product
SIMATIC STEP 7 (TIA Portal) V16
Versions
Affected
  • All versions < V16 Update 2
Vendor
Siemens AGSiemens
Product
SIMOCODE ES V15.1
Versions
Affected
  • All versions < V15.1 Update 4
Vendor
Siemens AGSiemens
Product
SIMOCODE ES V16
Versions
Affected
  • All versions < V16 Update 1
Vendor
Siemens AGSiemens
Product
Soft Starter ES V15.1
Versions
Affected
  • All versions < V15.1 Update 3
Vendor
Siemens AGSiemens
Product
Soft Starter ES V16
Versions
Affected
  • All versions < V16 Update 1
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400: Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400: Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf
x_refsource_MISC
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf
x_refsource_MISC
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:14 Jul, 2020 | 14:15
Updated At:30 Jan, 2023 | 19:53

A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.2HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Primary2.06.4MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:P
Type: Primary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Type: Primary
Version: 2.0
Base score: 6.4
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:P
CPE Matches
Siemens AG
siemens
>>opcenter_execution_discrete>>Versions before 3.2(exclusive)
cpe:2.3:a:siemens:opcenter_execution_discrete:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>opcenter_execution_foundation>>Versions before 3.2(exclusive)
cpe:2.3:a:siemens:opcenter_execution_foundation:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>opcenter_execution_process>>Versions before 3.2(exclusive)
cpe:2.3:a:siemens:opcenter_execution_process:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>opcenter_intelligence>>Versions before 3.3(exclusive)
cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>opcenter_quality>>Versions before 11.3(exclusive)
cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>opcenter_rd\&l>>8.0
cpe:2.3:a:siemens:opcenter_rd\&l:8.0:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_it_lms>>Versions before 2.6(exclusive)
cpe:2.3:a:siemens:simatic_it_lms:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_it_production_suite>>Versions before 8.0(exclusive)
cpe:2.3:a:siemens:simatic_it_production_suite:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_notifier_server>>*
cpe:2.3:a:siemens:simatic_notifier_server:*:*:*:*:*:windows:*:*
Siemens AG
siemens
>>simatic_pcs_neo>>Versions before 3.0(exclusive)
cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_pcs_neo>>3.0
cpe:2.3:a:siemens:simatic_pcs_neo:3.0:-:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_step_7>>Versions from 15(inclusive) to 15.1(exclusive)
cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_step_7>>15.1
cpe:2.3:a:siemens:simatic_step_7:15.1:-:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_step_7>>16
cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_step_7>>16
cpe:2.3:a:siemens:simatic_step_7:16:update1:*:*:*:*:*:*
Siemens AG
siemens
>>simocode_es>>Versions before 15.1(exclusive)
cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simocode_es>>15.1
cpe:2.3:a:siemens:simocode_es:15.1:-:*:*:*:*:*:*
Siemens AG
siemens
>>simocode_es>>16
cpe:2.3:a:siemens:simocode_es:16:-:*:*:*:*:*:*
Siemens AG
siemens
>>soft_starter_es>>Versions before 15.1(exclusive)
cpe:2.3:a:siemens:soft_starter_es:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>soft_starter_es>>15.1
cpe:2.3:a:siemens:soft_starter_es:15.1:-:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Primaryproductcert@siemens.com
CWE-400Secondarynvd@nist.gov
CWE ID: CWE-400
Type: Primary
Source: productcert@siemens.com
CWE ID: CWE-400
Type: Secondary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

69Records found
CVE-2018-13808
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.1||CRITICAL
EPSS-0.57% / 69.01%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 13:38
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Service condition. Successful exploitation requires network access to a vulnerable device. At the time of advisory publication no public exploitation of this vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-cp_1616cp_1616_firmwarecp_1604cp_1604_firmwareCP 1604CP 1616
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-31889
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.58% / 82.03%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:32
Updated-11 Mar, 2025 | 09:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)

Action-Not Available
Vendor-Siemens AG
Product-nucleus_readystart_v3talon_tc_compactnucleus_nettalon_tc_compact_firmwareapogee_pxc_compactapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwareapogee_modular_equiment_controllerapogee_modular_building_controllercapital_vstarapogee_pxc_modular_firmwareapogee_pxc_modulartalon_tc_modular_firmwaretalon_tc_modularapogee_modular_building_controller_firmwarenucleus_source_codePLUSCONTROL 1st GenSIMOTICS CONNECT 400Capital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2021-31890
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-2.50% / 85.70%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:32
Updated-11 Mar, 2025 | 09:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)

Action-Not Available
Vendor-Siemens AG
Product-nucleus_readystart_v3talon_tc_compactnucleus_nettalon_tc_compact_firmwareapogee_pxc_compactapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwareapogee_modular_equiment_controllerapogee_modular_building_controllercapital_vstarapogee_pxc_modular_firmwareapogee_pxc_modularnucleus_readystart_v4talon_tc_modular_firmwaretalon_tc_modularapogee_modular_building_controller_firmwarenucleus_source_codePLUSCONTROL 1st GenSIMOTICS CONNECT 400Capital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11
CWE ID-CWE-240
Improper Handling of Inconsistent Structural Elements
CVE-2021-31346
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.2||HIGH
EPSS-2.50% / 85.70%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-11 Mar, 2025 | 09:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)

Action-Not Available
Vendor-Siemens AG
Product-nucleus_readystart_v3talon_tc_compactnucleus_nettalon_tc_compact_firmwareapogee_pxc_compactapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwareapogee_modular_equiment_controllerapogee_modular_building_controllercapital_vstarapogee_pxc_modular_firmwareapogee_pxc_modularnucleus_readystart_v4talon_tc_modular_firmwaretalon_tc_modularapogee_modular_building_controller_firmwarenucleus_source_codePLUSCONTROL 1st GenSIMOTICS CONNECT 400Capital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2021-31345
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.25% / 79.77%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-11 Mar, 2025 | 09:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions). The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol. (FSMD-2021-0006)

Action-Not Available
Vendor-Siemens AG
Product-nucleus_readystart_v3talon_tc_compactnucleus_nettalon_tc_compact_firmwareapogee_pxc_compactapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwareapogee_modular_equiment_controllerapogee_modular_building_controllercapital_vstarapogee_pxc_modular_firmwareapogee_pxc_modulartalon_tc_modular_firmwaretalon_tc_modularapogee_modular_building_controller_firmwarenucleus_source_codePLUSCONTROL 1st GenCapital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2021-20093
Matching Score-8
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-8
Assigner-Tenable Network Security, Inc.
CVSS Score-9.1||CRITICAL
EPSS-8.20% / 92.42%
||
7 Day CHG~0.00%
Published-16 Jun, 2021 | 11:09
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.

Action-Not Available
Vendor-wibun/aSiemens AG
Product-sicam_230simit_simulation_platformsinec_infrastructure_network_servicessimatic_pcs_neosinema_remote_connect_serversimatic_process_historiansicam_230_firmwarepss_capesimatic_wincc_oacodemetersimatic_information_serverWibu-Systems CodeMeter
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-17437
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.26% / 49.89%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 22:24
Updated-04 Aug, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.

Action-Not Available
Vendor-open-iscsi_projectuip_projectcontiki-osn/aSiemens AG
Product-sentron_pac3200tsentron_3va_com800_firmwaresentron_pac2200sentron_3va_com800sentron_3va_com100sentron_3va_dsp800_firmwaresentron_pac3200sentron_pac4200sentron_3va_com100_firmwaresentron_pac2200_clp_firmwarecontikisentron_3va_dsp800sentron_pac3200t_firmwareuipsentron_pac3220open-iscsisentron_pac3200_firmwaresentron_pac2200_clpsentron_pac4200_firmwaresentron_pac2200_firmwaresentron_pac3220_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-6569
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.1||CRITICAL
EPSS-0.51% / 66.83%
||
7 Day CHG~0.00%
Published-26 Mar, 2019 | 21:12
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior.

Action-Not Available
Vendor-Siemens AG
Product-scalance_x-200_firmwarescalance_x-200scalance_xp-200_firmwarescalance_x-300scalance_xc-200_firmwarescalance_x-300_firmwarescalance_xc-200scalance_xf-200_firmwarescalance_xf-200scalance_xp-200SCALANCE XF208SCALANCE XR324-12M TS (24V)SCALANCE XR324-4M EEC (24V, ports on front)SCALANCE XR324-12M (230V, ports on rear)SCALANCE XR328-4C WG (28xGE, AC 230V)SCALANCE X307-2 EEC (2x 24V, coated)SCALANCE XP208SCALANCE XF204 DNASCALANCE X204-2FMSCALANCE X204-2TSSCALANCE X307-3SCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SCALANCE XB205-3 (ST/BFOC)SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SCALANCE X204-2LD TSSCALANCE XC208GSCALANCE XR328-4C WG (24XFE, 4XGE, 24V)SCALANCE XP208PoE EECSCALANCE X302-7 EEC (24V, coated)SCALANCE X307-2 EEC (230V, coated)SCALANCE X224SIPLUS NET SCALANCE X308-2SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SCALANCE XC216EECSCALANCE XR324WG (24 X FE, DC 24V)SCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SIPLUS NET SCALANCE XC208SCALANCE XC216-4C G (EIP Def.)SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SCALANCE XP208EECSCALANCE X206-1LDSCALANCE XR324WG (24 x FE, AC 230V)SCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SCALANCE XF204-2BASCALANCE X208SCALANCE X304-2FESCALANCE XC224-4C G (EIP Def.)SCALANCE XC208EECSCALANCE X307-2 EEC (230V)SIPLUS NET SCALANCE XC206-2SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SCALANCE XB216SCALANCE XP216SCALANCE X302-7 EEC (2x 24V)SCALANCE XP216EECSCALANCE XC206-2SFP G EECSCALANCE X307-2 EEC (2x 230V)SCALANCE XC208SCALANCE X208PROSCALANCE XF204-2BA DNASCALANCE X212-2LDSCALANCE XC216-4C GSCALANCE XC224SCALANCE X302-7 EEC (24V)SCALANCE X204-2SCALANCE XF206-1SCALANCE XR324-4M EEC (2x 24V, ports on rear)SIPLUS NET SCALANCE XC206-2SFPSCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SCALANCE X204-2LDSCALANCE XC224-4C GSCALANCE X308-2MSCALANCE XC206-2 (ST/BFOC)SCALANCE XB213-3LDSCALANCE XC224-4C G EECSCALANCE X308-2M PoESCALANCE X310FESCALANCE X308-2LH+SCALANCE X206-1SCALANCE XF204SCALANCE XP216POE EECSCALANCE XB208SCALANCE X307-3LDSCALANCE X308-2LHSCALANCE XF204-2SCALANCE XR324-4M EEC (24V, ports on rear)SCALANCE XR324-4M PoE (24V, ports on front)SCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SCALANCE XC206-2SFPSCALANCE XB205-3LDSCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE XB213-3 (ST/BFOC)SCALANCE X310SCALANCE X307-2 EEC (2x 24V)SCALANCE XC206-2 (SC)SCALANCE XR324-12M (24V, ports on front)SCALANCE XB205-3 (SC)SCALANCE X212-2SCALANCE X320-1 FESCALANCE XC206-2SFP GSCALANCE XC206-2SFP EECSCALANCE X306-1LD FESCALANCE X308-2M TSSCALANCE XR324-4M PoE (230V, ports on front)SCALANCE XC216-4CSCALANCE XC216-4C G EECSCALANCE X216SCALANCE XC216SCALANCE X302-7 EEC (230V, coated)SIPLUS NET SCALANCE XC216-4CSCALANCE X302-7 EEC (2x 230V, coated)SCALANCE XB213-3 (SC)SCALANCE X320-1-2LD FESCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE XR324-12M (230V, ports on front)SCALANCE XC208G EECSCALANCE XR328-4C WG (28xGE, DC 24V)SCALANCE XR324-4M EEC (2x 24V, ports on front)
CWE ID-CWE-440
Expected Behavior Violation
CVE-2019-14197
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.58% / 69.35%
||
7 Day CHG~0.00%
Published-31 Jul, 2019 | 12:28
Updated-12 May, 2026 | 10:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.

Action-Not Available
Vendor-denxn/aSiemens AG
Product-u-bootn/aRUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1500RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1501RUGGEDCOM ROX MX5000RERUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1536RUGGEDCOM ROX RX1511
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-12069
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.94% / 76.72%
||
7 Day CHG~0.00%
Published-30 Aug, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.

