Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-44221

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-12 Jul, 2022 | 10:06
Updated At-04 Aug, 2024 | 04:17
Rejected At-
Credits

A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:12 Jul, 2022 | 10:06
Updated At:04 Aug, 2024 | 04:17
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system.

Affected Products
Vendor
Siemens AGSiemens
Product
SIMATIC eaSie Core Package
Versions
Affected
  • All versions < V22.00
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20: Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20: Improper Input Validation
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf
x_refsource_MISC
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf
x_refsource_MISC
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:12 Jul, 2022 | 10:15
Updated At:15 Jul, 2022 | 19:00

A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Siemens AG
siemens
>>simatic_easie_core_package>>Versions before 22.00(exclusive)
cpe:2.3:a:siemens:simatic_easie_core_package:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE-20Secondaryproductcert@siemens.com
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdfproductcert@siemens.com
Patch
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf
Source: productcert@siemens.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1811Records found
CVE-2023-39269
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.22% / 45.02%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:20
Updated-12 Aug, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2100PNC (32M) V4.X, RUGGEDCOM RSG2100PNC (32M) V5.X, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. The web server of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause total loss of availability of the web server, which might recover after the attack is over.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rsg2488ncruggedcom_rs969ruggedcom_rsg2100_\(32m\)ruggedcom_rsg2100ruggedcom_rsg2300pruggedcom_rsg910cruggedcom_rs416ruggedcom_rs900_\(32m\)ruggedcom_i802ncruggedcom_m969fruggedcom_rosruggedcom_m2100ruggedcom_rs910lncruggedcom_rsg2300fruggedcom_rs900mnc-stnd-xxruggedcom_rs930wruggedcom_rmc8388ruggedcom_rsg2200ruggedcom_rsg2300ncruggedcom_rs969ncruggedcom_rsl910ncruggedcom_m2200fruggedcom_rs1600ruggedcom_rs910lruggedcom_rsg2288ncruggedcom_rs900m-stnd-c01ruggedcom_m969ruggedcom_rs900g_\(32m\)ruggedcom_rsg2200ncruggedcom_rs900m-stnd-xxruggedcom_rsg2100nc\(32m\)ruggedcom_m969ncruggedcom_i801ncruggedcom_rs900nc\(32m\)ruggedcom_rsg2300pfruggedcom_m2100fruggedcom_rsg2488fruggedcom_rsl910ruggedcom_rs900lruggedcom_rs401ncruggedcom_rs900lncruggedcom_rs900m-gets-c01ruggedcom_rs900ncruggedcom_rs900mnc-gets-c01ruggedcom_rs920wruggedcom_rs8000aruggedcom_rs416v2ruggedcom_rst916cruggedcom_rsg2300ruggedcom_rs8000ancruggedcom_rst2228pruggedcom_rs8000ncruggedcom_rsg908cruggedcom_i803ruggedcom_rmc30ncruggedcom_rs930lncruggedcom_rsg2488ruggedcom_rs900gruggedcom_rs416pnc_v2ruggedcom_rs8000tncruggedcom_rsg2288ruggedcom_rs900gfruggedcom_rs940gruggedcom_rsg920pncruggedcom_rsg2100fruggedcom_rmc8388ncruggedcom_rs910ruggedcom_rs930lruggedcom_rsg907rruggedcom_rs1600tncruggedcom_rs900gpncruggedcom_rs8000hncruggedcom_rs900wruggedcom_rp110ncruggedcom_rs900gncruggedcom_rsg2100pncruggedcom_i801ruggedcom_rs940gncruggedcom_rs416pncruggedcom_rsg2100pfruggedcom_rs416ncruggedcom_i800ruggedcom_rs900mnc-gets-xxruggedcom_rs940gfruggedcom_rst2228ruggedcom_i800ncruggedcom_rsg909rruggedcom_rs1600truggedcom_rs401ruggedcom_rs900ruggedcom_rs8000truggedcom_rs416pv2ruggedcom_rs416fruggedcom_rp110ruggedcom_rs920lncruggedcom_i803ncruggedcom_i802ruggedcom_rs910wruggedcom_m2200ncruggedcom_rsg2100pruggedcom_rs900gpfruggedcom_rs8000ruggedcom_rst916pruggedcom_rs900fruggedcom_rsg2200fruggedcom_rs1600ncruggedcom_rsg2100ncruggedcom_rs900gpruggedcom_rs900mnc-stnd-xx-c01ruggedcom_rsg920pruggedcom_rs416pruggedcom_rs900m-gets-xxruggedcom_m2100ncruggedcom_rs1600fruggedcom_m2200ruggedcom_rs416nc_v2ruggedcom_rs400ruggedcom_rs8000hruggedcom_rs1600fncruggedcom_rs416pfruggedcom_rs400fruggedcom_rsg2300pncruggedcom_rs920lruggedcom_rs910ncruggedcom_rs900gnc\(32m\)ruggedcom_rs400ncruggedcom_rmc30RUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS900MNC-STND-XX-C01RUGGEDCOM RSG920P V4.XRUGGEDCOM RS401NCRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS920LNCRUGGEDCOM RS910LRUGGEDCOM RS930WRUGGEDCOM RSG2100NC(32M) V5.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2288NC V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600RUGGEDCOM i801NCRUGGEDCOM RS940GRUGGEDCOM RSG2100NC(32M) V4.XRUGGEDCOM i800NCRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RS8000NCRUGGEDCOM RS400FRUGGEDCOM RS900NC(32M) V4.XRUGGEDCOM RS920LRUGGEDCOM RMC8388 V4.XRUGGEDCOM RS8000HRUGGEDCOM RS900LNCRUGGEDCOM RS8000TRUGGEDCOM RS910NCRUGGEDCOM RS416PFRUGGEDCOM RS900GRUGGEDCOM M2100FRUGGEDCOM RS900M-STND-XXRUGGEDCOM RS900WRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS900MNC-STND-XXRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RSG910CRUGGEDCOM RSG2300PFRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS1600NCRUGGEDCOM RS969RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RSG909RRUGGEDCOM RS416FRUGGEDCOM RS900GPFRUGGEDCOM RSG2100PRUGGEDCOM RS930LNCRUGGEDCOM RS416PRUGGEDCOM RSG920P V5.XRUGGEDCOM RSG2200NCRUGGEDCOM RS8000HNCRUGGEDCOM RSG2300PNC V5.XRUGGEDCOM RSG2288 V5.XRUGGEDCOM RS1600FRUGGEDCOM RS416NCRUGGEDCOM RS930LRUGGEDCOM RSG907RRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS910WRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS940GNCRUGGEDCOM RS900GNCRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RMC8388NC V5.XRUGGEDCOM RS940GFRUGGEDCOM RS910LNCRUGGEDCOM RSG2288NC V4.XRUGGEDCOM RSG2488 V5.XRUGGEDCOM RMC30RUGGEDCOM RS900GFRUGGEDCOM RS8000ANCRUGGEDCOM RMC8388NC V4.XRUGGEDCOM RS1600TRUGGEDCOM M969FRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RS400NCRUGGEDCOM RS900MNC-GETS-C01RUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2488NC V4.XRUGGEDCOM M2200FRUGGEDCOM RP110RUGGEDCOM i801RUGGEDCOM RS416v2 V4.XRUGGEDCOM RS416NCv2 V4.XRUGGEDCOM RS8000TNCRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM RS900FRUGGEDCOM M2200RUGGEDCOM RS900MNC-GETS-XXRUGGEDCOM RSG2300NC V5.XRUGGEDCOM RS900GNC(32M) V4.XRUGGEDCOM RS900RUGGEDCOM RSG2100RUGGEDCOM M969NCRUGGEDCOM RS416PNCRUGGEDCOM RS1600FNCRUGGEDCOM RS400RUGGEDCOM RS900NC(32M) V5.XRUGGEDCOM RS1600TNCRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM M969RUGGEDCOM RS416PNCv2 V4.XRUGGEDCOM M2200NCRUGGEDCOM RS8000ARUGGEDCOM i803RUGGEDCOM RSG2100PNCRUGGEDCOM RSG920PNC V5.XRUGGEDCOM RSG2100NCRUGGEDCOM RSG2488FRUGGEDCOM RP110NCRUGGEDCOM RSG2200RUGGEDCOM RSG2488NC V5.XRUGGEDCOM RSL910NCRUGGEDCOM RS969NCRUGGEDCOM RS416RUGGEDCOM RST2228PRUGGEDCOM i800RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-GETS-XXRUGGEDCOM RST916PRUGGEDCOM RS416PNCv2 V5.XRUGGEDCOM RS416NCv2 V5.XRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSL910RUGGEDCOM RSG2100PFRUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RS900GPNCRUGGEDCOM RSG2100FRUGGEDCOM RSG2488 V4.XRUGGEDCOM i802RUGGEDCOM RS900GNC(32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS401RUGGEDCOM RSG2300NC V4.XRUGGEDCOM RSG920PNC V4.XRUGGEDCOM i802NCRUGGEDCOM i803NCRUGGEDCOM M2100RUGGEDCOM RSG2300FRUGGEDCOM RSG2300PNC V4.XRUGGEDCOM RS900NCRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RMC30NCRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSG2200FRUGGEDCOM M2100NCRUGGEDCOM RSG2100P (32M) V5.X
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-13942
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.28%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). An unauthorized user could exploit a buffer overflow vulnerability in the webserver. Specially crafted packets sent could cause a Denial-of-Service condition and if certain conditions are met, the affected devices must be restarted manually to fully recover. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-en100_ethernet_module_with_firmware_variant_profinet_ioen100_ethernet_module_with_firmware_variant_modbus_tcpen100_ethernet_module_with_firmware_variant_iec_61850en100_ethernet_module_with_firmware_variant_dnp3_tcpen100_ethernet_module_with_firmware_variant_iec104en100_ethernet_moduleEN100 Ethernet module PROFINET IO variantEN100 Ethernet module DNP3 variantEN100 Ethernet module IEC104 variantEN100 Ethernet module Modbus TCP variantEN100 Ethernet module IEC 61850 variant
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-10942
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.54% / 66.50%
||
7 Day CHG~0.00%
Published-13 Aug, 2019 | 18:55
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X204RNA (HSR) (All versions), SCALANCE X204RNA (PRP) (All versions), SCALANCE X204RNA EEC (HSR) (All versions), SCALANCE X204RNA EEC (PRP) (All versions), SCALANCE X204RNA EEC (PRP/HSR) (All versions). The device contains a vulnerability that could allow an attacker to trigger a denial-of-service condition by sending large message packages repeatedly to the telnet service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_x-200_firmwarescalance_x-200scalance_x-200rnascalance_x-200irtscalance_x-200rna_firmwarescalance_x-200irt_firmwareSCALANCE X204RNA EEC (PRP)SCALANCE X204RNA EEC (HSR)SCALANCE X204RNA (PRP)SCALANCE X-200 switch family (incl. SIPLUS NET variants)SCALANCE X204RNA (HSR)SCALANCE X204RNA EEC (PRP/HSR)SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-10931
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.78%
||
7 Day CHG~0.00%
Published-11 Jul, 2019 | 21:17
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering software (All versions < V7.90), SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.90), SIPROTEC 5 device types 7SS85 and 7KE85 (All versions < V8.01), SIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.59), SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.59). Specially crafted packets sent to port 443/TCP could cause a Denial of Service condition.