Action-Not Available
Vendor-ocpfoundationn/aSiemens AG
Product-ua_.netwinccsimatic_pcs7local_discovery_servern/a
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2019-10942
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.39% / 60.50%
||
7 Day CHG~0.00%
Published-13 Aug, 2019 | 18:55
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X204RNA (HSR) (All versions), SCALANCE X204RNA (PRP) (All versions), SCALANCE X204RNA EEC (HSR) (All versions), SCALANCE X204RNA EEC (PRP) (All versions), SCALANCE X204RNA EEC (PRP/HSR) (All versions). The device contains a vulnerability that could allow an attacker to trigger a denial-of-service condition by sending large message packages repeatedly to the telnet service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_x-200_firmwarescalance_x-200scalance_x-200rnascalance_x-200irtscalance_x-200rna_firmwarescalance_x-200irt_firmwareSCALANCE X204RNA EEC (PRP)SCALANCE X204RNA EEC (HSR)SCALANCE X204RNA (PRP)SCALANCE X-200 switch family (incl. SIPLUS NET variants)SCALANCE X204RNA (HSR)SCALANCE X204RNA EEC (PRP/HSR)SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-40944
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.01% / 3.41%
||
7 Day CHG-0.01%
Published-13 Jan, 2026 | 09:44
Updated-09 Jun, 2026 | 10:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) (All versions), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0) (All versions >= V4.2.0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0) (All versions), SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants) (All versions < V1.3), SIMATIC ET 200SP IM 155-6 PN R1 (6ES7155-6AU00-0HM0) (All versions < V6.0.1), SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0) (All versions >= V4.2.0 < V4.2.5), SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0) (All versions < V4.2.2), SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0) (All versions), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0) (All versions < V6.0.0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-2AC0) (All versions >= V4.2.0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0) (All versions >= V4.2.0), SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL (6AG2155-5AA00-1AC0) (All versions >= V4.2.0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-2CN0) (All versions >= V4.2.0 < V4.2.5), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-7CN0) (All versions >= V4.2.0 < V4.2.5), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0) (All versions >= V4.2.0 < V4.2.5), SIPLUS ET 200SP IM 155-6 PN HF TX RAIL (6AG2155-6AU01-4CN0) (All versions >= V4.2.0 < V4.2.5), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0) (All versions < V6.0.0). Affected devices do not properly handle S7 protocol session disconnect requests. When receiving a valid S7 protocol Disconnect Request (COTP DR TPDU) on TCP port 102, the devices enter an improper session state. This could allow an attacker to cause the device to become unresponsive, leading to a denial-of-service condition that requires a power cycle to restore normal operation.

Action-Not Available
Vendor-Siemens AG
Product-SIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 MF HFSIMATIC ET 200MP IM 155-5 PN HFSIMATIC PN/PN CouplerSIMATIC ET 200AL IM 157-1 PNSIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC ET 200SP IM 155-6 PN/2 HFSIPLUS NET PN/PN CouplerSIMATIC ET 200SP IM 155-6 PN/3 HFSIMATIC ET 200SP IM 155-6 PN R1SIMATIC PN/MF CouplerSIPLUS ET 200MP IM 155-5 PN HFSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-40802
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-2.3||LOW
EPSS-0.03% / 9.13%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 08:48
Updated-03 Oct, 2025 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The affected device may be susceptible to resource exhaustion when subjected to high volumes of query requests. This could allow an attacker to cause a temporary denial of service, with the system recovering once the activity stops.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rst2428p_firmwareruggedcom_rst2428pRUGGEDCOM RST2428P
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-40766
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.8||MEDIUM
EPSS-0.08% / 23.78%
||
7 Day CHG+0.05%
Published-12 Aug, 2025 | 11:17
Updated-15 Aug, 2025 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service (DoS) attack.

Action-Not Available
Vendor-Siemens AG
Product-sinec_traffic_analyzerSINEC Traffic Analyzer
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-4837
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.48% / 81.47%
||
7 Day CHG~0.00%
Published-25 Jan, 2018 | 14:00
Updated-16 Sep, 2024 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with access to the TeleControl Server Basic's webserver (port 80/tcp or 443/tcp) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-13815
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.45% / 64.21%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 16:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1200_firmwaresimatic_s7-1200simatic_s7-1500_firmwaresimatic_s7-1500SIMATIC S7-1200, SIMATIC S7-1500
CWE ID-CWE-410
Insufficient Resource Pool
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-13805
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.50% / 66.30%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 17:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 incl. F (All versions >= V2.0 and < V2.5). An attacker can cause a denial-of-service condition on the network stack by sending a large number of specially crafted packets to the PLC. The PLC will lose its ability to communicate over the network. This vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no privileges and no user interaction. An attacker could use this vulnerability to compromise availability of the network connectivity. At the time of advisory publication no public exploitation of this vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500fsimatic_et_200spsimatic_et_200sp_firmwaresimatic_s7-1500_firmwaresimatic_s7-1500f_firmwaresimatic_s7-1500SIMATIC S7-1500 incl. FSIMATIC ET 200SP Open ControllerSIMATIC S7-1500 Software Controller
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2002-20001
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-18.72% / 95.45%
||
7 Day CHG+4.04%
Published-11 Nov, 2021 | 00:00
Updated-22 Aug, 2025 | 10:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

Action-Not Available
Vendor-balasysstormshieldn/aHewlett Packard Enterprise (HPE)SUSEF5, Inc.Siemens AG
Product-aruba_cx_8400big-ip_ddos_hybrid_defenderbig-iq_centralized_managementbig-ip_webacceleratoraruba_cx_4100ibig-ip_application_visibility_and_reportingaruba_cx_6300mbig-ip_access_policy_managerf5os-aaruba_cx_6200faruba_cx_6410big-ip_global_traffic_managerbig-ip_local_traffic_managerarubaos-cxaruba_cx_8360-12cbig-ip_domain_name_systembig-ip_carrier-grade_nataruba_cx_6200mbig-ip_application_acceleration_managerscalance_w1750d_firmwarearuba_cx_8360-32y4caruba_cx_8325-48y8cbig-ip_websafearuba_cx_8360-16y2cstormshield_management_centeraruba_cx_8325-32caruba_cx_6405dheateraruba_cx_6300fbig-ip_ssl_orchestratoraruba_cx_8360-48y6cbig-ip_analyticsbig-ip_fraud_protection_servicebig-ip_service_proxyscalance_w1750dbig-ip_advanced_web_application_firewallaruba_cx_6100linux_enterprise_serverbig-ip_advanced_firewall_managerbig-ip_application_security_managerbig-ip_edge_gatewayaruba_cx_8360-24xf2caruba_cx_8320traffix_signaling_delivery_controllerbig-ip_policy_enforcement_managerf5os-caruba_cx_8360-48xt4cstormshield_network_securitybig-ip_link_controllern/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-43647
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.73% / 73.23%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices do not properly handle TCP packets with an incorrect structure. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the network cable of the device needs to be unplugged and re-plugged.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC S7-200 SMART CPU CR40SIMATIC S7-200 SMART CPU ST60SIMATIC S7-200 SMART CPU SR40SIMATIC S7-200 SMART CPU ST30SIMATIC S7-200 SMART CPU SR30SIMATIC S7-200 SMART CPU SR60SIMATIC S7-200 SMART CPU CR60SIMATIC S7-200 SMART CPU SR20SIMATIC S7-200 SMART CPU ST40SIMATIC S7-200 SMART CPU ST20simatic_s7-200_smart_cpu_st60
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-46352
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.54% / 68.14%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products.

Action-Not Available
Vendor-Siemens AG
Product-6gk5204-0bs00-3pa36gk5204-0ba00-2mb2_firmware6gk5204-0ba00-2kb2_firmware6gk5204-0ba00-2mb26gk5204-0ba00-2kb26gk5204-0bs00-3la3_firmware6gk5204-0bs00-2na3_firmware6gk5204-0bs00-3pa3_firmware6gk5204-0bs00-2na36gk5204-0bs00-3la3SCALANCE X204RNA (HSR)SCALANCE X204RNA EEC (PRP/HSR)SCALANCE X204RNA EEC (PRP)SCALANCE X204RNA EEC (HSR)SCALANCE X204RNA (PRP)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-46891
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-1.07% / 78.23%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 12:49
Updated-20 Aug, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INSsinec_ins
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-18336
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.82%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:16
Updated-02 Jun, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-300_cpu_318-2_firmwaresinumerik_840d_slsimatic_s7-300_cpu_315simatic_s7-300_cpu_312_ifm_firmwaresimatic_s7-300_cpu_314_firmwaresimatic_s7-300_cpu_314_ifmsimatic_s7-300_cpu_313_firmwaresimatic_s7-300_cpu_315-2_dp_firmwaresimatic_s7-300_cpu_316-2_dp_firmwaresimatic_s7-300_cpu_313simatic_tdc_cpu555simatic_tdc_cp51m1simatic_s7-300_cpu_312_ifmsimatic_s7-300_cpu_314_ifm_firmwaresimatic_s7-300_cpusimatic_s7-300_cpu_316-2_dpsimatic_s7-300_cpu_315_firmwaresimatic_tdc_cp51m1_firmwaresimatic_s7-300_cpu_firmwaresimatic_s7-300_cpu_318-2simatic_s7-300_cpu_315-2_dpsimatic_s7-300_cpu_314simatic_tdc_cpu555_firmwareSIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SINUMERIK 840D slSIMATIC TDC CPU555SIMATIC TDC CP51M1
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-27194
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.94%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:07
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit this vulnerability to cause a Denial-of-Service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-simatic_pcs_neototally_integrated_automation_portalsinetplanSIMATIC PCS neo (Administration Console)SINETPLANTIA Portal
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-2681
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.44% / 63.82%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cp_443-1_opc-ua_firmwaresimatic_rf650r_firmwaresinamics_dcpsimatic_et_200mpscalance_m-800simatic_cp_1543-1simatic_s7-400_firmwaresimatic_rf685r_firmwaresitop_psu8600_firmwaresimatic_cp_1243-1_firmwaresinumerik_828d_firmwaresimatic_cp_1604simatic_cp_1604_firmwaresimatic_cp_1542sp-1_ircsimocode_pro_v_profinetsinumerik_840d_sl_firmwarescalance_x414simatic_et_200al_firmwaresimatic_teleservice_adapter_ie_basic_modemsinamics_s120_firmwarescalance_xr500_firmwaresinamics_dcmsinamics_s150_firmwaresimatic_cp_1243-1_ircek-ertec_200p_pn_ioscalance_x300_firmwarescalance_m-800_firmwaresimatic_et_200mp_firmwaresimatic_s7-400sirius_soft_starter_3rw44_pnsimatic_s7-1200simatic_s7-300simatic_rf650rsinamics_s150simatic_cp_1616_firmwaresimatic_cm_1542-1simatic_s7-300_firmwaresinamics_v90_pnek-ertec_200_pn_iopn\/pn_coupler_firmwaresimatic_rf680rsimatic_et_200proscalance_x200_irt_firmwaresimatic_cp_443-1_opc-uasimatic_cp_443-1_std_firmwaresimatic_teleservice_adapter_ie_advanced_modem_firmwaresimatic_hmi_multi_panelssimatic_tdc_cpu555_firmwaresimatic_cp_1543-1_firmwaresimatic_cp_1542sp-1dk_standard_ethernet_controllersimatic_s7-1500_firmwaresinamics_g110m_firmwaresinamics_dcp_firmwaresimatic_et_200sp_firmwaresimatic_s7-1500_software_controllersinumerik_840d_slsimatic_cp_1243-1_dnp3_firmwaresimatic_et_200ssimatic_et_200m_firmwaresimatic_cp_343-1_advsimatic_et_200spscalance_x200pn\/pn_couplersimatic_tdc_cp51m1simotionsimocode_pro_v_profinet_firmwaresinamics_v90_pn_firmwaresimatic_s7-200_smartsimatic_dk-16xx_pn_iosimotion_firmwaresoftnet_profinet_ioie\/pb-link_firmwaresinamics_s120scalance_x200_firmwaresinamics_s110_pnsirius_motor_starter_m200d_profinet_firmwaresimatic_teleservice_adapter_ie_advanced_modemsimatic_dk-16xx_pn_io_firmwaresimatic_rf685rsinamics_g120\(c\/p\/d\)_pnsimatic_cp_1616scalance_x300scalance_x408_firmwaresimatic_et_200alsimatic_cp_1243-1_irc_firmwaresitop_psu8600sinamics_g150_firmwaresimatic_cp_343-1_std_firmwaresimatic_cp_443-1_adv_firmwaresoftnet_profinet_io_firmwaresirius_act_3su1_firmwarescalance_s615simatic_et_200msimatic_cp_343-1_leanscalance_x408simatic_tdc_cp51m1_firmwaresimatic_cp_343-1_adv_firmwaresimatic_cp_343-1_lean_firmwareek-ertec_200p_pn_io_firmwareups1600_profinet_firmwareie\/as-i_link_pn_io_firmwaresimatic_cm_1542sp-1_firmwaresimatic_teleservice_adapter_standard_modemsimatic_et_200pro_firmwaresimatic_rf680r_firmwaresimatic_teleservice_adapter_ie_basic_modem_firmwareek-ertec_200_pn_io_firmwaresimatic_teleservice_adapter_standard_modem_firmwaresimatic_et_200ecopnsimatic_cp_1543sp-1scalance_xr500simatic_cp_443-1_stdsimatic_s7-200_smart_firmwaresimatic_cp_1243-1_iecie\/as-i_link_pn_iosimatic_cp_1543sp-1_firmwaresinumerik_828dsimatic_cm_1542sp-1scalance_xm400simatic_cp_343-1_stdsirius_act_3su1sirius_soft_starter_3rw44_pn_firmwaresimatic_cp_1542sp-1_irc_firmwaresimatic_cm_1542-1_firmwaresimatic_winac_rtxsimatic_hmi_mobile_panelssimatic_s7-1200_firmwarescalance_s615_firmwaresimatic_hmi_comfort_panelssirius_motor_starter_m200d_profinetsimatic_cp_1243-1_dnp3simatic_cp_1243-1scalance_xm400_firmwaresinamics_g150simatic_winac_rtx_firmwaresimatic_tdc_cpu555ie\/pb-linksimatic_s7-1500sinamics_g120\(c\/p\/d\)_pn_firmwaredk_standard_ethernet_controller_firmwaresimatic_et_200s_firmwaresinamics_g110mscalance_w700sinamics_dcm_firmwarescalance_x200_irtscalance_w700_firmwaresinamics_s110_pn_firmwaresimatic_cp_1243-1_iec_firmwarescalance_x414_firmwareups1600_profinetsinamics_g130_firmwaresinamics_g130simatic_et_200ecopn_firmwaresimatic_cp_443-1_advSINAMICS S110 w. PNSIMATIC RF685RSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SITOP UPS1600 PROFINET (incl. SIPLUS variants)SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASIMATIC CM 1542-1SCALANCE X408 familySIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC Teleservice Adapter IE StandardSIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC ET 200SP IM 155-6 PN HFSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIRIUS Motor Starter M200D PROFINETSIPLUS ET 200SP IM 155-6 PN HFSCALANCE X-200 family (incl. SIPLUS NET variants)SIMATIC CP 1543SP-1 (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN STSIMATIC MV440 HRSCALANCE X-200IRT family (incl. SIPLUS NET variants)SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC ET200ecoPN: IO-Link MasterSoftnet PROFINET IO for PC-based Windows systemsSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC Teleservice Adapter IE AdvancedSIMATIC MV420 SR-BSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSCALANCE XR-500 familySIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC CP 1604SIMATIC ET 200MP IM 155-5 PN STSIMATIC S7-1500 Software ControllerSIMATIC DK-16xx PN IOSIMATIC MV420 SR-PSINUMERIK 840D sl V4.7SIMATIC TDC CPU555SIMATIC ET200S (incl. SIPLUS variants)IE/AS-i Link PN IOSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC CP 1243-1 (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC CP 343-1 (incl. SIPLUS variants)SITOP PSU8600 PROFINETSIMATIC TDC CP51M1SIMATIC CM 1542SP-1IE/PB-Link (incl. SIPLUS NET variants)SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SINUMERIK 828D V4.7SIMATIC ET 200MP IM 155-5 PN BASINUMERIK 828D V4.5 and priorSINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SIMATIC CP 1616SINAMICS V90 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSCALANCE X-300 family (incl. X408 and SIPLUS NET variants)SIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants)SINAMICS DCM w. PNSIMATIC MV420 SR-B BodySINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC RF650RDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSCALANCE M-800 family (incl. S615, MUM-800 and RM1224)SINUMERIK 840D sl V4.5 and priorSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SCALANCE XM-400 familySIMATIC Teleservice Adapter IE BasicSINAMICS DCP w. PNSINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySINAMICS S150 V4.8 w. PNSIMATIC ET 200M (incl. SIPLUS variants)SIMATIC CP 443-1 (incl. SIPLUS variants)SIMATIC MV440 SRSIMATIC S7-200 SMARTSIMATIC CP 1243-8 IRCSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)SINAMICS S150 V4.7 w. PNSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200SP IM 155-6 PN STSIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC MV440 URSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIMATIC RF680RSIRIUS ACT 3SU1 interface module PROFINETSIPLUS ET 200MP IM 155-5 PN HFSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SCALANCE X414SINAMICS G150 V4.8 w. PNSIMATIC CP 1543-1 (incl. SIPLUS variants)SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMOTION
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13926
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.53%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 15:36
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627-2M (All versions >= V3.0 and < V4.1). Specially crafted packets sent to port 443/tcp of affected devices could cause a Denial-of-Service condition of the web server. A cold reboot is required to restore the functionality of the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_s623scalance_s612_firmwarescalance_s627-2m_firmwarescalance_s602scalance_s627-2mscalance_s602_firmwarescalance_s623_firmwarescalance_s612SCALANCE S627-2MSCALANCE S623SCALANCE S602SCALANCE S612
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-24040
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.37% / 59.50%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:46
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account.

Action-Not Available
Vendor-Siemens AG
Product-desigo_dxr2desigo_pxc3_firmwaredesigo_pxc4desigo_pxc5_firmwaredesigo_dxr2_firmwaredesigo_pxc4_firmwaredesigo_pxc3desigo_pxc5Desigo PXC5Desigo PXC3Desigo DXR2Desigo PXC4
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-2680
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-2.33% / 85.24%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 01:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cp_443-1_opc-ua_firmwaresimatic_rf650r_firmwaresimatic_teleservice_adapter_ie_standardsinamics_dcpsimatic_et_200mpscalance_m-800simatic_cp_1543-1simatic_s7-400_firmwareextension_unit_15_profinet_firmwaresimatic_rf685r_firmwaresitop_psu8600_firmwaresimatic_cp_1243-1_firmwaresinumerik_828d_firmwareextension_unit_12_profinet_firmwaresimatic_cp_1604simatic_dk-1616_pn_iosimatic_teleservice_adapter_ie_basicsimatic_cp_1604_firmwaresimatic_cp_1243-8simatic_cp_1542sp-1_ircsimocode_pro_v_profinetsinumerik_840d_sl_firmwaresimatic_cp_1542sp-1_firmwaresinamics__s110_pn_firmwaresimatic_cp_1626scalance_x414simatic_et_200al_firmwaresinamics_s120_firmwarescalance_xr500_firmwaresinamics_dcmsinamics_s150_firmwaresimatic_cp_1243-1_ircek-ertec_200p_pn_iosimatic_teleservice_adapter_ie_advanced_firmwareextension_unit_19_profinet_firmwarescalance_x300_firmwarescalance_m-800_firmwaresimatic_dk-1604_pn_io_firmwaresimatic_et_200mp_firmwaresimatic_s7-400sirius_soft_starter_3rw44_pnsimatic_s7-1200simatic_teleservice_adapter_ie_standard_firmwaresimatic_cp_1242-7_gprs_firmwaresimatic_s7-300simatic_rf650rsinamics_s150simatic_cp_1616_firmwaresinamics_sm120simatic_cm_1542-1sinamics_gh150simatic_s7-300_firmware_s110_pnsinamics_v90_pnek-ertec_200_pn_iopn\/pn_coupler_firmwaresimatic_rf680rsimatic_et_200proscalance_x200_irt_firmwaresimatic_cp_443-1_opc-uasimatic_cp_443-1_std_firmwaresimatic_hmi_multi_panelssimatic_tdc_cpu555_firmwaresimatic_cp_1543-1_firmwaresimatic_cp_1542sp-1dk_standard_ethernet_controllersimatic_s7-1500_firmwaresinamics_g110m_firmwaresinamics_dcp_firmwareextension_unit_22_profinet_firmwaresinamics_gm150simatic_cp_1243-7_lte\/usextension_unit_22_profinetsimatic_et_200sp_firmwaresimatic_s7-1500_software_controllersinumerik_840d_slsimatic_cp_1243-1_dnp3_firmwaresimatic_et_200ssimatic_et_200m_firmwaresimatic_dk-1604_pn_iosimatic_cp_1243-8_firmwaresimatic_cp_343-1_advsimatic_et_200spsimatic_cp_1243-7_lte\/us_firmwarescalance_x200pn\/pn_couplersimatic_tdc_cp51m1simotionsimocode_pro_v_profinet_firmwaresinamics_v90_pn_firmwaresimatic_s7-200_smartsimatic_dk-1616_pn_io_firmwaresimotion_firmwaresoftnet_profinet_ioie\/pb-link_firmwaresinamics_s120scalance_x200_firmwaresirius_motor_starter_m200d_profinet_firmwaresimatic_teleservice_adapter_ie_advanced_modemsinamics_sm120_firmwaresimatic_rf685rsimatic_cp_1242-7_gprssinamics_g120\(c\/p\/d\)_w._pn_firmwaresimatic_cp_1616scalance_x300scalance_x408_firmwareextension_unit_12_profinetsimatic_et_200alsimatic_cp_1243-1_irc_firmwaresitop_psu8600sinamics_sl150sinamics_g120\(c\/p\/d\)_w._pnsimatic_cp_343-1_std_firmwaresinamics_g150_firmwaresimatic_cp_443-1_adv_firmwaresoftnet_profinet_io_firmwaresirius_act_3su1_firmwarescalance_s615simatic_et_200msimatic_cp_343-1_leanscalance_x408simatic_tdc_cp51m1_firmwaresimatic_cp_343-1_adv_firmwaresimatic_s7-1500_software_controller_firmwaresinamics_gl150simatic_cp_343-1_lean_firmwareek-ertec_200p_pn_io_firmwareups1600_profinet_firmwareie\/as-i_link_pn_io_firmwaresimatic_et_200pro_firmwaresimatic_rf680r_firmwareek-ertec_200_pn_io_firmwaresimatic_et_200ecopnsinamics_gh150_firmwaresimatic_cp_1543sp-1scalance_xr500simatic_cp_443-1_stdsimatic_s7-200_smart_firmwaresimatic_cp_1243-1_iecie\/as-i_link_pn_iosimatic_cp_1543sp-1_firmwaresinumerik_828dsinamics_gl150_firmwarescalance_xm400simatic_cp_343-1_stdsirius_act_3su1extension_unit_19_profinetsirius_soft_starter_3rw44_pn_firmwareextension_unit_15_profinetsimatic_cp_1542sp-1_irc_firmwaresimatic_cm_1542-1_firmwaresimatic_teleservice_adapter_ie_basic_firmwaresimatic_winac_rtxsimatic_hmi_mobile_panelssimatic_s7-1200_firmwarescalance_s615_firmwaresimatic_hmi_comfort_panelssirius_motor_starter_m200d_profinetsimatic_cp_1243-1_dnp3simatic_cp_1243-1scalance_xm400_firmwaresinamics_g150simatic_winac_rtx_firmwaresimatic_tdc_cpu555ie\/pb-linksimatic_cp_1626_firmwaresimatic_s7-1500dk_standard_ethernet_controller_firmwaresimatic_et_200s_firmwaresinamics_g110mscalance_w700sinamics_sl150_firmwaresinamics_dcm_firmwarescalance_x200_irtscalance_w700_firmwaresimatic_cp_1243-1_iec_firmwarescalance_x414_firmwareups1600_profinetsinamics_g130_firmwaresinamics_g130simatic_et_200ecopn_firmwaresimatic_cp_443-1_advsinamics_gm150_firmwareSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)SINAMICS SL150 V4.7.5 w. PROFINETSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC Teleservice Adapter IE StandardSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIRIUS Motor Starter M200D PROFINETSCALANCE X-200 family (incl. SIPLUS NET variants)SIMATIC CP 1543SP-1 (incl. SIPLUS variants)SIMATIC MV440 HRSINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN: IO-Link MasterSINAMICS SL150 V4.7.4 w. PROFINETSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC Teleservice Adapter IE AdvancedSIMATIC CP 1626SIMATIC MV420 SR-BSCALANCE XR-500 familySIMATIC ET200ecoPN, 16DI, DC24V, 8xM12Extension Unit 19" PROFINETSIMATIC ET 200MP IM 155-5 PN STSIMATIC DK-16xx PN IOSIMATIC MV420 SR-PSINUMERIK 840D sl V4.7SIMATIC TDC CPU555SIMATIC TDC CP51M1IE/PB-Link (incl. SIPLUS NET variants)SIMATIC ET 200MP IM 155-5 PN BASINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants)SIMATIC MV420 SR-B BodyDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC RF650RSCALANCE XM-400 familySINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySINAMICS S150 V4.8 w. PNSIMATIC MV440 SRSIMATIC S7-200 SMARTSIMATIC CP 1243-8 IRCExtension Unit 22" PROFINETSIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)SINAMICS S150 V4.7 w. PNSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)SINAMICS SM120 V4.7 w. PROFINETSIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIMATIC RF680RSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SINAMICS GH150 V4.7 w. PROFINETSIMATIC CP 1543-1 (incl. SIPLUS variants)SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMOTIONSINAMICS GL150 V4.7 w. PROFINETSINAMICS S110 w. PNSIMATIC RF685RSITOP UPS1600 PROFINET (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASIMATIC CM 1542-1SCALANCE X408 familySIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC ET 200SP IM 155-6 PN HFSIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 PN STSCALANCE X-200IRT family (incl. SIPLUS NET variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC CP 1243-7 LTE USSoftnet PROFINET IO for PC-based Windows systemsSIMATIC CP 1242-7 V2 (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASINAMICS SL150 V4.7.0 w. PROFINETSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC CP 1604SIMATIC S7-1500 Software ControllerSIMATIC ET200S (incl. SIPLUS variants)IE/AS-i Link PN IOSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC CP 1243-1 (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC CP 343-1 (incl. SIPLUS variants)SITOP PSU8600 PROFINETSIMATIC CM 1542SP-1SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SINUMERIK 828D V4.7SINUMERIK 828D V4.5 and priorExtension Unit 12" PROFINETSIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)SIMATIC CP 1616SINAMICS V90 w. PNSCALANCE X-300 family (incl. X408 and SIPLUS NET variants)SINAMICS DCM w. PNSINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSCALANCE M-800 family (incl. S615, MUM-800 and RM1224)SINUMERIK 840D sl V4.5 and priorSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIMATIC Teleservice Adapter IE BasicSINAMICS DCP w. PNSINAMICS GM150 V4.7 w. PROFINETSIMATIC ET 200M (incl. SIPLUS variants)Extension Unit 15" PROFINETSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SIPLUS ET 200SP IM 155-6 PN STSIMATIC MV440 URSIRIUS ACT 3SU1 interface module PROFINETSIPLUS ET 200MP IM 155-5 PN HFSCALANCE X414SINAMICS G150 V4.8 w. PNSIMATIC CP 443-1 (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-31340
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.48% / 65.70%
||
7 Day CHG~0.00%
Published-08 Jun, 2021 | 19:47
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.