Action-Not Available
Vendor-Siemens AG
Product-6md857sa867sj826md867um857sj857ut867ss85siprotec_5_digsi_device_driver7sa877vk877ve856md897ut877sa827ut857sl827sd867ke857sl867sd827sk857sk827ut827sd877sj867sl87digsi_5_engineering_softwareSIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modulesAll other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modulesSIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modulesDIGSI 5 engineering softwareSIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modulesSIPROTEC 5 device types 7SS85 and 7KE85
CWE ID-CWE-248
Uncaught Exception
CVE-2023-35921
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.73% / 71.85%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-13 Nov, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted Ethernet frames sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-simatic_mv540_s_firmwaresimatic_mv540_ssimatic_mv560_x_firmwaresimatic_mv560_usimatic_mv560_u_firmwaresimatic_mv550_s_firmwaresimatic_mv540_hsimatic_mv550_h_firmwaresimatic_mv550_ssimatic_mv560_xsimatic_mv550_hsimatic_mv540_h_firmwareSIMATIC MV560 USIMATIC MV540 SSIMATIC MV540 HSIMATIC MV550 HSIMATIC MV550 SSIMATIC MV560 Xsimatic_mv540_ssimatic_mv560_usimatic_mv540_hsimatic_mv550_ssimatic_mv560_xsimatic_mv550_h
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-10953
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-0.72% / 71.53%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 14:02
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.

Action-Not Available
Vendor-wagon/aABBPhoenix Contact GmbH & Co. KGSiemens AG
Product-ethernet_firmwarebacnet\/ip6es7211-1ae40-0xb0modicon_m221_firmwareknx_ip_firmwareknx_ipethernet6es7314-6eh04-0ab0modicon_m221pm554-tp-eth_firmware6es7314-6eh04-0ab0_firmware6ed1052-1cc01-0ba8pm554-tp-eth6es7211-1ae40-0xb0_firmwarepfc100_firmwarepfc100ilc_151_eth_firmwarebacnet\/ip_firmware6ed1052-1cc01-0ba8_firmwareilc_151_ethABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-51440
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.34% / 55.96%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 09:00
Updated-16 Dec, 2024 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) (All versions). Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets.