Action-Not Available
Vendor-Siemens AG
Product-simatic_reader_rf650r_fcc_firmwaresimatic_reader_rf650r_cmiit_firmwaresimatic_reader_rf680r_cmiitsimatic_reader_rf685r_fccsimatic_reader_rf610r_etsi_firmwaresimatic_reader_rf615r_etsi_firmwaresimatic_rf360rsimatic_reader_rf650r_aribsimatic_reader_rf610r_fccsimatic_reader_rf680r_fccsimatic_reader_rf685r_arib_firmwaresimatic_rf186c_firmwaresimatic_reader_rf615r_cmiitsimatic_rf188c_firmwaresimatic_reader_rf685r_fcc_firmwaresimatic_rf185csimatic_reader_rf680r_cmiit_firmwaresimatic_reader_rf685r_etsisimatic_rf360r_firmwaresimatic_rf186cisimatic_rf188csimatic_reader_rf610r_cmiit_firmwaresimatic_reader_rf610r_fcc_firmwaresimatic_rf185c_firmwaresimatic_reader_rf615r_fccsimatic_reader_rf615r_fcc_firmwaresimatic_reader_rf680r_etsisimatic_reader_rf680r_fcc_firmwaresimatic_reader_rf610r_etsisimatic_reader_rf680r_arib_firmwaresimatic_reader_rf685r_cmiit_firmwaresimatic_rf186ci_firmwaresimatic_rf166c_firmwaresimatic_rf188ci_firmwaresimatic_reader_rf650r_cmiitsimatic_reader_rf650r_fccsimatic_rf166csimatic_reader_rf685r_cmiitsimatic_reader_rf680r_aribsimatic_reader_rf650r_etsisimatic_reader_rf610r_cmiitsimatic_reader_rf650r_arib_firmwaresimatic_reader_rf680r_etsi_firmwaresimatic_reader_rf615r_etsisimatic_rf186csimatic_reader_rf650r_etsi_firmwaresimatic_reader_rf685r_aribsimatic_reader_rf615r_cmiit_firmwaresimatic_reader_rf685r_etsi_firmwaresimatic_rf188ciSIMATIC Reader RF650R ARIBSIMATIC Reader RF650R ETSISIMATIC Reader RF680R CMIITSIMATIC Reader RF615R ETSISIMATIC RF166CSIMATIC Reader RF685R CMIITSIMATIC RF185CSIMATIC Reader RF610R CMIITSIMATIC Reader RF685R ETSISIMATIC Reader RF615R CMIITSIMATIC RF188CISIMATIC Reader RF610R ETSISIMATIC Reader RF685R FCCSIMATIC Reader RF615R FCCSIMATIC RF186CSIMATIC RF360RSIMATIC Reader RF680R ARIBSIMATIC Reader RF685R ARIBSIMATIC RF188CSIMATIC Reader RF680R ETSISIMATIC Reader RF610R FCCSIMATIC Reader RF650R CMIITSIMATIC RF186CISIMATIC Reader RF680R FCCSIMATIC Reader RF650R FCC
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-33498
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.53% / 67.64%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:03
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected applications do not properly release memory that is allocated when handling specifically crafted incoming packets. This could allow an unauthenticated remote attacker to cause a denial of service condition by crashing the service when it runs out of memory. The service is restarted automatically after a short time.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC RTLS Locating Managersimatic_rtls_locating_manager
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-27385
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.51% / 66.87%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-02 Jun, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.

Action-Not Available
Vendor-Siemens AG
Product-sinamics_sm150i_firmwaresinamics_sl150_firmwaresinamics_sm150simatic_hmi_comfort_panels_4\"sinamics_sh150_firmwaresimatic_hmi_comfort_panels_4\"_firmwaresinamics_sm150isimatic_hmi_ktp_mobile_panels_ktp900sinamics_sm120simatic_hmi_ktp_mobile_panels_ktp700fsimatic_hmi_ktp_mobile_panels_ktp900fsinamics_sh150sinamics_gl150simatic_hmi_ktp_mobile_panels_ktp400fsimatic_hmi_ktp_mobile_panels_ktp700f_firmwaresinamics_gl150_firmwaresimatic_hmi_comfort_panels_22\"simatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_ktp_mobile_panels_ktp700_firmwaresinamics_sm150_firmwaresimatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_comfort_outdoor_panels_7\"simatic_hmi_comfort_outdoor_panels_15\"simatic_hmi_comfort_outdoor_panels_7\"_firmwaresimatic_hmi_ktp_mobile_panels_ktp700sinamics_gh150_firmwaresinamics_gm150simatic_wincc_runtime_advancedsinamics_gm150_firmwaresinamics_sl150simatic_hmi_comfort_panels_22\"_firmwaresinamics_gh150simatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_hmi_ktp_mobile_panels_ktp900_firmwaresinamics_sm120_firmwareSIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)SINAMICS GL150 (with option X30)SINAMICS SL150SIMATIC WinCC Runtime Advanced V15SINAMICS SM150SINAMICS SM120SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants)SINAMICS SM150iSINAMICS GH150SINAMICS GM150 (with option X30)SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)SIMATIC WinCC Runtime Advanced V16SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants)SINAMICS SH150
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2023-35920
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.08% / 78.34%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-12 Nov, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted IP packets sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-simatic_mv540_s_firmwaresimatic_mv540_ssimatic_mv560_x_firmwaresimatic_mv560_usimatic_mv560_u_firmwaresimatic_mv550_s_firmwaresimatic_mv540_hsimatic_mv550_h_firmwaresimatic_mv550_ssimatic_mv560_xsimatic_mv550_hsimatic_mv540_h_firmwareSIMATIC MV560 USIMATIC MV540 SSIMATIC MV540 HSIMATIC MV550 HSIMATIC MV550 SSIMATIC MV560 Xsimatic_mv540_ssimatic_mv560_usimatic_mv540_hsimatic_mv550_ssimatic_mv560_xsimatic_mv550_h
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-25659
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.91%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 10:35
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0 SP9 Update 2). Sending specially crafted packets to port 4410/tcp of an affected system could lead to extensive memory being consumed and as such could cause a denial-of-service preventing legitimate users from using the system.

Action-Not Available
Vendor-Siemens AG
Product-automation_license_managerAutomation License Manager 5Automation License Manager 6
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-22883
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-89.43% / 99.57%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 17:38
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.

Action-Not Available
Vendor-Node.js (OpenJS Foundation)Oracle CorporationNetApp, Inc.Siemens AGFedora Project
Product-sinec_infrastructure_network_servicespeoplesoft_enterprise_peopletoolsgraalvme-series_performance_analyzermysql_clusternosql_databasefedorajd_edwards_enterpriseone_toolsnode.jsNode
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2024-23814
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.38% / 59.85%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:28
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication services are not affected. Affected devices will resume normal operation after the attack terminates.