Action-Not Available
Vendor-Siemens AG
Product-siplus_net_cp_343-1_lean_firmwaresimatic_cp_343-1_leansimatic_cp_343-1simatic_cp_343-1_lean_firmwaresiplus_net_cp_343-1_leansiplus_net_cp_343-1_firmwaresimatic_cp_343-1_firmwaresiplus_net_cp_343-1SIPLUS NET CP 343-1SIMATIC CP 343-1SIPLUS NET CP 343-1 LeanSIMATIC CP 343-1 Lean
CWE ID-CWE-940
Improper Verification of Source of a Communication Channel
CVE-2019-10923
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.53%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 13:49
Updated-11 Feb, 2025 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-300_cpu_313simatic_winac_rtx_\(f\)cp1604_firmwaresinamics_s150_firmwaresimatic_et_200mdk_standard_ethernet_controllersinamics_dcm_firmwaresimatic_s7-400_v6sinamics_gm150simatic_et_200ecopn_firmwaresinamics_gl150_firmwaresimatic_s7-400_pn_v7_firmwaresimatic_s7-400_dp_v7sinamics_gl150sinumerik_840d_slscalance_x-200irtsimatic_s7-300_cpu_firmwaresimatic_s7-400_pn_v7sinamics_gh150cp1616simatic_et_200s_firmwaresimatic_s7-300_cpu_316-2_dp_firmwaresinamics_dcmsimatic_pn\/pn_coupler_6es7158-3ad01-0xa0sinamics_sm120scalance_x-200irt_firmwaresinamics_g120simatic_s7-300_cpu_315-2_dpsimatic_s7-300_cpu_315_firmwaresimotion_firmwaresimotionsinumerik_828dcp1616_firmwaresinamics_sl150_firmwaresinamics_s150ek-ertec_200ek-ertec_200_firmwaresinamics_dcp_firmwaresimatic_s7-300_cpusimatic_s7-300_cpu_314_firmwaresimatic_s7-400_v6_firmwarecp1604simatic_s7-300_cpu_314ek-ertec_200p_firmwaresimatic_et_200m_firmwaresimatic_s7-300_cpu_318-2_firmwaresimatic_s7-300_cpu_313_firmwaresimatic_et_200ssimatic_s7-400_dp_v7_firmwaredk_standard_ethernet_controller_firmwaresimatic_s7-300_cpu_318-2sinamics_s110sinamics_gm150_firmwaresinamics_g150sinamics_g130simatic_s7-300_cpu_315-2_dp_firmwaresimatic_s7-300_cpu_315simatic_s7-300_cpu_312_ifm_firmwaresinamics_g110mek-ertec_200psinamics_g110m_firmwaresinamics_gh150_firmwaresinamics_dcpsinamics_sl150simatic_et_200ecopnsimatic_pn\/pn_coupler_6es7158-3ad01-0xa0_firmwaresimatic_s7-300_cpu_314_ifmsimatic_s7-300_cpu_312_ifmsimatic_s7-300_cpu_314_ifm_firmwaresimatic_s7-300_cpu_316-2_dpsinamics_sm120_firmwaresinamics_g150_firmwaresinamics_s120sinamics_g130_firmwaresinamics_s120_firmwaresimatic_winac_rtx_\(f\)_firmwaresinamics_s110_firmwaresinamics_g120_firmwareSINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants)SINAMICS SM120 V4.7 Control UnitSIPLUS ET 200SP IM 155-6 PN STSIMATIC ET 200MP IM 155-5 PN STSIPLUS ET 200S IM 151-8 PN/DP CPUSIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 317T-3 PN/DPSINUMERIK 828DSINAMICS GL150 V4.7 Control UnitSIPLUS S7-300 CPU 317F-2 PN/DPSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIPLUS ET 200SP IM 155-6 PN HFDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN: IO-Link MasterSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC ET 200SP IM 155-6 PN HFSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS S7-300 CPU 314C-2 PN/DPSCALANCE X-200IRT family (incl. SIPLUS NET variants)SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMATIC S7-400 CPU 416-3 PN/DP V7SIMATIC S7-300 CPU 315F-2 PN/DPSINUMERIK 840D slSIMATIC ET 200pro IM 154-8 PN/DP CPUSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SINAMICS G150SINAMICS GH150 V4.7 Control UnitSIMATIC S7-300 CPU 314C-2 PN/DPSINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants)SIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC S7-400 CPU 414-3 PN/DP V7SINAMICS DCPSIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC WinAC RTX 2010SIMATIC ET 200pro IM 154-3 PN HFSIMATIC ET 200M (incl. SIPLUS variants)SIPLUS S7-400 CPU 416-3 PN/DP V7SIMATIC ET 200S IM 151-8 PN/DP CPUSIMATIC S7-400 CPU 416F-3 PN/DP V7SINAMICS GM150 V4.7 Control UnitSIMATIC CP 1616Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC S7-400 CPU 414F-3 PN/DP V7SIMATIC ET 200S IM 151-8F PN/DP CPUSIMATIC ET 200pro IM 154-8F PN/DP CPUDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC ET 200MP IM 155-5 PN HFSIMATIC S7-300 CPU 319F-3 PN/DPSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIMATIC S7-300 CPU 317-2 PN/DPSIMATIC ET 200SP IM 155-6 PN ST BASIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC ET 200SP IM 155-6 PN STSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIPLUS S7-300 CPU 317-2 PN/DPSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIPLUS ET 200S IM 151-8F PN/DP CPUSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC CP 1604SIMATIC S7-400 CPU 412-2 PN V7SIPLUS ET 200MP IM 155-5 PN HFSINAMICS DCMSIMOTIONSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC ET200S (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SIMATIC S7-300 CPU 317F-2 PN/DPSIMATIC WinAC RTX F 2010SINAMICS S150SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SINAMICS G110M V4.7 Control UnitSINAMICS G130SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC ET 200pro IM 154-8FX PN/DP CPUSIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200MP IM 155-5 PN STSINAMICS SL150 V4.7 Control UnitSIMATIC S7-300 CPU 315T-3 PN/DPSINAMICS S110 Control Unit
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-28831
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.43% / 61.61%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 09:32
Updated-21 Aug, 2025 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500_cpu_1514sp-2_pnsimatic_s7-plcsim_advanced_firmwaresimatic_s7-1500_cpu_1514sp-2_pn_firmwaresimatic_s7-1500_et_200pro_firmwaresimatic_s7-1500_cpu_1512sp_f-1_pnsimatic_s7-1500_cpu_1511c-1_pn_firmwaresiplus_s7-1500_cpu_1518hf-4_pnsimatic_s7-1500_cpu_1515t-2_pnsiplus_et_200sp_cpu_1512sp-1_pnsiplus_s7-1500_cpu_1511-1_pnsimatic_s7-1500_cpu_1512sp-1_pnsiplus_s7-1500_cpu_1515f-2_pnsiplus_s7-1500_cpu_1516-3_pn\/dp_tx_railsimatic_s7-1500_cpu_1515-2_pnsimatic_s7-1500_cpu_1515r-2_pn_firmwaresimatic_s7-1500_cpu_1515f-2_pn_firmwaresimatic_s7-1500_cpu_1511t-1_pnsiplus_s7-1500_cpu_1517h-3_pnsimatic_s7-1500_cpu_1518-4_pn\/dpsimatic_s7-1500_cpu_1517t-3_pn\/dpsiplus_et_200sp_cpu_1510sp_f-1_pnsiplus_et_200sp_cpu_1512sp_f-1_pn_rail_firmwaresimatic_s7-1500_cpu_1510sp-1_pn_firmwaresimatic_s7-1500_cpu_1518hf-4_pnsimatic_s7-1500_cpu_1510sp_f-1_pnsimatic_s7-1500_cpu_1515f-2_pnsimatic_s7-1500_cpu_1516-3_pn\/dpsimatic_s7-1500_cpu_1513f-1_pn_firmwaresiplus_s7-1500_cpu_1516-3_pn\/dp_railsimatic_s7-1500_cpu_s7-1518f-4_pn\/dp_odk_firmwaresimatic_s7-1500_cpu_1518f-4_pn\/dp_mfpsiplus_et_200sp_cpu_1512sp_f-1_pn_railsimatic_s7-1500_cpu_1516t-3_pn\/dpsimatic_s7-1500_cpu_1514spt_f-2_pnsimatic_s7-1500_cpu_1513f-1_pnsimatic_s7-1500_cpu_1516tf-3_pn\/dpsiplus_s7-1500_cpu_1516f-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1515f-2_pn_t2_railsiplus_s7-1500_cpu_1516-3_pn\/dp_tx_rail_firmwaresimatic_s7-1500_cpu_1514spt-2_pn_firmwaresimatic_s7-1500_cpu_1513r-1_pn_firmwaresimatic_s7-1500_cpu_1518hf-4_pn_firmwaresimatic_s7-1500_cpu_1515tf-2_pn_firmwaresiplus_et_200sp_cpu_1510sp-1_pn_firmwaresiplus_et_200sp_cpu_1512sp-1_pn_railsiplus_s7-1500_cpu_1518-4_pn\/dp_firmwaresiplus_s7-1500_cpu_1513f-1_pnsimatic_s7-1500_cpu_1517tf-3_pn\/dpsiplus_s7-1500_cpu_1515r-2_pn_firmwaresiplus_s7-1500_cpu_1518-4_pn\/dp_mfpsimatic_s7-1500_cpu_1510sp_f-1_pn_firmwaresiplus_s7-1500_cpu_1513-1_pn_firmwaresimatic_s7-1500_cpu_1517-3_pn\/dp_firmwaresimatic_drive_controller_cpu_1507d_tf_firmwaresiplus_s7-1500_cpu_1511-1_pn_firmwaresiplus_s7-1500_cpu_1516-3_pn\/dp_rail_firmwaresimatic_s7-1500_cpu_1516tf-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1511-1_pn_t1_rail_firmwaresimatic_s7-1500_cpu_1515tf-2_pnsimatic_s7-1500_software_controller_firmwaresimatic_s7-1500_cpu_1515r-2_pnsimatic_s7-1500_cpu_1518t-4_pn\/dpsimatic_cloud_connect_7_cc712_firmwaresiplus_s7-1500_cpu_1516-3_pn\/dpsimatic_drive_controller_cpu_1504d_tf_firmwaresimatic_s7-1500_cpu_1513-1_pnsimatic_s7-1200_cpu_firmwaresimatic_s7-1500_cpu_1514spt_f-2_pn_firmwaresimatic_s7-1500_cpu_1513r-1_pnsimatic_s7-1500_cpu_1518tf-4_pn\/dpsimatic_s7-1500_cpu_1511f-1_pn_firmwaresimatic_s7-1500_cpu_1518t-4_pn\/dp_firmwaresimatic_s7-plcsim_advancedsimatic_s7-1500_cpu_1518f-4_pn\/dp_mfp_firmwaresimatic_s7-1500_cpu_1516t-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1511-1_pn_tx_rail_firmwaresiplus_s7-1500_cpu_1511-1_pn_tx_railsimatic_s7-1500_cpu_1517h-3_pnsimatic_s7-1500_cpu_1512sp-1_pn_firmwaresiplus_et_200sp_cpu_1510sp_f-1_pn_railsiplus_s7-1500_cpu_1513f-1_pn_firmwaresimatic_s7-1200_cpusimatic_cloud_connect_7_cc716_firmwaresimatic_s7-1500_et_200prosimatic_s7-1500_cpu_1514spt-2_pnsimatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwaresimatic_s7-1500_cpu_1517f-3_pn\/dp_firmwaresiplus_et_200sp_cpu_1510sp_f-1_pn_rail_firmwaresiplus_s7-1500_cpu_1515f-2_pn_rail_firmwaresimatic_s7-1500_cpu_1511tf-1_pnsimatic_s7-1500_cpu_1515-2_pn_firmwaresimatic_s7-1500_cpu_1518-4_pn\/dp_mfpsiplus_s7-1500_cpu_1515f-2_pn_t2_rail_firmwaresiplus_et_200sp_cpu_1510sp-1_pn_railsimatic_s7-1500_cpu_1511f-1_pnsiplus_et_200sp_cpu_1512sp_f-1_pnsiplus_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwaresimatic_s7-1500_cpu_1510sp-1_pnsiplus_s7-1500_cpu_1511-1_pn_t1_railsiplus_et_200sp_cpu_1510sp-1_pnsimatic_s7-1500_cpu_1511-1_pnsimatic_s7-1500_cpu_1518-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1518f-4_pn\/dp_firmwaresiplus_s7-1500_cpu_1516f-3_pn\/dpsimatic_s7-1500_cpu_1511c-1_pnsiplus_s7-1500_cpu_1515r-2_pn_tx_railsiplus_et_200sp_cpu_1512sp-1_pn_firmwaresimatic_drive_controller_cpu_1504d_tfsiplus_et_200sp_cpu_1512sp-1_pn_rail_firmwaresiplus_et_200sp_cpu_1512sp_f-1_pn_firmwaresiplus_et_200sp_cpu_1510sp_f-1_pn_firmwaresimatic_s7-1500_cpu_1511-1_pn_firmwaresimatic_s7-1500_cpu_1515t-2_pn_firmwaresiplus_s7-1500_cpu_1516f-3_pn\/dp_railsimatic_s7-1500_cpu_s7-1518-4_pn\/dp_odk_firmwaresimatic_s7-1500_cpu_s7-1518f-4_pn\/dp_odksiplus_s7-1500_cpu_1518-4_pn\/dpsimatic_s7-1500_cpu_1517h-3_pn_firmwaresimatic_s7-1500_cpu_s7-1518-4_pn\/dp_odksiplus_et_200sp_cpu_1510sp-1_pn_rail_firmwaresimatic_s7-1500_cpu_1517t-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1518f-4_pn\/dpsiplus_s7-1500_cpu_1516f-3_pn\/dp_rail_firmwaresimatic_s7-1500_cpu_1517-3_pn\/dpsiplus_s7-1500_cpu_1515r-2_pn_tx_rail_firmwaresiplus_s7-1500_cpu_1517h-3_pn_firmwaresimatic_s7-1500_cpu_1512c-1_pn_firmwaresimatic_s7-1500_cpu_1516-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1516f-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1511f-1_pnsiplus_s7-1500_cpu_1515f-2_pn_railsimatic_drive_controller_cpu_1507d_tfsimatic_s7-1500_cpu_1511tf-1_pn_firmwaresiplus_s7-1500_cpu_1518hf-4_pn_firmwaresimatic_s7-1500_cpu_1514sp_f-2_pn_firmwaresimatic_s7-1500_cpu_1517f-3_pn\/dpsimatic_s7-1500_cpu_1512c-1_pnsiplus_s7-1500_cpu_1511f-1_pn_firmwaresimatic_s7-1500_cpu_1513-1_pn_firmwaresiplus_s7-1500_cpu_1513-1_pnsiplus_s7-1500_cpu_1518f-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1516f-3_pn\/dpsimatic_s7-1500_cpu_1517tf-3_pn\/dp_firmwaresimatic_cloud_connect_7_cc712simatic_s7-1500_cpu_1512sp_f-1_pn_firmwaresimatic_s7-1500_cpu_1514sp_f-2_pnsiplus_s7-1500_cpu_1516-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1518f-4_pn\/dpsimatic_s7-1500_cpu_1518tf-4_pn\/dp_firmwaresiplus_s7-1500_cpu_1515r-2_pnsimatic_s7-1500_cpu_1511t-1_pn_firmwaresimatic_s7-1500_software_controllersimatic_et_200sp_open_controller_cpu_firmwaresiplus_s7-1500_cpu_1515f-2_pn_firmwaresimatic_cloud_connect_7_cc716simatic_et_200sp_open_controller_cpuSIPLUS S7-1500 CPU 1511F-1 PNSIMATIC ET 200SP CPU 1512SP-1 PNSIPLUS ET 200SP CPU 1512SP-1 PNSIPLUS ET 200SP CPU 1512SP-1 PN RAILSIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILSIMATIC S7-1500 CPU S7-1518-4 PN/DP ODKSIPLUS S7-1500 CPU 1511-1 PN T1 RAILSIPLUS ET 200SP CPU 1510SP F-1 PNSINUMERIK ONESIPLUS ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 CPU 1515-2 PNSIMATIC PCS 7 V9.1SIMATIC S7-1500 CPU 1518TF-4 PN/DPSIMATIC S7-PLCSIM AdvancedSIMATIC IPC DiagMonitorSIMATIC SISTARSIMATIC S7-1500 CPU 1517T-3 PN/DPSIMATIC S7-1500 CPU 1518T-4 PN/DPSIMATIC Comfort/Mobile RTSIPLUS S7-1500 CPU 1518-4 PN/DPSIMATIC WinCC Runtime Professional V18SIMATIC WinCC V7.5SIMATIC S7-1500 CPU 1518F-4 PN/DPSIMATIC S7-1500 CPU 1517TF-3 PN/DPSIMATIC WinCC OPC UA ClientSIMATIC S7-1500 CPU 1516F-3 PN/DPSIMATIC WinCC V8.0SIMATIC WinCC Runtime Professional V19SIMATIC S7-1500 Software Controller V2SIPLUS ET 200SP CPU 1510SP-1 PNSIMATIC ET 200SP CPU 1514SP F-2 PNSIMATIC S7-1500 CPU 1517-3 PN/DPSIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PNSIPLUS ET 200SP CPU 1510SP-1 PN RAILSIMATIC S7-1500 CPU 1516T-3 PN/DPSIPLUS S7-1500 CPU 1518F-4 PN/DPSIMATIC WinCC OA V3.17SIMATIC WinCC V7.4SIMATIC S7-1500 CPU 1516TF-3 PN/DPSIPLUS S7-1500 CPU 1516-3 PN/DP RAILSIMATIC S7-1500 CPU 1518-4 PN/DPSIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNSIMATIC PCS neo V4.0SIPLUS S7-1500 CPU 1515F-2 PN RAILSIMATIC NET PC Software V14SIMATIC NET PC Software V16SIMATIC WinCC OA V3.18SIMATIC ET 200SP CPU 1510SP F-1 PNSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 CPU 1511-1 PNSIMATIC S7-1500 CPU 1512C-1 PNSIMATIC ET 200SP CPU 1510SP-1 PNSIPLUS S7-1500 CPU 1516F-3 PN/DP RAILSIMATIC WinCC Unified OPC UA ServerSIMATIC S7-1500 CPU 1515T-2 PNSIMATIC WinCC Runtime Professional V17SIMATIC Drive Controller CPU 1507D TFSIMATIC ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PNSIPLUS S7-1500 CPU 1516F-3 PN/DPSIMATIC NET PC Software V18SIMATIC ET 200SP CPU 1514SPT F-2 PNSIMATIC WinCC OA V3.19SIMATIC S7-1500 CPU 1511C-1 PNSIMATIC ET 200SP CPU 1514SPT-2 PNSIPLUS S7-1500 CPU 1511-1 PNSIMATIC S7-1500 CPU 1511TF-1 PNSIMATIC S7-1500 Software Controller V3SIPLUS ET 200SP CPU 1512SP F-1 PN RAILSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC S7-1500 CPU 1511T-1 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SIMATIC Cloud Connect 7 CC716SIPLUS S7-1500 CPU 1515F-2 PN T2 RAILSIMATIC NET PC Software V17SIPLUS S7-1500 CPU 1516-3 PN/DPSIMATIC Cloud Connect 7 CC712SIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIPLUS S7-1500 CPU 1511-1 PN TX RAILSIMATIC S7-1500 CPU 1515F-2 PNSIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODKSIPLUS ET 200SP CPU 1510SP F-1 PN RAILSIPLUS S7-1500 CPU 1513-1 PNSIMATIC S7-1500 CPU 1516-3 PN/DPSIMATIC ET 200SP CPU 1514SP-2 PNSIMATIC Drive Controller CPU 1504D TFSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1517F-3 PN/DPSIPLUS S7-1500 CPU 1515F-2 PNSIMATIC S7-1500 CPU 1515TF-2 PNSIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNSIMATIC S7-1500 CPU 1513-1 PNSINUMERIK MCSIMATIC BRAUMATSIMATIC S7-1500 CPU 1513F-1 PNSIMATIC WinCC Runtime Professional V16
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-41991
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.20% / 83.76%
||
7 Day CHG~0.00%
Published-18 Oct, 2021 | 13:44
Updated-04 Aug, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility.

Action-Not Available
Vendor-strongswann/aDebian GNU/LinuxSiemens AGFedora Project
Product-siplus_s7-1200_cp_1243-1_railsimatic_cp_1242-7_gprs_v2_firmwaresimatic_cp_1542sp-1_firmwarescalance_sc646-2c_firmwaresiplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmwaresiplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmwaresimatic_cp_1243-1_firmwarescalance_sc622-2cscalance_sc646-2csinema_remote_connect_serversiplus_net_cp_1543-1_firmwaresiplus_s7-1200_cp_1243-1_rail_firmwarefedorasimatic_net_cp1243-7_lte_eu_firmwarescalance_sc632-2c_firmwaresimatic_net_cp_1545-1_firmwaresimatic_net_cp_1243-8_ircsimatic_cp_1242-7_gprs_v2scalance_sc622-2c_firmwaresiplus_s7-1200_cp_1243-1_firmwarecp_1543-1_firmwaresimatic_net_cp_1243-8_irc_firmwaresimatic_cp_1243-7_lte\/ussimatic_cp_1543sp-1simatic_cp_1243-7_lte\/us_firmwarestrongswansiplus_et_200sp_cp_1542sp-1_irc_tx_railsiplus_s7-1200_cp_1243-1scalance_sc636-2csimatic_cp_1542sp-1_ircscalance_sc642-2c_firmwaresimatic_cp_1243-1siplus_et_200sp_cp_1543sp-1_isecdebian_linuxsimatic_cp_1542sp-1_irc_firmwarecp_1543-1simatic_net_cp_1545-1simatic_cp_1543sp-1_firmwaresimatic_cp_1542sp-1scalance_sc642-2csiplus_et_200sp_cp_1543sp-1_isec_tx_railsiplus_et_200sp_cp_1543sp-1_isec_firmwaresiplus_net_cp_1543-1simatic_net_cp1243-7_lte_euscalance_sc636-2c_firmwarescalance_sc632-2cn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-29105
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.9||MEDIUM
EPSS-0.24% / 46.87%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 11:51
Updated-28 Jan, 2025 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS).

Action-Not Available
Vendor-Siemens AG
Product-6gk1411-1ac00_firmware6gk1411-5ac00_firmware6gk1411-1ac006gk1411-5ac00SIMATIC Cloud Connect 7 CC716SIMATIC Cloud Connect 7 CC712
CWE ID-CWE-544
Missing Standardized Error Handling Mechanism
CVE-2021-41545
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.54% / 66.50%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:46
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). When the controller receives a specific BACnet protocol packet, an exception causes the BACnet communication function to go into a “out of work” state and could result in the controller going into a “factory reset” state.

Action-Not Available
Vendor-Siemens AG
Product-desigo_dxr2desigo_pxc3_firmwaredesigo_pxc4desigo_dxr2_firmwaredesigo_pxc5_firmwaredesigo_pxc4_firmwaredesigo_pxc3desigo_pxc5Desigo PXC5Desigo PXC3Desigo DXR2Desigo PXC4
CWE ID-CWE-248
Uncaught Exception
CVE-2019-13925
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.29% / 51.59%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 15:36
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627-2M (All versions >= V3.0 and < V4.1). Specially crafted packets sent to port 443/tcp of affected devices could cause a Denial-of-Service condition of the web server.