Action-Not Available
Vendor-Siemens AG
Product-SIPLUS S7-1200 CPU 1212 AC/DC/RLYSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 319F-3 PN/DPSIMATIC ET 200SP CPU 1512SP F-1 PNSIMATIC TDC CPU555SIPLUS S7-1200 CPU 1214FC DC/DC/DCSIMATIC ET 200pro IM 154-4 PN HFSIPLUS S7-1200 CPU 1215FC DC/DC/DCSIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIMATIC S7-300 CPU 317F-2 PN/DPSIWAREX WP241SIPLUS S7-1200 CPU 1215 AC/DC/RLYSIMATIC ET 200SP IM 155-6 PN HFSIPLUS ET 200S IM151-3 PN HFSIPLUS ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1200 CPU 1211C DC/DC/DCSIMATIC ET 200AL IM 157-1 PNSIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)SIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC ET 200SP IM 155-6 PN/2 HFSIMATIC S7-1500 CPU 1513-1 PNSIDOOR ATD430WSIPLUS ET 200S IM 151-8F PN/DP CPUSIMATIC S7-1500 CPU 1511-1 PNSIMATIC ET 200S IM 151-3 PN FOSIMATIC S7-300 CPU 315T-3 PN/DPSIMATIC S7-1200 CPU 1215C DC/DC/DCSIPLUS NET PN/PN CouplerSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC ET 200SP IM 155-6 PN ST BASIMATIC ET 200MP IM 155-5 PN STSIMATIC S7-1200 CPU 1212C AC/DC/RlySIMATIC ET 200SP CPU 1512SP-1 PNSIWAREX WP521 STSIMATIC ET 200S IM 151-8 PN/DP CPUSIMATIC Power Line Booster PLB, Modem Module STSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC CFU DIQSIPLUS HCS4200 CIM4210CSINUMERIK 840D slSIMATIC S7-1200 CPU 1212C DC/DC/DCSIMATIC S7-1500 CPU 1516F-3 PN/DPSIPLUS ET 200M IM 153-4 PN IO STSIPLUS HCS4300 CIM4310SIPLUS S7-1200 CPU 1214 DC/DC/DCSIPLUS S7-1500 CPU 1511-1 PNSIMATIC ET 200SP IM 155-6 PN BASIMATIC S7-300 CPU 317T-3 PN/DPSIPLUS ET 200SP IM 155-6 PN HFSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC PN/PN CouplerSIPLUS S7-1500 CPU 1516-3 PN/DPSIMATIC S7-1200 CPU 1214FC DC/DC/RlySIMATIC ET 200M IM 153-4 PN IO HFSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM 154-3 PN HFSIPLUS ET 200M IM 153-4 PN IO HFSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC S7-1200 CPU 1214C AC/DC/RlySIPLUS ET 200S IM 151-8 PN/DP CPUSIMATIC ET 200pro IM 154-8FX PN/DP CPUSIMATIC ET 200S IM 151-3 PN STSIMATIC CFU PASIPLUS S7-1200 CPU 1212C DC/DC/DC RAILSIPLUS S7-1200 CPU 1212C DC/DC/DCSIMATIC ET 200MP IM 155-5 PN BASIDOOR ATE530S COATEDSIPLUS S7-1200 CPU 1215 DC/DC/DCSIPLUS S7-1500 CPU 1516F-3 PN/DPSIPLUS S7-1200 CPU 1214 DC/DC/RLYSIPLUS S7-1200 CPU 1214 AC/DC/RLYSIMATIC S7-1500 CPU 1515F-2 PNSIPLUS S7-1200 CPU 1214FC DC/DC/RLYSIPLUS S7-1200 CPU 1212 DC/DC/RLYSIMATIC S7-1500 CPU 1513F-1 PNSIMOCODE pro V PROFINETSIWAREX WP522 STSIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMATIC ET 200S IM 151-3 PN HSSIMATIC S7-1200 CPU 1212FC DC/DC/DCSIPLUS HCS4200 CIM4210SIMATIC S7-1200 CPU 1212FC DC/DC/RlySIMATIC S7-1200 CPU 1215C DC/DC/RlySIMATIC ET 200S IM 151-8F PN/DP CPUSIMATIC ET 200pro IM 154-8 PN/DP CPUSIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)SIPLUS S7-1500 CPU 1513-1 PNSIMATIC S7-1200 CPU 1212C DC/DC/RlySIMATIC S7-1200 CPU 1215FC DC/DC/RlySIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIPLUS S7-1200 CPU 1215 DC/DC/RLYSIMATIC Power Line Booster PLB, Base ModuleSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC ET 200S IM 151-3 PN HFSIPLUS S7-1200 CPU 1214C DC/DC/DC RAILSIWAREX WP251SIMATIC TDC CP51M1SIPLUS S7-300 CPU 315-2 PN/DPSIPLUS S7-300 CPU 314C-2 PN/DPSIMATIC S7-1200 CPU 1211C AC/DC/RlySIPLUS ET 200MP IM 155-5 PN STSIPLUS ET 200SP IM 155-6 PN STSIPLUS S7-1500 CPU 1511F-1 PNSIMATIC ET 200SP CPU 1510SP-1 PNSIMATIC S7-1200 CPU 1215C AC/DC/RlySIMATIC S7-1200 CPU 1214FC DC/DC/DCSIWAREX WP231SIMATIC S7-1200 CPU 1217C DC/DC/DCSIMATIC S7-1500 CPU 1516-3 PN/DPSIDOOR ATE530G COATEDSIMATIC S7-1200 CPU 1214C DC/DC/DCSIPLUS ET 200S IM151-3 PN STSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC S7-1200 CPU 1211C DC/DC/RlySIMATIC S7-1500 CPU 1515-2 PNSIMATIC S7-1200 CPU 1215FC DC/DC/DCSIMATIC ET 200SP IM 155-6 PN/3 HFSIMATIC ET 200SP IM 155-6 PN STSIMATIC ET 200M IM 153-4 PN IO STSIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SIMATIC S7-1200 CPU 1214C DC/DC/RlySIMATIC S7-300 CPU 317-2 PN/DPSIMATIC ET 200SP IM 155-6 PN HSSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIPLUS S7-1200 CPU 1215C DC/DC/DCSIMATIC ET 200SP IM 155-6 MF HFSIPLUS ET 200SP IM 155-6 PN ST TX RAILSIPLUS ET 200MP IM 155-5 PN HFSIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC ET 200SP CPU 1510SP F-1 PNSIMATIC ET 200pro IM 154-8F PN/DP CPU
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13921
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.37% / 59.49%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 13:49
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions < SP3 Update 1). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large HTTP request is sent to the executing service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the service provided by the software.

Action-Not Available
Vendor-Siemens AG
Product-simatic_winac_rtx_\(f\)_2010SIMATIC WinAC RTX (F) 2010
CWE ID-CWE-410
Insufficient Resource Pool
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13940
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.60% / 70.17%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 15:36
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp. Beyond the web service, no other functions or interfaces are affected by the denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-300_cpu_317-2_pn\/dp_firmwaresimatic_winac_rtx_\(f\)_2010siplus_s7-300_cpu_314siplus_s7-300_cpu_315-2_pn\/dp_firmwares7-1200_cpu_1214fcs7-1200_cpu_1215fc_firmwaresimatic_s7-300_cpu_319-3_pn\/dpsimatic_s7-300_cpu_317-2_dpsiplus_s7-300_cpu_315-2_pn\/dpsimatic_s7-300_cpu_315-2dp_firmwaresiplus_s7-300_cpu_317-2_pn\/dpsiplus_cpu_1214c_firmwares7-1200_cpu_1214c_firmwares7-1200_cpu_1212c_firmwaresimatic_s7-300_cpu_317-2_dp_firmwaresimatic_s7-300_cpu_315-2_pn\/dp_firmwaresimatic_s7-400_pn\/dp_cpu_firmwaresiplus_cpu_1211csiplus_s7-300_cpu_317-2_pn\/dp_firmwaresiplus_s7-300_cpu_315-2_dp_firmwaresimatic_s7-400_pn\/dp_cpus7-1200_cpu_1215csiplus_cpu_1215c_firmwares7-1200_cpu_1211c_firmwaresiplus_cpu_1212c_firmwaresiplus_cpu_1214csimatic_s7-300_cpu_317-2_pn\/dps7-1200_cpu_1212cs7-1200_cpu_1217c_firmwaresiplus_s7-1200simatic_s7-300_cpu_315-2dpsiplus_s7-300_cpu_315-2_dpsiplus_cpu_1211c_firmwaresimatic_s7-300_cpu_315-2_pn\/dpsiplus_cpu_1215cs7-1200_cpu_1212fc_firmwares7-1200_cpu_1212fcsimatic_s7-300_cpu_319-3_pn\/dp_firmwaresiplus_s7-300_cpu_314_firmwares7-1200_cpu_1215fcs7-1200_cpu_1211cs7-1200_cpu_1215c_firmwares7-1200_cpu_1214csiplus_cpu_1212cs7-1200_cpu_1217cs7-1200_cpu_1214fc_firmwaresiplus_s7-1200_firmwareSIMATIC ET 200pro IM154-8F PN/DP CPUSIMATIC S7-300 CPU 317T-3 PN/DPSIMATIC WinAC RTX 2010SIMATIC ET 200S IM151-8 PN/DP CPUSIMATIC ET 200S IM151-8F PN/DP CPUSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC WinAC RTX F 2010SIPLUS ET 200S IM151-8 PN/DP CPUSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317F-2 PN/DPSIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317-2 PN/DPSIMATIC S7-300 CPU 317TF-3 PN/DPSIPLUS ET 200S IM151-8F PN/DP CPUSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM154-8 PN/DP CPUSIMATIC ET 200pro IM154-8FX PN/DP CPUSIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315T-3 PN/DPSIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC S7-300 CPU 319F-3 PN/DPSIPLUS S7-300 CPU 314C-2 PN/DP
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-21945
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.57%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-12 May, 2026 | 13:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and 21.0.9; Oracle GraalVM Enterprise Edition: 21.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationSiemens AG
Product-graalvm_for_jdkjdkjregraalvmOracle GraalVM for JDKOracle GraalVM Enterprise EditionOracle Java SESIMATIC CN 4100
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-7584
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.39% / 60.50%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:18
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-200 SMART CPU family (All versions >= V2.2 < V2.5.1). Affected devices do not properly handle large numbers of new incomming connections and could crash under certain circumstances. An attacker may leverage this to cause a Denial-of-Service situation.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-200_smart_sr_cpusimatic_s7-200_smart_sr_cpu_firmwaresimatic_s7-200_smart_st_cpu_firmwaresimatic_s7-200_smart_st_cpuSIMATIC S7-200 SMART CPU family
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-27827
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.50% / 66.71%
||
7 Day CHG~0.00%
Published-18 Mar, 2021 | 00:00
Updated-03 Dec, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-openvswitchlldpd_projectn/aFedora ProjectRed Hat, Inc.Siemens AG
Product-simatic_net_cp_1243-8_irc_firmwaresimatic_net_cp_1543sp-1_firmwaresimatic_net_cp_1545-1_firmwaretim_1531_ircsinumerik_one_firmwareopenshift_container_platformsimatic_net_cp_1542sp-1_ircsimatic_net_cp_1543sp-1simatic_net_cp_1243-1tim_1531_irc_firmwaresimatic_net_cp_1542sp-1simatic_hmi_unified_comfort_panelssinumerik_onesimatic_net_cp_1543-1_firmwarevirtualizationsimatic_net_cp_1243-8_ircsimatic_net_cp_1243-1_firmwareenterprise_linuxfedorasimatic_net_cp_1543-1openvswitchsimatic_net_cp_1545-1simatic_net_cp_1542sp-1_irc_firmwareopenstacksimatic_hmi_unified_comfort_panels_firmwarelldpdsimatic_net_cp_1542sp-1_firmwarelldp/openvswitch
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-25242
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.27%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions). Specially crafted packets sent to TCP port 102 could cause a Denial-of-Service condition on the affected devices. A cold restart might be necessary in order to recover.

Action-Not Available
Vendor-Siemens AG
Product-simatic_net_cp_343-1_standard_firmwaresimatic_net_cp_343-1_advancedsimatic_net_cp_343-1_standardsimatic_net_cp_343-1_leansimatic_net_cp_343-1_advanced_firmwaresimatic_net_cp_343-1_lean_firmwareSIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants)SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-15783
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.94%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 19:21
Updated-02 Jun, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_840d_slsimatic_s7-300_cpu_315f-2_pn_firmwaresimatic_s7-300_cpu_315-2_pnsimatic_s7-300_cpu_317-2_dp_firmwaresimatic_s7-300_cpu_314_firmwaresimatic_s7-300_cpu_315f-2_dp_firmwaresimatic_s7-300_cpu_315-2_dp_firmwaresimatic_s7-300_cpu_317f-2_dpsimatic_s7-300_cpu_312simatic_tdc_cpu555simatic_s7-300_cpu_317-2_dpsimatic_s7-300_cpu_315f-2_pnsimatic_s7-300_cpu_312_firmwaresimatic_s7-300_cpu_315-2_dpsimatic_s7-300_cpu_317f-2_dp_firmwaresimatic_s7-300_cpu_317-2_pn_firmwaresimatic_s7-300_cpu_317f-2_pn_firmwaresimatic_s7-300_cpu_315-2_pn_firmwaresimatic_s7-300_cpu_317f-2_pnsimatic_s7-300_cpu_315f-2_dpsimatic_s7-300_cpu_317-2_pnsinumerik_840d_sl_firmwaresimatic_s7-300_cpu_314simatic_tdc_cpu555_firmwareSIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SINUMERIK 840D slSIMATIC TDC CPU555
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-6578
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.77%
||
7 Day CHG~0.00%
Published-14 May, 2019 | 19:54
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G28), SINAMICS PERFECT HARMONY GH180 with NXG II control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G28). A denial of service vulnerability exists in the affected products. The vulnerability could be exploited by an attacker with network access to the device. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr3sinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr3sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr3_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr2_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr4sinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr4_firmwaresinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr4_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr3_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr2sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr4sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr2sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr2_firmwareSINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...-SINAMICS PERFECT HARMONY GH180 with NXG II control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...-
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-19301
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.54% / 68.02%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 19:50
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALANCE X204IRT PRO, SCALANCE X206-1, SCALANCE X206-1LD, SCALANCE X208, SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204-2, SCALANCE XF204-2BA IRT, SCALANCE XF204IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIMATIC CP 343-1 Advanced, SIMATIC CP 442-1 RNA, SIMATIC CP 443-1, SIMATIC CP 443-1, SIMATIC CP 443-1 Advanced, SIMATIC CP 443-1 RNA, SIMATIC RF180C, SIMATIC RF182C, SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SIPLUS NET SCALANCE X308-2. The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf182csimatic_rf182c_firmwarescalance_xp-200_firmwarescalance_x-200irt_pro_firmwaresimatic_cp_443-1_advanced_firmwarescalance_xc-200_firmwaresimatic_cp_443-1_firmwarescalance_xb-200scalance_xr-300wg_firmwarescalance_xr-300wgscalance_xp-200simatic_rf180cscalance_x-200irt_firmwarescalance_xr-300scalance_x-300scalance_x-200irtscalance_x-200irt_prosimatic_cp_443-1scalance_xb-200_firmwarescalance_xf-200_firmwarescalance_xf-200scalance_xr-300_firmwarescalance_x-300_firmwaresimatic_rf180c_firmwarescalance_xc-200simatic_cp_443-1_advancedSCALANCE XF208SCALANCE XR324-12M TS (24V)SCALANCE XR324-4M EEC (24V, ports on front)SCALANCE X204IRTSCALANCE XR324-12M (230V, ports on rear)SCALANCE X307-2 EEC (2x 24V, coated)SCALANCE XF204-2BA IRTSCALANCE X204-2FMSCALANCE X204-2TSSCALANCE X307-3SCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SCALANCE X204-2LD TSSCALANCE X302-7 EEC (24V, coated)SCALANCE X307-2 EEC (230V, coated)SIMATIC CP 443-1 AdvancedSIMATIC RF180CSCALANCE X224SIPLUS NET SCALANCE X308-2SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SCALANCE X202-2P IRTSCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SIMATIC CP 443-1SCALANCE X206-1LDSCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SIMATIC CP 343-1 AdvancedSCALANCE X208SCALANCE X304-2FESCALANCE X307-2 EEC (230V)SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SCALANCE X302-7 EEC (2x 24V)SCALANCE XF204IRTSCALANCE X307-2 EEC (2x 230V)SCALANCE X208PROSCALANCE X212-2LDSCALANCE X204IRT PROSCALANCE X302-7 EEC (24V)SCALANCE X204-2SCALANCE XF206-1SIMATIC RF182CSCALANCE XR324-4M EEC (2x 24V, ports on rear)SIPLUS NET CP 443-1SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SCALANCE X204-2LDSCALANCE X201-3P IRTSCALANCE X308-2MSCALANCE X308-2M PoESCALANCE X310FESCALANCE X308-2LH+SCALANCE X206-1SCALANCE XF204SIPLUS NET CP 343-1 AdvancedSCALANCE X307-3LDSCALANCE X202-2IRTSCALANCE X308-2LHSCALANCE XF204-2SCALANCE XR324-4M EEC (24V, ports on rear)SIMATIC CP 442-1 RNASCALANCE XR324-4M PoE (24V, ports on front)SIPLUS NET CP 443-1 AdvancedSCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SCALANCE XF201-3P IRTSCALANCE XF202-2P IRTSCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE X202-2P IRT PROSCALANCE X310SCALANCE X307-2 EEC (2x 24V)SCALANCE XR324-12M (24V, ports on front)SCALANCE X212-2SCALANCE X320-1 FESCALANCE X306-1LD FESIMATIC CP 443-1 RNASCALANCE X308-2M TSSCALANCE XR324-4M PoE (230V, ports on front)SCALANCE X216SCALANCE X302-7 EEC (230V, coated)SCALANCE X201-3P IRT PROSCALANCE X302-7 EEC (2x 230V, coated)SCALANCE X200-4P IRTSCALANCE X320-1-2LD FESCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE XR324-12M (230V, ports on front)SCALANCE XR324-4M EEC (2x 24V, ports on front)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13946
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.55% / 68.57%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 15:36
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.