Action-Not Available
Vendor-Siemens AG
Product-scalance_s623scalance_s612_firmwarescalance_s627-2m_firmwarescalance_s602scalance_s627-2mscalance_s602_firmwarescalance_s623_firmwarescalance_s612SCALANCE S627-2MSCALANCE S623SCALANCE S602SCALANCE S612
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13927
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.59% / 68.27%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 13:19
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web server (All firmware versions < V6.00.320). The device contains a vulnerability that could allow an attacker to cause a denial of service condition on the device's web server by sending a specially crafted HTTP message to the web server port (tcp/80). The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device's web service. While the device itself stays operational, the web server responds with HTTP status code 404 (Not found) to any further request. A reboot is required to recover the web interface. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-pxc22.1-e.dpxc22.1-e.d_firmwarepxa40-w2pxc64-upxc100-e.d_firmwarepxa40-w1pxa30-w0_firmwarepxc100-e.dpxc36.1-e.dpxc36-e.d_firmwarepxc00-e.dpxc128-u_firmwarepxc200-e.d_firmwarepxa30-w2pxa30-w1pxc128-upxa40-w1_firmwarepxa40-w0_firmwarepxc64-u_firmwarepxa30-w1_firmwarepxc00-u_firmwarepxc36.1-e.d_firmwarepxc50-e.dpxa40-w2_firmwarepxc200-e.dpxc00-e.d_firmwarepxa30-w2_firmwarepxc50-e.d_firmwarepxa30-w0pxa40-w0pxc36-e.dpxc00-uDesigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web serverDesigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2
CWE ID-CWE-472
External Control of Assumed-Immutable Web Parameter
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2018-5381
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-6.5||MEDIUM
EPSS-10.09% / 92.79%
||
7 Day CHG~0.00%
Published-19 Feb, 2018 | 13:00
Updated-16 Sep, 2024 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI, causing a denial of service.

Action-Not Available
Vendor-quaggaQuaggaDebian GNU/LinuxSiemens AGCanonical Ltd.
Product-ubuntu_linuxdebian_linuxquaggaruggedcom_rox_ii_firmwareruggedcom_rox_iibgpd
CWE ID-CWE-228
Improper Handling of Syntactically Invalid Structure
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2018-4837
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.48% / 80.20%
||
7 Day CHG~0.00%
Published-25 Jan, 2018 | 14:00
Updated-16 Sep, 2024 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with access to the TeleControl Server Basic's webserver (port 80/tcp or 443/tcp) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13946
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.55% / 67.01%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 15:36
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.

Action-Not Available
Vendor-Siemens AG
Product-simatic_et200al_im_157-1_pn_firmwaresimatic_rf182cscalance_xr526simatic_et200m_im153-4_pn_io_hf_firmwarescalance_xr552_firmwaresimatic_et200mp_im155-5_pn_st_firmwarescalance_xr552simatic_cp_1616ruggedcom_rm1224_firmwaresimatic_cp_1604simatic_et200sp_im155-6_pn_hfdk_standard_ethernet_controllerscalance_xr-300wgscalance_xp-200simatic_et200mp_im155-5_pn_hf_firmwarescalance_xf-200basimatic_ipc_supportscalance_x-400_firmwarescalance_x-300scalance_x-200irtsimatic_cp_443-1simatic_cp_343-1_erpcscalance_xf-200_firmwarescalance_xf-200simatic_et200sp_im155-6_pn_basicsimatic_et200sp_im155-6_pn_hf_firmwarescalance_s615_firmwaresimatic_cp_1616_firmwarescalance_xr524_firmwarescalance_w700_ieee_802.11n_firmwarescalance_m-800_firmwaresimatic_et200m_im153-4_pn_io_st_firmwaresimatic_cp_443-1_advanced_firmwarescalance_xc-200_firmwareprofinet_driversimatic_cp_343-1simatic_et200al_im_157-1_pnim_154-3_pn_hfsimatic_cp_343-1_lean_firmwaresimatic_mv420_firmwarescalance_xr-300wg_firmwaresimatic_mv420im_154-4_pn_hfsimatic_et200ecopnscalance_x-200irt_firmwaresimatic_et200s_firmwarescalance_xr526_firmwarescalance_x-300_firmwareek-ertec_200scalance_xr524simatic_rf600simatic_cp_443-1_opc_uaek-ertec_200_firmwaresinamics_dcp_firmwaresimatic_cp_443-1_advancedsimatic_mv440simatic_cp_343-1_firmwarescalance_xm-400simatic_et200pro_firmwaresimatic_cp_343-1_leanscalance_xf-200ba_firmwaresimatic_et200ecopn_firmwareek-ertec_200p_firmwarescalance_xr528_firmwarescalance_xr528simatic_rf180csimatic_mv440_firmwareruggedcom_rm1224scalance_x-400simatic_cp_1604_firmwarescalance_s615im_154-4_pn_hf_firmwaresimatic_cp_343-1_advanced_firmwaresimatic_cp_443-1_opc_ua_firmwaresimatic_rf600_firmwarescalance_w700_ieee_802.11nsimatic_pn\/pn_coupler_firmwaresimatic_et200m_im153-4_pn_io_stek-ertec_200psinamics_dcpsimatic_et200ssimatic_rf182c_firmwarescalance_xp-200_firmwaresimatic_et200sp_im155-6_pn_basic_firmwaresimatic_et200mp_im155-5_pn_stsimatic_cp_443-1_firmwarescalance_xb-200simatic_et200sp_im155-6_pn_st_firmwareim_154-3_pn_hf_firmwarescalance_xm-400_firmwaresimatic_cp_343-1_erpc_firmwaresimatic_et200proscalance_xb-200_firmwaresimatic_pn\/pn_couplersimatic_et200sp_im155-6_pn_stsimatic_et200mp_im155-5_pn_hfscalance_xc-200simatic_rf180c_firmwaresimatic_cp_343-1_advancedscalance_m-800simatic_et200m_im153-4_pn_io_hfSCALANCE XF208SIMOTION DSCALANCE XR324-4M EEC (24V, ports on front)SCALANCE X204IRTSCALANCE X307-2 EEC (2x 24V, coated)SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMOTION PSCALANCE XB-200 familySCALANCE X204-2TSSCALANCE X307-3SCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SIPLUS ET 200MP IM 155-5 PN HF T1 RAILSCALANCE X307-2 EEC (230V, coated)SIMATIC RF180CSIMATIC MV440 HRSIPLUS NET SCALANCE X308-2SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SIMATIC ET200ecoPN: IO-Link MasterSCALANCE X202-2P IRTSCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SIMATIC CP 443-1SOFTNET-IE PNIOSCALANCE S615 LAN-RouterSCALANCE X206-1LDSIMATIC CP 343-1 AdvancedSIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIMATIC ET 200M IM 153-4 PN IO HF (incl. SIPLUS variants)SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC MV420 SR-BSCALANCE XR-500 familySINAMICS DCPSIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SCALANCE XF204IRTSCALANCE X307-2 EEC (2x 230V)SIMATIC ET 200MP IM 155-5 PN STSCALANCE M826-2 SHDSL-RouterSCALANCE XF-200BASCALANCE X204IRT PROSIMATIC MV420 SR-PSCALANCE XP-200SIMATIC RF182CSIPLUS NET CP 443-1SIMOTION CSCALANCE X201-3P IRTSCALANCE M804PBSIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSCALANCE X206-1SCALANCE XF204SIMATIC MV420 SR-B BodyDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC IPC Support, Package for VxWorksSCALANCE X308-2LHSCALANCE XF204-2SCALANCE XR324-4M EEC (24V, ports on rear)SCALANCE XR324-4M PoE (24V, ports on front)SCALANCE XM-400 familySCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SCALANCE XF201-3P IRTSIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySCALANCE M816-1 ADSL-RouterSIMATIC MV440 SRSCALANCE M812-1 ADSL-RouterSCALANCE X307-2 EEC (2x 24V)SCALANCE X212-2SCALANCE X306-1LD FESCALANCE X308-2M TSSCALANCE M876-3SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200MP IM 155-5 PN ST TX RAILSCALANCE X201-3P IRT PROSCALANCE X302-7 EEC (2x 230V, coated)SCALANCE X320-1-2LD FESCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE XR324-12M TS (24V)SCALANCE XR324-12M (230V, ports on rear)SCALANCE XF204-2BA IRTSCALANCE X204-2FMSIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SIMATIC ET200ecoPN, 4AO U/I 4xM12SCALANCE X204-2LD TSSIMATIC ET 200SP IM 155-6 PN HFSCALANCE X302-7 EEC (24V, coated)SIMATIC CP 443-1 AdvancedSCALANCE XR-300WG familySCALANCE X224SIMATIC ET 200SP IM 155-6 PN STSIPLUS ET 200SP IM 155-6 PN HFPROFINET Driver for ControllerSIMATIC RF600R familySCALANCE M876-4 (NAM)SCALANCE M874-3SCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SIMATIC ET 200SP IM 155-6 PN BASCALANCE X208SCALANCE M876-3 (ROK)SCALANCE X304-2FESCALANCE X307-2 EEC (230V)SIPLUS NET CP 343-1 LeanSCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SIMATIC ET 200SP IM 155-6 PN ST BASCALANCE X302-7 EEC (2x 24V)SIMATIC ET 200MP IM 155-5 PN HFRUGGEDCOM RM1224 familySIMATIC ET 200pro IM 154-4 PN HFSCALANCE X208PROSIPLUS NET CP 343-1SCALANCE X212-2LDSCALANCE X302-7 EEC (24V)SCALANCE X204-2SCALANCE XF206-1SIMATIC ET200S (incl. SIPLUS variants)SIMATIC CP 343-1 LeanSCALANCE XR324-4M EEC (2x 24V, ports on rear)SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SCALANCE X204-2LDSCALANCE M876-4 (EU)SIMATIC ET 200M IM 153-4 PN IO ST (incl. SIPLUS variants)SCALANCE X308-2MSCALANCE X308-2M PoESCALANCE X310FESCALANCE X308-2LH+SIPLUS NET CP 343-1 AdvancedSIMATIC CP 343-1SCALANCE X307-3LDDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIPLUS NET CP 443-1 AdvancedSCALANCE XF202-2P IRTSCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE X202-2P IRT PROSCALANCE X310SCALANCE XR324-12M (24V, ports on front)SIPLUS ET 200MP IM 155-5 PN STSCALANCE X320-1 FESCALANCE M874-2SCALANCE XR324-4M PoE (230V, ports on front)SIMATIC CP 343-1 ERPCSIPLUS ET 200SP IM 155-6 PN STSIMATIC MV440 URSCALANCE X216SIMATIC CP 1616 and CP 1604SCALANCE X302-7 EEC (230V, coated)SIPLUS ET 200MP IM 155-5 PN HFSCALANCE X200-4P IRTSCALANCE XC-200SCALANCE X202-2IRTSCALANCE XR324-12M (230V, ports on front)SCALANCE XR324-4M EEC (2x 24V, ports on front)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13921
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.29%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 13:49
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions < SP3 Update 1). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large HTTP request is sent to the executing service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the service provided by the software.

Action-Not Available
Vendor-Siemens AG
Product-simatic_winac_rtx_\(f\)_2010SIMATIC WinAC RTX (F) 2010
CWE ID-CWE-410
Insufficient Resource Pool
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-3658
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.13% / 77.41%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.

Action-Not Available
Vendor-Intel CorporationSiemens AG
Product-manageability_engine_firmwaresimatic_ipc677d_firmwaresimatic_ipc477e_firmwaresimatic_ipc427e_firmwaresimatic_ipc647d_firmwaresimatic_ipc427esimatic_ipc647dsimatic_ipc547e_firmwaresimatic_ipc627dsimatic_pc547esimatic_ipc847dsimatic_ipc827dsimatic_ipc547gsimatic_field_pg_m5_firmwaresimatic_ipc847d_firmwaresimatic_pc547g_firmwaresimatic_ipc677dsimatic_ipc627d_firmwaresimatic_itp1000_firmwaresimatic_ipc827d_firmwareconverged_security_management_engine_firmwaresimatic_ipc477esimatic_field_pg_m5simatic_itp1000active_management_technology_firmwareIntel(R) Active Management Technology
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2024-43647
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.40% / 59.89%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-10 Sep, 2024 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices do not properly handle TCP packets with an incorrect structure. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the network cable of the device needs to be unplugged and re-plugged.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC S7-200 SMART CPU CR40SIMATIC S7-200 SMART CPU ST60SIMATIC S7-200 SMART CPU SR40SIMATIC S7-200 SMART CPU ST30SIMATIC S7-200 SMART CPU SR30SIMATIC S7-200 SMART CPU SR60SIMATIC S7-200 SMART CPU CR60SIMATIC S7-200 SMART CPU SR20SIMATIC S7-200 SMART CPU ST40SIMATIC S7-200 SMART CPU ST20simatic_s7-200_smart_cpu_st60
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-25032
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.21%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 00:00
Updated-21 Aug, 2025 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

Action-Not Available
Vendor-azulzlibgoton/aNetApp, Inc.Fedora ProjectDebian GNU/LinuxSparkle MotionSiemens AGMicrosoft CorporationPython Software FoundationApple Inc.MariaDB Foundation
Product-h410cmacospythonhci_compute_nodeh500s_firmwareh300s_firmwarescalance_sc642-2c_firmwaremac_os_xscalance_sc646-2c_firmwareh700s_firmwaremariadbscalance_sc622-2c_firmwaremanagement_services_for_element_softwarescalance_sc632-2c_firmwarezlibh410sh410s_firmwarenokogiriontap_select_deploy_administration_utilityscalance_sc636-2cfedorawindowsscalance_sc642-2cgotoassisth300sscalance_sc626-2czuluscalance_sc626-2c_firmwarescalance_sc636-2c_firmwareh410c_firmwarescalance_sc646-2cactive_iq_unified_managerscalance_sc622-2ce-series_santricity_os_controllerh700sdebian_linuxscalance_sc632-2ch500soncommand_workflow_automationn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-13940
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.60% / 68.60%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 15:36
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp. Beyond the web service, no other functions or interfaces are affected by the denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-300_cpu_317-2_pn\/dp_firmwaresimatic_winac_rtx_\(f\)_2010siplus_s7-300_cpu_314siplus_s7-300_cpu_315-2_pn\/dp_firmwares7-1200_cpu_1214fcs7-1200_cpu_1215fc_firmwaresimatic_s7-300_cpu_319-3_pn\/dpsimatic_s7-300_cpu_317-2_dpsiplus_s7-300_cpu_315-2_pn\/dpsimatic_s7-300_cpu_315-2dp_firmwaresiplus_s7-300_cpu_317-2_pn\/dpsiplus_cpu_1214c_firmwares7-1200_cpu_1214c_firmwares7-1200_cpu_1212c_firmwaresimatic_s7-300_cpu_317-2_dp_firmwaresimatic_s7-300_cpu_315-2_pn\/dp_firmwaresimatic_s7-400_pn\/dp_cpu_firmwaresiplus_cpu_1211csiplus_s7-300_cpu_317-2_pn\/dp_firmwaresiplus_s7-300_cpu_315-2_dp_firmwaresimatic_s7-400_pn\/dp_cpus7-1200_cpu_1215csiplus_cpu_1215c_firmwares7-1200_cpu_1211c_firmwaresiplus_cpu_1212c_firmwaresiplus_cpu_1214csimatic_s7-300_cpu_317-2_pn\/dps7-1200_cpu_1212cs7-1200_cpu_1217c_firmwaresiplus_s7-1200simatic_s7-300_cpu_315-2dpsiplus_s7-300_cpu_315-2_dpsiplus_cpu_1211c_firmwaresimatic_s7-300_cpu_315-2_pn\/dpsiplus_cpu_1215cs7-1200_cpu_1212fc_firmwares7-1200_cpu_1212fcsimatic_s7-300_cpu_319-3_pn\/dp_firmwaresiplus_s7-300_cpu_314_firmwares7-1200_cpu_1215fcs7-1200_cpu_1211cs7-1200_cpu_1215c_firmwares7-1200_cpu_1214csiplus_cpu_1212cs7-1200_cpu_1217cs7-1200_cpu_1214fc_firmwaresiplus_s7-1200_firmwareSIMATIC ET 200pro IM154-8F PN/DP CPUSIMATIC S7-300 CPU 317T-3 PN/DPSIMATIC WinAC RTX 2010SIMATIC ET 200S IM151-8 PN/DP CPUSIMATIC ET 200S IM151-8F PN/DP CPUSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC WinAC RTX F 2010SIPLUS ET 200S IM151-8 PN/DP CPUSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317F-2 PN/DPSIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317-2 PN/DPSIMATIC S7-300 CPU 317TF-3 PN/DPSIPLUS ET 200S IM151-8F PN/DP CPUSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM154-8 PN/DP CPUSIMATIC ET 200pro IM154-8FX PN/DP CPUSIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315T-3 PN/DPSIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC S7-300 CPU 319F-3 PN/DPSIPLUS S7-300 CPU 314C-2 PN/DP
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13926
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.69%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 15:36
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627-2M (All versions >= V3.0 and < V4.1). Specially crafted packets sent to port 443/tcp of affected devices could cause a Denial-of-Service condition of the web server. A cold reboot is required to restore the functionality of the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_s623scalance_s612_firmwarescalance_s627-2m_firmwarescalance_s602scalance_s627-2mscalance_s602_firmwarescalance_s623_firmwarescalance_s612SCALANCE S627-2MSCALANCE S623SCALANCE S602SCALANCE S612
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-27383
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.12%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_hmi_ktp_mobile_panels_ktp400fsinamics_gm150simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresinamics_sm150isinamics_gl150_firmwaresinamics_gl150simatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_comfort_panels_4\"_firmwaresinamics_gm150_firmwaresinamics_sm150simatic_hmi_comfort_outdoor_panels_7\"_firmwaresinamics_gh150simatic_hmi_ktp_mobile_panels_ktp700_firmwaresinamics_gh150_firmwaresinamics_sl150simatic_hmi_comfort_panels_22\"simatic_hmi_ktp_mobile_panels_ktp700fsinamics_sh150sinamics_sm150_firmwaresimatic_hmi_ktp_mobile_panels_ktp900fsinamics_sh150_firmwaresimatic_hmi_comfort_outdoor_panels_7\"sinamics_sm120simatic_hmi_ktp_mobile_panels_ktp700simatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_hmi_comfort_panels_4\"sinamics_sl150_firmwaresinamics_sm150i_firmwaresimatic_hmi_ktp_mobile_panels_ktp900simatic_hmi_comfort_outdoor_panels_15\"simatic_hmi_comfort_panels_22\"_firmwaresimatic_wincc_runtime_advancedsinamics_sm120_firmwareSIMATIC WinCC Runtime Advanced V16SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) SINAMICS SM150iSIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)SINAMICS GH150SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSINAMICS GM150 (with option X30)SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F SINAMICS GL150 (with option X30)SINAMICS SH150SIMATIC WinCC Runtime Advanced V15SINAMICS SL150SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) SINAMICS SM120SINAMICS SM150
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-36475
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.31%
||
7 Day CHG~0.00%
Published-23 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs.