Action-Not Available
Vendor-Siemens AG
Product-simatic_et200al_im_157-1_pn_firmwaresimatic_rf182cscalance_xr526simatic_et200m_im153-4_pn_io_hf_firmwarescalance_xr552_firmwaresimatic_et200mp_im155-5_pn_st_firmwarescalance_xr552simatic_cp_1616ruggedcom_rm1224_firmwaresimatic_cp_1604simatic_et200sp_im155-6_pn_hfdk_standard_ethernet_controllerscalance_xr-300wgscalance_xp-200simatic_et200mp_im155-5_pn_hf_firmwarescalance_xf-200basimatic_ipc_supportscalance_x-400_firmwarescalance_x-300scalance_x-200irtsimatic_cp_443-1simatic_cp_343-1_erpcscalance_xf-200_firmwarescalance_xf-200simatic_et200sp_im155-6_pn_basicsimatic_et200sp_im155-6_pn_hf_firmwarescalance_s615_firmwaresimatic_cp_1616_firmwarescalance_xr524_firmwarescalance_w700_ieee_802.11n_firmwarescalance_m-800_firmwaresimatic_et200m_im153-4_pn_io_st_firmwaresimatic_cp_443-1_advanced_firmwarescalance_xc-200_firmwareprofinet_driversimatic_cp_343-1simatic_et200al_im_157-1_pnim_154-3_pn_hfsimatic_cp_343-1_lean_firmwaresimatic_mv420_firmwarescalance_xr-300wg_firmwaresimatic_mv420im_154-4_pn_hfsimatic_et200ecopnscalance_x-200irt_firmwaresimatic_et200s_firmwarescalance_xr526_firmwarescalance_x-300_firmwareek-ertec_200scalance_xr524simatic_rf600simatic_cp_443-1_opc_uaek-ertec_200_firmwaresinamics_dcp_firmwaresimatic_cp_443-1_advancedsimatic_mv440simatic_cp_343-1_firmwarescalance_xm-400simatic_et200pro_firmwaresimatic_cp_343-1_leanscalance_xf-200ba_firmwaresimatic_et200ecopn_firmwareek-ertec_200p_firmwarescalance_xr528_firmwarescalance_xr528simatic_rf180csimatic_mv440_firmwareruggedcom_rm1224scalance_x-400simatic_cp_1604_firmwarescalance_s615im_154-4_pn_hf_firmwaresimatic_cp_343-1_advanced_firmwaresimatic_cp_443-1_opc_ua_firmwaresimatic_rf600_firmwarescalance_w700_ieee_802.11nsimatic_pn\/pn_coupler_firmwaresimatic_et200m_im153-4_pn_io_stek-ertec_200psinamics_dcpsimatic_et200ssimatic_rf182c_firmwarescalance_xp-200_firmwaresimatic_et200sp_im155-6_pn_basic_firmwaresimatic_et200mp_im155-5_pn_stsimatic_cp_443-1_firmwarescalance_xb-200simatic_et200sp_im155-6_pn_st_firmwareim_154-3_pn_hf_firmwarescalance_xm-400_firmwaresimatic_cp_343-1_erpc_firmwaresimatic_et200proscalance_xb-200_firmwaresimatic_pn\/pn_couplersimatic_et200sp_im155-6_pn_stsimatic_et200mp_im155-5_pn_hfscalance_xc-200simatic_rf180c_firmwaresimatic_cp_343-1_advancedscalance_m-800simatic_et200m_im153-4_pn_io_hfSCALANCE XF208SIMOTION DSCALANCE XR324-4M EEC (24V, ports on front)SCALANCE X204IRTSCALANCE X307-2 EEC (2x 24V, coated)SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMOTION PSCALANCE XB-200 familySCALANCE X204-2TSSCALANCE X307-3SCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SIPLUS ET 200MP IM 155-5 PN HF T1 RAILSCALANCE X307-2 EEC (230V, coated)SIMATIC RF180CSIMATIC MV440 HRSIPLUS NET SCALANCE X308-2SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SIMATIC ET200ecoPN: IO-Link MasterSCALANCE X202-2P IRTSCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SIMATIC CP 443-1SOFTNET-IE PNIOSCALANCE S615 LAN-RouterSCALANCE X206-1LDSIMATIC CP 343-1 AdvancedSIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIMATIC ET 200M IM 153-4 PN IO HF (incl. SIPLUS variants)SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC MV420 SR-BSCALANCE XR-500 familySINAMICS DCPSIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SCALANCE XF204IRTSCALANCE X307-2 EEC (2x 230V)SIMATIC ET 200MP IM 155-5 PN STSCALANCE M826-2 SHDSL-RouterSCALANCE XF-200BASCALANCE X204IRT PROSIMATIC MV420 SR-PSCALANCE XP-200SIMATIC RF182CSIPLUS NET CP 443-1SIMOTION CSCALANCE X201-3P IRTSCALANCE M804PBSIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSCALANCE X206-1SCALANCE XF204SIMATIC MV420 SR-B BodyDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC IPC Support, Package for VxWorksSCALANCE X308-2LHSCALANCE XF204-2SCALANCE XR324-4M EEC (24V, ports on rear)SCALANCE XR324-4M PoE (24V, ports on front)SCALANCE XM-400 familySCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SCALANCE XF201-3P IRTSIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySCALANCE M816-1 ADSL-RouterSIMATIC MV440 SRSCALANCE M812-1 ADSL-RouterSCALANCE X307-2 EEC (2x 24V)SCALANCE X212-2SCALANCE X306-1LD FESCALANCE X308-2M TSSCALANCE M876-3SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200MP IM 155-5 PN ST TX RAILSCALANCE X201-3P IRT PROSCALANCE X302-7 EEC (2x 230V, coated)SCALANCE X320-1-2LD FESCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE XR324-12M TS (24V)SCALANCE XR324-12M (230V, ports on rear)SCALANCE XF204-2BA IRTSCALANCE X204-2FMSIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SIMATIC ET200ecoPN, 4AO U/I 4xM12SCALANCE X204-2LD TSSIMATIC ET 200SP IM 155-6 PN HFSCALANCE X302-7 EEC (24V, coated)SIMATIC CP 443-1 AdvancedSCALANCE XR-300WG familySCALANCE X224SIMATIC ET 200SP IM 155-6 PN STSIPLUS ET 200SP IM 155-6 PN HFPROFINET Driver for ControllerSIMATIC RF600R familySCALANCE M876-4 (NAM)SCALANCE M874-3SCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SIMATIC ET 200SP IM 155-6 PN BASCALANCE X208SCALANCE M876-3 (ROK)SCALANCE X304-2FESCALANCE X307-2 EEC (230V)SIPLUS NET CP 343-1 LeanSCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SIMATIC ET 200SP IM 155-6 PN ST BASCALANCE X302-7 EEC (2x 24V)SIMATIC ET 200MP IM 155-5 PN HFRUGGEDCOM RM1224 familySIMATIC ET 200pro IM 154-4 PN HFSCALANCE X208PROSIPLUS NET CP 343-1SCALANCE X212-2LDSCALANCE X302-7 EEC (24V)SCALANCE X204-2SCALANCE XF206-1SIMATIC ET200S (incl. SIPLUS variants)SIMATIC CP 343-1 LeanSCALANCE XR324-4M EEC (2x 24V, ports on rear)SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SCALANCE X204-2LDSCALANCE M876-4 (EU)SIMATIC ET 200M IM 153-4 PN IO ST (incl. SIPLUS variants)SCALANCE X308-2MSCALANCE X308-2M PoESCALANCE X310FESCALANCE X308-2LH+SIPLUS NET CP 343-1 AdvancedSIMATIC CP 343-1SCALANCE X307-3LDDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIPLUS NET CP 443-1 AdvancedSCALANCE XF202-2P IRTSCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE X202-2P IRT PROSCALANCE X310SCALANCE XR324-12M (24V, ports on front)SIPLUS ET 200MP IM 155-5 PN STSCALANCE X320-1 FESCALANCE M874-2SCALANCE XR324-4M PoE (230V, ports on front)SIMATIC CP 343-1 ERPCSIPLUS ET 200SP IM 155-6 PN STSIMATIC MV440 URSCALANCE X216SIMATIC CP 1616 and CP 1604SCALANCE X302-7 EEC (230V, coated)SIPLUS ET 200MP IM 155-5 PN HFSCALANCE X200-4P IRTSCALANCE XC-200SCALANCE X202-2IRTSCALANCE XR324-12M (230V, ports on front)SCALANCE XR324-4M EEC (2x 24V, ports on front)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-44487
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-94.39% / 99.97%
||
7 Day CHG-0.00%
Published-10 Oct, 2023 | 00:00
Updated-12 May, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-31||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Action-Not Available
Vendor-varnish_cache_projectamazonlinkerdakkatraefikcaddyserverprojectcontourdenagrpcistioenvoyproxykonghqlinecorpkazu-yamamotonghttp2openrestyn/aRed Hat, Inc.NetApp, Inc.Siemens AGGoF5, Inc.The Netty ProjectThe Apache Software FoundationMicrosoft CorporationApple Inc.Eclipse Foundation AISBLCisco Systems, Inc.Fedora ProjectDebian GNU/LinuxThe IETF Administration LLC (IETF LLC)FacebookNode.js (OpenJS Foundation)Jenkins
Product-nexus_9804nexus_9332d-h2rnexus_9372txnexus_9200istionexus_92160yc_switchfedoranexus_92160yc-xsiplus_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwareenterprise_chat_and_email.netvisual_studio_2022windows_10_22h2node_healthcheck_operatornexus_36180yc-ropenshift_sandboxed_containersnexus_9500_4-slotnexus_93128tx_switchnexus_92300ycbig-ip_nextcost_managementjboss_enterprise_application_platformnexus_9200ycnexus_9332pqnexus_9396txproxygenultra_cloud_core_-_session_management_functionintegration_camel_kintegration_camel_for_spring_bootnexus_3064tazure_kubernetes_servicenexus_93180yc-fxcrosswork_zero_touch_provisioningbig-ip_analyticsnexus_3432d-snexus_93180yc-fx3secure_malware_analyticsopensearch_data_preppersecure_web_appliance_firmwareweb_terminalprime_infrastructurenexus_93180lc-ex_switchopenshift_container_platform_assisted_installercertification_for_red_hat_enterprise_linuxprime_cable_provisioningnexus_93108tc-fx-24connected_mobile_experiencesnexus_92300yc_switchprocess_automationexpresswayhttp_serverunified_attendant_console_advancedopenstack_platformnginx_plusnexus_93240yc-fx2nexus_3636c-rcryostatnexus_3100-zsingle_sign-onopenshift_distributed_tracingnexus_9736pqnexus_9272qnexus_3016qnexus_93108tc-ex-24unified_contact_center_domain_managernexus_9396tx_switchopenshift_developer_tools_and_servicesnexus_93128crosswork_situation_managernexus_93180yc-ex-24nexus_9332pq_switchwindows_server_2022nexus_31108pc-vopenshift_api_for_data_protectionopenshift_gitopsnexus_3132c-zsupport_for_spring_bootwindows_server_2016nexus_3016nexus_3132q-vopenshift_service_mesh3scale_api_management_platformnexus_3464cnexus_9500ropenshiftcaddynexus_3100-vnexus_3132qopenshift_secondary_scheduler_operatornexus_3064-32tnexus_31108tc-varmeriagomigration_toolkit_for_containersbuild_of_optaplannernexus_3232nexus_9372pxbig-ip_websafenexus_9500_supervisor_anexus_9348gc-fxpultra_cloud_core_-_serving_gateway_functionnexus_3172tqnexus_9504windows_10_21h2nexus_3064xnexus_3232cnexus_9636pqnexus_3400jettyansible_automation_platformnexus_9500_supervisor_bnexus_9372tx-ewindows_10_1809nexus_3524-xlnexus_3408-snexus_3172tq-32tnexus_93180tc-exnexus_9516nexus_3524-xnexus_3264c-enexus_3172pqnexus_3172pq\/pq-xlnexus_9336pqastra_control_centernexus_9364c-gxnexus_9336c-fx2simatic_s7-1500_cpu_1518-4_pn\/dpnexus_9236cnexus_9536pqnexus_9236c_switchnexus_93180yc-fx-24nexus_31128pqnetwork_observability_operatorbig-ip_application_security_managerprime_access_registrarswiftnio_http\/2linkerdios_xewindows_11_22h2nexus_9500_supervisor_b\+nexus_9364d-gx2adecision_managerbig-ip_policy_enforcement_managerquaynexus_3264qbusiness_process_automationnexus_3100vsecure_dynamic_attributes_connectornexus_9372tx_switchnexus_9500_supervisor_a\+machine_deletion_remediation_operatornode.jssatellitenexus_9348d-gx2abig-ip_domain_name_systemnexus_3064nexus_9372px-e_switchbig-ip_link_controllernexus_93108tc-ex_switchhttpbig-ip_advanced_firewall_managerprime_network_registrarcert-manager_operator_for_red_hat_openshiftnexus_9432pqtraefikbuild_of_quarkusnexus_3524self_node_remediation_operatorcrosswork_data_gatewaycontournode_maintenance_operatorcbl-marinernexus_9716d-gxsinec_insh2onexus_9332d-gx2bnexus_9372px_switchapisixjboss_core_servicesnexus_9500_16-slotsimatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwareoncommand_insightnexus_9372px-enexus_9336pq_aci_spinenexus_3548-xnexus_9221cnexus_9272q_switchnexus_93108tc-fxfirepower_threat_defensebig-ip_fraud_protection_servicewindows_server_2019migration_toolkit_for_virtualizationvarnish_cacheunified_contact_center_enterprisenexus_93108tc-fx3hnexus_93240tc-fx2asp.net_coretelepresence_video_communication_servernexus_93216tc-fx2nexus_3100traffic_servernexus_3064-xnexus_9348gc-fx3nexus_9332cbig-ip_application_visibility_and_reportingnexus_3132q-x\/3132q-xltomcatwindows_10_1607simatic_s7-1500_cpu_1518f-4_pn\/dp_mfp_firmwarenexus_3172tq-xlnexus_3548-xlnexus_9336pq_aci_spine_switchsiplus_s7-1500_cpu_1518-4_pn\/dp_mfpnexus_3164qdebian_linuxnexus_9396px_switchnexus_9396pxlogging_subsystem_for_red_hat_openshiftnexus_9364cbig-ip_webacceleratoropenshift_serverlessnetworkingnexus_9500big-ip_ssl_orchestratornexus_93180yc-ex_switchnexus_9508nexus_3132q-xnexus_93120txnexus_3132q-xlnexus_9408ruggedcom_ape1808_firmwarenexus_34180ycnexus_93180yc-fx3snx-osnexus_93180lc-exunified_contact_center_management_portalnexus_92304qc_switchdata_center_network_manageropenrestynexus_92348gc-xbig-ip_application_acceleration_manageropenshift_virtualizationnexus_93108tc-fx3pnexus_93360yc-fx2nexus_3172pq-xlnexus_31108pv-vgrpcnexus_93128txnexus_3064-tadvanced_cluster_management_for_kubernetesbig-ip_advanced_web_application_firewallenvoynexus_3232c_big-ip_global_traffic_managernginxfence_agents_remediation_operatorjboss_data_gridios_xrfog_directorsimatic_s7-1500_cpu_1518f-4_pn\/dp_mfpbig-ip_carrier-grade_natnexus_9300windows_11_21h2secure_web_applianceintegration_service_registryhttp2openshift_dev_spacesbig-ip_ddos_hybrid_defendernexus_93180yc-fx3hservice_interconnectnghttp2openshift_data_sciencest7_scadaconnectnexus_93120tx_switchbig-ip_local_traffic_managerbig-ip_access_policy_managerjboss_fuseopenshift_container_platformopenshift_pipelinesnexus_3048nexus_9508_switchnettynexus_9336c-fx2-enexus_93600cd-gxnexus_34200yc-smnexus_9516_switchceph_storagenexus_3600jboss_a-mqrun_once_duration_override_operatornexus_9000vnexus_3172nexus_3500sinec_nmsruggedcom_ape1808nexus_9336pq_acinexus_9316d-gxnexus_9800kong_gatewayadvanced_cluster_securitynexus_3548-x\/xlunified_contact_center_enterprise_-_live_data_serverultra_cloud_core_-_policy_control_functionbig-ip_next_service_proxy_for_kubernetesnexus_9232enexus_9808jboss_a-mq_streamsnexus_92304qciot_field_network_directornexus_9500_8-slotmigration_toolkit_for_applicationsnexus_3200solrjenkinsnginx_ingress_controllernexus_93180yc-exnexus_9372tx-e_switchnexus_93108tc-exnexus_9504_switchnexus_3524-x\/xlnexus_3548service_telemetry_frameworkenterprise_linuxn/aRUGGEDCOM APE1808SINEC NMSSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPhttpHTTP/2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-44321
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.1||MEDIUM
EPSS-0.10% / 26.76%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 11:04
Updated-25 Feb, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again.