Action-Not Available
Vendor-n/aArm LimitedDebian GNU/LinuxSiemens AG
Product-debian_linuxlogo\!_cmr2040_firmwaresimatic_rtu3031c_firmwaresimatic_rtu3030csimatic_rtu3041c_firmwaresimatic_rtu3041clogo\!_cmr2040simatic_rtu3000clogo\!_cmr2020simatic_rtu3031csimatic_rtu3000c_firmwarelogo\!_cmr2020_firmwaresimatic_rtu3030c_firmwarembed_tlsn/a
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2021-25676
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.34%
||
7 Day CHG~0.00%
Published-15 Mar, 2021 | 17:03
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.

Action-Not Available
Vendor-Siemens AG
Product-scalance_s615scalance_m-800_firmwarescalance_sc-600scalance_sc-600_firmwareruggedcom_rm1224_firmwarescalance_m-800scalance_s615_firmwareruggedcom_rm1224SCALANCE M-800RUGGEDCOM RM1224SCALANCE S615SCALANCE SC-600
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2021-25661
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.05%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_comfort_panels_22\"simatic_hmi_ktp_mobile_panels_ktp700fsimatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_hmi_ktp_mobile_panels_ktp900fsimatic_hmi_ktp_mobile_panels_ktp400fsimatic_hmi_comfort_outdoor_panels_7\"simatic_hmi_ktp_mobile_panels_ktp700simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresimatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_comfort_panels_4\"simatic_hmi_comfort_panels_4\"_firmwaresimatic_hmi_ktp_mobile_panels_ktp900simatic_hmi_comfort_outdoor_panels_15\"simatic_hmi_comfort_outdoor_panels_7\"_firmwaresimatic_hmi_comfort_panels_22\"_firmwaresimatic_wincc_runtime_advancedsimatic_hmi_ktp_mobile_panels_ktp700_firmwareSIMATIC WinCC Runtime Advanced V16SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F SIMATIC WinCC Runtime Advanced V15
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CVE-2021-25663
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.52% / 65.95%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 20:42
Updated-11 Mar, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values.

Action-Not Available
Vendor-Siemens AG
Product-nucleus_netcapital_vstarnucleus_readystartnucleus_source_codeNucleus Source CodeNucleus NETCapital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11Nucleus ReadyStart V4Nucleus ReadyStart V3
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2020-35683
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.53% / 66.41%
||
7 Day CHG~0.00%
Published-19 Aug, 2021 | 11:13
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service.

Action-Not Available
Vendor-hcc-embeddedn/aSiemens AG
Product-7km9300-0ae02-0aa0nichestack7km9300-0ae02-0aa0_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-12259
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-30.05% / 96.49%
||
7 Day CHG~0.00%
Published-09 Aug, 2019 | 18:05
Updated-04 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.

Action-Not Available
Vendor-windriverbeldenn/aSiemens AGSonicWall Inc.
Product-hirschmann_rsp20ruggedcom_win7025_firmwarehirschmann_ees25sonicoshirschmann_grs1030hirschmann_grs1142ruggedcom_win7018_firmwarehirschmann_rspe32hirschmann_grs1130garrettcom_magnum_dx940ehirschmann_rspe35hirschmann_eesx20hirschmann_rspe37ruggedcom_win7018hirschmann_grs10429410_power_meter_firmwareruggedcom_win7000siprotec_5_firmwareruggedcom_win7200hirschmann_rsp35garrettcom_magnum_dx940e_firmwarevxworkshirschmann_msp40hirschmann_octopus_os39810_power_meterhirschmann_rsp309410_power_meter9810_power_meter_firmwarehirschmann_dragon_mach4000hirschmann_dragon_mach4500hirschmann_msp32hirschmann_rsp25hirschmann_rail_switch_power_smarthirschmann_eesx30hirschmann_grs1020hirschmann_rail_switch_power_litehirschmann_eagle20hirschmann_eagle30hirschmann_hiosruggedcom_win7025hirschmann_rspe30hirschmann_eagle_oneruggedcom_win7200_firmwaresiprotec_5hirschmann_ees20hirschmann_red25ruggedcom_win7000_firmwarehirschmann_msp30hirschmann_grs1120n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-16890
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.89% / 74.49%
||
7 Day CHG~0.00%
Published-06 Feb, 2019 | 20:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.

Action-Not Available
Vendor-NetApp, Inc.Debian GNU/LinuxOracle CorporationRed Hat, Inc.Canonical Ltd.F5, Inc.Siemens AGCURL
Product-libcurlclustered_data_ontapubuntu_linuxdebian_linuxcommunications_operations_monitorhttp_serversecure_global_desktopenterprise_linuxsinema_remote_connect_clientbig-ip_access_policy_managercurl
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-16557
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.2||HIGH
EPSS-0.09% / 27.03%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 16:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-2 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-2 DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 417-4 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 V7 (All versions), SIPLUS S7-400 CPU 417-4 V7 (All versions). Sending of specially crafted packets to port 102/tcp via Ethernet interface via PROFIBUS or Multi Point Interfaces (MPI) could cause a denial of service condition on affected devices. Flashing with a firmware image may be required to recover the CPU. Successful exploitation requires an attacker to have network access to port 102/tcp via Ethernet interface or to be able to send messages via PROFIBUS or Multi Point Interfaces (MPI) to the device. No user interaction is required. If no access protection is configured, no privileges are required to exploit the security vulnerability. The vulnerability could allow causing a denial of service condition of the core functionality of the CPU, compromising the availability of the system.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-400_pn\/dp_v7_firmwaresimatic_s7-400_firmwaresimatic_s7-400simatic_s7-400_pn\/dp_v7simatic_s7-410_firmwaresimatic_s7-400h_firmwaresimatic_s7-410simatic_s7-400h SIMATIC S7-400 CPU 412-2 DP V7 SIMATIC S7-400 CPU 414F-3 PN/DP V7 SIMATIC S7-400 CPU 416-3 DP V7SIPLUS S7-400 CPU 416-3 PN/DP V7 SIMATIC S7-400 CPU 416F-3 PN/DP V7 SIMATIC S7-400 CPU 416F-2 DP V7 SIMATIC S7-400 CPU 414-2 DP V7SIPLUS S7-400 CPU 416-3 V7SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants) SIMATIC S7-400 CPU 417-4 DP V7SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) SIMATIC S7-400 CPU 416-2 DP V7 SIMATIC S7-400 CPU 414-3 PN/DP V7 SIMATIC S7-400 CPU 414-3 DP V7SIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) SIMATIC S7-400 CPU 416-3 PN/DP V7SIPLUS S7-400 CPU 417-4 V7 SIMATIC S7-400 CPU 412-1 DP V7SIMATIC S7-400 CPU 412-2 PN V7
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2023-28766
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.32%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 09:03
Updated-02 Aug, 2024 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80 < V9.64), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.40), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.40), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SK82 (CP100) (All versions < V8.89), SIPROTEC 5 7SK82 (CP150) (All versions < V9.40), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.40), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7ST85 (CP300) (All versions >= V7.80 < V9.64), SIPROTEC 5 7ST86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SX82 (CP150) (All versions < V9.40), SIPROTEC 5 7SX85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.40), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VU85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.40 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.40 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.40). Affected devices lack proper validation of http request parameters of the hosted web service. An unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device.