Action-Not Available
Vendor-Siemens AG
Product-6gk5328-4ss00-2ar3_firmware6gk5206-2bb00-2ac26ag1206-2bs00-7ac2_firmware6gk5208-0ga00-2ac2_firmware6gk5204-0ba00-2gf2_firmware6gk5208-0ha00-2ts6_firmware6ag1216-4bs00-7ac26gk5324-0ba00-3ar36gk5205-3bf00-2tb2_firmware6gk5208-0ba00-2tb2_firmware6gk5216-3rs00-2ac26gk5208-0ga00-2ac26gk5213-3bb00-2tb2_firmware6gk5206-2rs00-5ac26gk5224-4gs00-2ac26gk5328-4fs00-3rr3_firmware6gk5216-0ha00-2es6_firmware6gk5204-0ba00-2gf26gk5326-2qs00-3rr3_firmware6gk5328-4fs00-2ar3_firmware6gk5216-0ha00-2ts6_firmware6gk5328-4fs00-3ar36gk5206-2rs00-2ac2_firmware6gk5213-3bd00-2ab2_firmware6gk5205-3bb00-2ab26gk5208-0ga00-2tc2_firmware6gk5213-3bd00-2tb26gk5204-0ba00-2yf2_firmware6gk5206-2rs00-5ac2_firmware6gk5206-2gs00-2fc2_firmware6gk5224-0ba00-2ac2_firmware6gk5216-0ba00-2ac2_firmware6gk5205-3bb00-2tb26gk5324-0ba00-2ar3_firmware6gk5216-4gs00-2fc2_firmware6gk5208-0ua00-5es66ag1208-0ba00-7ac26gk5224-4gs00-2fc2_firmware6gk5328-4fs00-2ar36gk5213-3bf00-2tb2_firmware6gk5205-3bb00-2tb2_firmware6gk5208-0ra00-2ac2_firmware6gk5224-4gs00-2tc26gk5216-0ba00-2ac26gk5324-0ba00-3ar3_firmware6gk5216-4bs00-2ac26gk5224-4gs00-2ac2_firmware6gk5326-2qs00-3ar3_firmware6gk5324-0ba00-2ar36gk5208-0ga00-2tc26gk5213-3bf00-2ab26gk5216-0ha00-2as66gk5216-0ha00-2es66gk5216-4gs00-2tc26gk5206-2bd00-2ac26gk5224-0ba00-2ac26gk5328-4fs00-2rr3_firmware6gk5206-2rs00-5fc26gk5206-2gs00-2tc2_firmware6gk5208-0ua00-5es6_firmware6gk5206-2gs00-2tc26gk5216-0ua00-5es66gk5213-3bf00-2ab2_firmware6gk5205-3bf00-2ab26ag1206-2bb00-7ac2_firmware6gk5208-0ga00-2fc26gk5213-3bd00-2tb2_firmware6gk5208-0ga00-2fc2_firmware6gk5213-3bf00-2tb26gk5328-4fs00-2rr36gk5213-3bb00-2tb26gk5216-0ba00-2ab26gk5216-0ba00-2fc2_firmware6gk5204-2aa00-2yf26gk5213-3bd00-2ab26gk5206-2gs00-2fc26gk5206-2gs00-2ac26gk5205-3bb00-2ab2_firmware6gk5208-0ba00-2fc2_firmware6gk5208-0ba00-2ab26gk5204-2aa00-2gf26gk5208-0ba00-2ac2_firmware6gk5216-0ba00-2fc26gk5328-4ss00-3ar36gk5216-3rs00-5ac26gk5208-0ba00-2tb26gk5206-2rs00-5fc2_firmware6gk5206-2bs00-2ac26gk5328-4fs00-3rr36gk5205-3bd00-2ab26gk5224-4gs00-2tc2_firmware6gk5224-4gs00-2fc26gk5208-0ba00-2ac26gk5206-2bs00-2fc26gk5208-0ha00-2as6_firmware6gk5206-2bs00-2ac2_firmware6gk5208-0ra00-2ac26gk5205-3bf00-2tb26gk5216-0ua00-5es6_firmware6gk5216-4gs00-2ac26gk5208-0ha00-2as66gk5205-3bd00-2tb26ag1206-2bs00-7ac26gk5204-0ba00-2yf26gk5208-0ha00-2ts66gk5208-0ra00-5ac26gk5213-3bb00-2ab26gk5216-0ba00-2ab2_firmware6gk5216-0ha00-2ts66gk5208-0ba00-2fc26gk5216-0ba00-2tb2_firmware6gk5206-2gs00-2ac2_firmware6gk5326-2qs00-3rr36gk5216-4bs00-2ac2_firmware6gk5216-4gs00-2ac2_firmware6gk5206-2bs00-2fc2_firmware6gk5205-3bd00-2ab2_firmware6gk5328-4ss00-2ar36ag1216-4bs00-7ac2_firmware6gk5208-0ha00-2es6_firmware6gk5205-3bf00-2ab2_firmware6gk5216-3rs00-2ac2_firmware6ag1206-2bb00-7ac26gk5204-2aa00-2gf2_firmware6gk5208-0ra00-5ac2_firmware6gk5216-4gs00-2tc2_firmware6gk5208-0ha00-2es66gk5328-4ss00-3ar3_firmware6gk5216-3rs00-5ac2_firmware6gk5204-2aa00-2yf2_firmware6gk5216-0ha00-2as6_firmware6gk5216-4gs00-2fc26gk5206-2bd00-2ac2_firmware6gk5328-4fs00-3ar3_firmware6gk5208-0ba00-2ab2_firmware6gk5205-3bd00-2tb2_firmware6ag1208-0ba00-7ac2_firmware6gk5326-2qs00-3ar36gk5206-2rs00-2ac26gk5206-2bb00-2ac2_firmware6gk5213-3bb00-2ab2_firmware6gk5216-0ba00-2tb2SCALANCE M812-1 ADSL-Router familySCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (RoW)SCALANCE XP208EECSCALANCE XB206-2 (SC)SCALANCE XB206-2 (ST/BFOC)SCALANCE M816-1 ADSL-Router familySCALANCE XP208GSCALANCE M874-3 3G-Router (CN)SCALANCE XC206-2 (ST/BFOC)SCALANCE XB213-3LD (SC, E/IP)SCALANCE XP208PoE EECSCALANCE M876-3SCALANCE XC208SCALANCE XR328-4C WG (28xGE, AC 230V)SCALANCE XP208G PPSCALANCE XC216-4C G EECSCALANCE XF204-2BA DNASCALANCE XF204GSCALANCE XC206-2SFP EECSCALANCE XC206-2SFP G EECSCALANCE XF204SCALANCE XB216 (PN)SCALANCE XB213-3 (ST, E/IP)SCALANCE XC216-3G PoESCALANCE MUM853-1 (EU)SCALANCE XC206-2G PoE EEC (54 V DC)SCALANCE XB205-3 (ST, E/IP)SCALANCE XB216 (E/IP)SCALANCE MUM856-1 (CN)SCALANCE M876-3 (ROK)SCALANCE XF204 DNASCALANCE XC206-2 (SC)SIPLUS NET SCALANCE XC216-4CSCALANCE XC208G EECSCALANCE XB213-3 (ST, PN)SCALANCE M874-2SCALANCE XB206-2LDSCALANCE XC206-2SFP G (EIP DEF.)SCALANCE XR326-2C PoE WGSCALANCE XC224-4C G EECSCALANCE XC216EECSCALANCE XR324WG (24 X FE, DC 24V)SCALANCE XB205-3 (ST, PN)SCALANCE XC206-2SFPSCALANCE MUM853-1 (A1)SCALANCE XP208G EECSCALANCE XB213-3 (SC, E/IP)SCALANCE XB208 (E/IP)SCALANCE XF204-2BASCALANCE XP216EEC (V2)SCALANCE XP216 (Ethernet/IP)SCALANCE XP216GSCALANCE XB206-2 LDSCALANCE XP216G PoE EECSCALANCE XR326-2C PoE WG (without UL)SCALANCE XP208 (Ethernet/IP)SCALANCE XC206-2G PoESCALANCE XC216-4C G (EIP Def.)SCALANCE XP216SCALANCE XP216G EECSCALANCE XR324WG (24 x FE, AC 230V)SCALANCE XC208G PoE (54 V DC)SCALANCE XC208EECSIPLUS NET SCALANCE XC206-2SCALANCE M804PBSCALANCE XC206-2SFP GSCALANCE XC224-4C G (EIP Def.)SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)SCALANCE XC208G PoESCALANCE M876-4SCALANCE XR328-4C WG (28xGE, DC 24V)SCALANCE XC216-3G PoE (54 V DC)SCALANCE XB213-3 (SC, PN)SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE XP208SIPLUS NET SCALANCE XC208SCALANCE MUM856-1 (EU)SCALANCE MUM856-1 (B1)SCALANCE MUM853-1 (B1)SCALANCE XP216EECSCALANCE XC208G (EIP def.)SCALANCE XB205-3 (SC, PN)SCALANCE XP216PoE EEC (V2)SCALANCE XB208 (PN)SCALANCE M876-4 (EU)SCALANCE M876-4 (NAM)SCALANCE XP216 (V2)SCALANCE XB206-2 SCSCALANCE XB206-2 STSCALANCE M874-3SCALANCE XC224SCALANCE XC216SCALANCE XC206-2G PoE (54 V DC)SCALANCE S615 EEC LAN-RouterSCALANCE XB213-3LD (SC, PN)SCALANCE XB205-3LD (SC, PN)SCALANCE XB205-3LD (SC, E/IP)SCALANCE MUM856-1 (A1)SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SCALANCE XP208G PoE EECSCALANCE S615 LAN-RouterSCALANCE XC216-4CRUGGEDCOM RM1224 LTE(4G) EUSCALANCE XP216POE EECSCALANCE XC216-4C GSIPLUS NET SCALANCE XC206-2SFPSCALANCE XC208GRUGGEDCOM RM1224 LTE(4G) NAMSCALANCE XC224-4C G
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-10923
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.47% / 65.06%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 13:49
Updated-11 Feb, 2025 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-300_cpu_313simatic_winac_rtx_\(f\)cp1604_firmwaresinamics_s150_firmwaresimatic_et_200mdk_standard_ethernet_controllersinamics_dcm_firmwaresimatic_s7-400_v6sinamics_gm150simatic_et_200ecopn_firmwaresinamics_gl150_firmwaresimatic_s7-400_pn_v7_firmwaresimatic_s7-400_dp_v7sinamics_gl150sinumerik_840d_slscalance_x-200irtsimatic_s7-300_cpu_firmwaresimatic_s7-400_pn_v7sinamics_gh150cp1616simatic_et_200s_firmwaresimatic_s7-300_cpu_316-2_dp_firmwaresinamics_dcmsimatic_pn\/pn_coupler_6es7158-3ad01-0xa0sinamics_sm120scalance_x-200irt_firmwaresinamics_g120simatic_s7-300_cpu_315-2_dpsimatic_s7-300_cpu_315_firmwaresimotion_firmwaresimotionsinumerik_828dcp1616_firmwaresinamics_sl150_firmwaresinamics_s150ek-ertec_200ek-ertec_200_firmwaresinamics_dcp_firmwaresimatic_s7-300_cpusimatic_s7-300_cpu_314_firmwaresimatic_s7-400_v6_firmwarecp1604simatic_s7-300_cpu_314ek-ertec_200p_firmwaresimatic_et_200m_firmwaresimatic_s7-300_cpu_318-2_firmwaresimatic_s7-300_cpu_313_firmwaresimatic_et_200ssimatic_s7-400_dp_v7_firmwaredk_standard_ethernet_controller_firmwaresimatic_s7-300_cpu_318-2sinamics_s110sinamics_gm150_firmwaresinamics_g150sinamics_g130simatic_s7-300_cpu_315-2_dp_firmwaresimatic_s7-300_cpu_315simatic_s7-300_cpu_312_ifm_firmwaresinamics_g110mek-ertec_200psinamics_g110m_firmwaresinamics_gh150_firmwaresinamics_dcpsinamics_sl150simatic_et_200ecopnsimatic_pn\/pn_coupler_6es7158-3ad01-0xa0_firmwaresimatic_s7-300_cpu_314_ifmsimatic_s7-300_cpu_312_ifmsimatic_s7-300_cpu_314_ifm_firmwaresimatic_s7-300_cpu_316-2_dpsinamics_sm120_firmwaresinamics_g150_firmwaresinamics_s120sinamics_g130_firmwaresinamics_s120_firmwaresimatic_winac_rtx_\(f\)_firmwaresinamics_s110_firmwaresinamics_g120_firmwareSINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants)SINAMICS SM120 V4.7 Control UnitSIPLUS ET 200SP IM 155-6 PN STSIMATIC ET 200MP IM 155-5 PN STSIPLUS ET 200S IM 151-8 PN/DP CPUSIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 317T-3 PN/DPSINUMERIK 828DSINAMICS GL150 V4.7 Control UnitSIPLUS S7-300 CPU 317F-2 PN/DPSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIPLUS ET 200SP IM 155-6 PN HFDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN: IO-Link MasterSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC ET 200SP IM 155-6 PN HFSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS S7-300 CPU 314C-2 PN/DPSCALANCE X-200IRT family (incl. SIPLUS NET variants)SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMATIC S7-400 CPU 416-3 PN/DP V7SIMATIC S7-300 CPU 315F-2 PN/DPSINUMERIK 840D slSIMATIC ET 200pro IM 154-8 PN/DP CPUSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SINAMICS G150SINAMICS GH150 V4.7 Control UnitSIMATIC S7-300 CPU 314C-2 PN/DPSINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants)SIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC S7-400 CPU 414-3 PN/DP V7SINAMICS DCPSIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC WinAC RTX 2010SIMATIC ET 200pro IM 154-3 PN HFSIMATIC ET 200M (incl. SIPLUS variants)SIPLUS S7-400 CPU 416-3 PN/DP V7SIMATIC ET 200S IM 151-8 PN/DP CPUSIMATIC S7-400 CPU 416F-3 PN/DP V7SINAMICS GM150 V4.7 Control UnitSIMATIC CP 1616Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC S7-400 CPU 414F-3 PN/DP V7SIMATIC ET 200S IM 151-8F PN/DP CPUSIMATIC ET 200pro IM 154-8F PN/DP CPUDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC ET 200MP IM 155-5 PN HFSIMATIC S7-300 CPU 319F-3 PN/DPSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIMATIC S7-300 CPU 317-2 PN/DPSIMATIC ET 200SP IM 155-6 PN ST BASIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC ET 200SP IM 155-6 PN STSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIPLUS S7-300 CPU 317-2 PN/DPSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIPLUS ET 200S IM 151-8F PN/DP CPUSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC CP 1604SIMATIC S7-400 CPU 412-2 PN V7SIPLUS ET 200MP IM 155-5 PN HFSINAMICS DCMSIMOTIONSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC ET200S (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SIMATIC S7-300 CPU 317F-2 PN/DPSIMATIC WinAC RTX F 2010SINAMICS S150SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SINAMICS G110M V4.7 Control UnitSINAMICS G130SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC ET 200pro IM 154-8FX PN/DP CPUSIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200MP IM 155-5 PN STSINAMICS SL150 V4.7 Control UnitSIMATIC S7-300 CPU 315T-3 PN/DPSINAMICS S110 Control Unit
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-37195
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.58%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 10:21
Updated-19 Sep, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests. This could allow local attackers with administrative privileges to cause a denial of service situation on the host. A physical power cycle is required to get the system working again.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cp_1604_firmwaresimatic_cp_1616simatic_cp_1628_firmwaresimatic_cp_1626_firmwaresimatic_cp_1604simatic_cp_1623_firmwaresimatic_cp_1623simatic_cp_1628simatic_cp_1616_firmwaresimatic_cp_1626SIMATIC CP 1628SIMATIC CP 1604SIMATIC CP 1626SIMATIC CP 1616SIMATIC CP 1623
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-10953
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-0.48% / 65.79%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 14:02
Updated-04 Jun, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.

Action-Not Available
Vendor-wagoWAGOSiemens AGSchneider Electric SEABBPhoenix Contact GmbH & Co. KG
Product-pfc100modicon_m2216es7211-1ae40-0xb0bacnet\/ip6ed1052-1cc01-0ba8_firmware6es7211-1ae40-0xb0_firmwarepm554-tp-eth_firmwareethernet6es7314-6eh04-0ab0_firmware6es7314-6eh04-0ab0knx_ipmodicon_m221_firmwareilc_151_ethknx_ip_firmwarebacnet\/ip_firmware6ed1052-1cc01-0ba8pfc100_firmwareethernet_firmwareilc_151_eth_firmwarepm554-tp-eth6ES7211-1AE40-0XB0 Simatic S7-1211750-8100 Controller PFC100ILC 191 ETH 2TX750-889 Controller KNX IP2700974 ILC 151 ETH750-880 Controller ETH6ED1052-1CC01-0BA8 Logo! 8750-831 Controller BACnet/IPModicon M221EcoStruxure Machine Expert – Basic6ES7314-6EH04-0AB0 Simatic S7-3141SAP120600R0071 PM554-TP-ETH
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-35921
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.08% / 78.34%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-13 Nov, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted Ethernet frames sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-simatic_mv540_s_firmwaresimatic_mv540_ssimatic_mv560_x_firmwaresimatic_mv560_usimatic_mv560_u_firmwaresimatic_mv550_s_firmwaresimatic_mv540_hsimatic_mv550_h_firmwaresimatic_mv550_ssimatic_mv560_xsimatic_mv550_hsimatic_mv540_h_firmwareSIMATIC MV560 USIMATIC MV540 SSIMATIC MV540 HSIMATIC MV550 HSIMATIC MV550 SSIMATIC MV560 Xsimatic_mv540_ssimatic_mv560_usimatic_mv540_hsimatic_mv550_ssimatic_mv560_xsimatic_mv550_h
CWE ID-CWE-400
Uncontrolled Resource Consumption
  • Previous
  • 1
  • 2
  • Next
Details not found