Action-Not Available
Vendor-Siemens AG
Product-siprotec_5_7sx82_firmwaresiprotec_5_7ut85_firmwaresiprotec_5_6md85_firmwaresiprotec_5_7sl82siprotec_5_7sl86siprotec_5_7sx82siprotec_5_7st86_firmwaresiprotec_5_communication_module_ethba2el_firmwaresiprotec_5_7sj81siprotec_5_7sl87siprotec_5_7sj85siprotec_5_7sd82_firmwaresiprotec_5_7sl87_firmwaresiprotec_5_7sk85siprotec_5_7sx85_firmwaresiprotec_5_7ut85siprotec_5_communication_module_ethbb2fosiprotec_5_7sd84siprotec_5_7sj86siprotec_5_7st85siprotec_5_7sk85_firmwaresiprotec_5_7sj82siprotec_5_7sj86_firmwaresiprotec_5_7vu85siprotec_5_7ut87_firmwaresiprotec_5_7ut82_firmwaresiprotec_5_communication_module_ethbd2fosiprotec_5_7vk87siprotec_5_7sa84_firmwaresiprotec_5_6md86siprotec_5_7ut86_firmwaresiprotec_5_7sd87siprotec_5_7um85siprotec_5_6md85siprotec_5_communication_module_ethbd2fo_firmwaresiprotec_5_7st85_firmwaresiprotec_5_7ss85_firmwaresiprotec_5_7ve85_firmwaresiprotec_5_compact_7sx800_firmwaresiprotec_5_7ss85siprotec_5_7um85_firmwaresiprotec_5_7sd84_firmwaresiprotec_5_7sj81_firmwaresiprotec_5_7sk82_firmwaresiprotec_5_7sa86siprotec_5_7sd86_firmwaresiprotec_5_7st86siprotec_5_7sa84siprotec_5_7sa82siprotec_5_7ut82siprotec_5_7sd82siprotec_5_7sd86siprotec_5_7sj85_firmwaresiprotec_5_communication_module_ethbb2fo_firmwaresiprotec_5_7ke85siprotec_5_6md86_firmwaresiprotec_5_7sa86_firmwaresiprotec_5_6mu85_firmwaresiprotec_5_7ut86siprotec_5_7ut87siprotec_5_7sk82siprotec_5_7sj82_firmwaresiprotec_5_7sa82_firmwaresiprotec_5_7sd87_firmwaresiprotec_5_communication_module_ethba2elsiprotec_5_7ve85siprotec_5_7sa87siprotec_5_6md89siprotec_5_7sx85siprotec_5_6md89_firmwaresiprotec_5_7vk87_firmwaresiprotec_5_7sl86_firmwaresiprotec_5_7vu85_firmwaresiprotec_5_7sl82_firmwaresiprotec_5_7sa87_firmwaresiprotec_5_6mu85siprotec_5_compact_7sx800siprotec_5_7ke85_firmwareSIPROTEC 5 7ST86 (CP300)SIPROTEC 5 7SJ81 (CP100)SIPROTEC 5 7UT87 (CP300)SIPROTEC 5 7UT82 (CP150)SIPROTEC 5 Communication Module ETH-BD-2FOSIPROTEC 5 7UT85 (CP300)SIPROTEC 5 7SJ81 (CP150)SIPROTEC 5 7SL87 (CP300)SIPROTEC 5 Communication Module ETH-BB-2FOSIPROTEC 5 6MD85 (CP300)SIPROTEC 5 Communication Module ETH-BA-2ELSIPROTEC 5 7VE85 (CP300)SIPROTEC 5 7SA87 (CP300)SIPROTEC 5 7ST85 (CP300)SIPROTEC 5 7SX82 (CP150)SIPROTEC 5 7UT86 (CP300)SIPROTEC 5 7UM85 (CP300)SIPROTEC 5 7SD82 (CP100)SIPROTEC 5 7SK82 (CP150)SIPROTEC 5 6MD89 (CP300)SIPROTEC 5 7VU85 (CP300)SIPROTEC 5 7SJ82 (CP100)SIPROTEC 5 7SK85 (CP300)SIPROTEC 5 7VK87 (CP300)SIPROTEC 5 7SD87 (CP300)SIPROTEC 5 7UT82 (CP100)SIPROTEC 5 7SL86 (CP300)SIPROTEC 5 7SL82 (CP150)SIPROTEC 5 6MD86 (CP300)SIPROTEC 5 7SA82 (CP100)SIPROTEC 5 7SD86 (CP300)SIPROTEC 5 7SA82 (CP150)SIPROTEC 5 6MU85 (CP300)SIPROTEC 5 7SD82 (CP150)SIPROTEC 5 7KE85 (CP300)SIPROTEC 5 7SA86 (CP300)SIPROTEC 5 7SK82 (CP100)SIPROTEC 5 Compact 7SX800 (CP050)SIPROTEC 5 7SS85 (CP300)SIPROTEC 5 7SJ86 (CP300)SIPROTEC 5 7SL82 (CP100)SIPROTEC 5 7SJ85 (CP300)SIPROTEC 5 7SX85 (CP300)SIPROTEC 5 7SJ82 (CP150)
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-7793
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-7.5||HIGH
EPSS-3.57% / 87.26%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 13:25
Updated-16 Sep, 2024 | 22:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Regular Expression Denial of Service (ReDoS)

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

Action-Not Available
Vendor-ua-parser-js_projectn/aSiemens AG
Product-sinec_insua-parser-jsua-parser-js
CVE-2007-1918
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.36% / 79.41%
||
7 Day CHG~0.00%
Published-10 Apr, 2007 | 23:00
Updated-07 Aug, 2024 | 13:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Action-Not Available
Vendor-n/aMicrosoft CorporationSAP SEApple Inc.Siemens AGSun Microsystems (Oracle Corporation)IBM CorporationLinux Kernel Organization, IncHP Inc.
Product-os_400windows_serversolarislinux_kernelracfhp-uxtru64reliant_unixmacosrfc_libraryaixn/a
CVE-2022-47375
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.03%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:25
Updated-03 Aug, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly. This could allow an attacker to create a buffer overflow and create a denial of service condition for the device.

Action-Not Available
Vendor-Siemens AG
Product-6es7414-3em07-0ab06es7416-3fs07-0ab06ag1414-3em07-7ab06ag1416-3es07-7ab0_firmware6ag1416-3es07-7ab0simatic_pc-station_plus_firmware6es7412-2ek07-0ab0_firmwaresimatic_pc-station_plus6es7416-3es07-0ab0_firmware6es7416-3fs07-0ab0_firmware6es7416-3es07-0ab06es7412-2ek07-0ab06es7414-3fm07-0ab0_firmware6es7414-3fm07-0ab0sinamics_s120sinamics_s120_firmware6es7414-3em07-0ab0_firmware6ag1414-3em07-7ab0_firmwareSIMATIC S7-400 CPU 416F-3 PN/DP V7SIMATIC PC-Station PlusSIPLUS S7-400 CPU 414-3 PN/DP V7SIPLUS S7-400 CPU 416-3 PN/DP V7SIMATIC S7-400 CPU 414F-3 PN/DP V7SINAMICS S120 (incl. SIPLUS variants)SIMATIC S7-400 CPU 416-3 PN/DP V7SIMATIC S7-400 CPU 412-2 PN V7SIMATIC S7-400 CPU 414-3 PN/DP V7
CWE ID-CWE-805
Buffer Access with Incorrect Length Value
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-13805
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.73%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 17:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 incl. F (All versions >= V2.0 and < V2.5). An attacker can cause a denial-of-service condition on the network stack by sending a large number of specially crafted packets to the PLC. The PLC will lose its ability to communicate over the network. This vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no privileges and no user interaction. An attacker could use this vulnerability to compromise availability of the network connectivity. At the time of advisory publication no public exploitation of this vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500fsimatic_et_200spsimatic_et_200sp_firmwaresimatic_s7-1500_firmwaresimatic_s7-1500f_firmwaresimatic_s7-1500SIMATIC S7-1500 incl. FSIMATIC ET 200SP Open ControllerSIMATIC S7-1500 Software Controller
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-46352
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.29% / 51.46%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products.

Action-Not Available
Vendor-Siemens AG
Product-6gk5204-0bs00-3pa36gk5204-0ba00-2mb2_firmware6gk5204-0ba00-2kb2_firmware6gk5204-0ba00-2mb26gk5204-0ba00-2kb26gk5204-0bs00-3la3_firmware6gk5204-0bs00-2na3_firmware6gk5204-0bs00-3pa3_firmware6gk5204-0bs00-2na36gk5204-0bs00-3la3SCALANCE X204RNA (HSR)SCALANCE X204RNA EEC (PRP/HSR)SCALANCE X204RNA EEC (PRP)SCALANCE X204RNA EEC (HSR)SCALANCE X204RNA (PRP)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2016-4956
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-2.27% / 84.00%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

Action-Not Available
Vendor-ntpn/aSiemens AGopenSUSESUSENovellOracle Corporation
Product-solarissimatic_net_cp_443-1_opc_ualeapntpopensusemanager_proxyopenstack_cloudsuse_managerlinux_enterprise_desktopsimatic_net_cp_443-1_opc_ua_firmwarelinux_enterprise_servern/a
CVE-2022-45044
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.12% / 31.59%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-03 Aug, 2024 | 14:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.50), SIPROTEC 5 6MD89 (CP300) (All versions < V9.64), SIPROTEC 5 6MU85 (CP300) (All versions < V9.50), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.64), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.50), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.50), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.50), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.50), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.50), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ81 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ82 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.50), SIPROTEC 5 7SK82 (CP100) (All versions < V8.89), SIPROTEC 5 7SK82 (CP150) (All versions < V9.50), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.50), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.50), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.50), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.50), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.50), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions < V9.64), SIPROTEC 5 7ST86 (CP300) (All versions < V9.64), SIPROTEC 5 7SX82 (CP150) (All versions < V9.50), SIPROTEC 5 7SX85 (CP300) (All versions < V9.50), SIPROTEC 5 7UM85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.50), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.50), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.50), SIPROTEC 5 7VE85 (CP300) (All versions < V9.50), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.50), SIPROTEC 5 7VU85 (CP300) (All versions < V9.50), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions installed on CP200 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions installed on CP200 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.50), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.50). Affected devices do not properly restrict secure client-initiated renegotiations within the SSL and TLS protocols. This could allow an attacker to create a denial of service condition on the ports 443/tcp and 4443/tcp for the duration of the attack.

Action-Not Available
Vendor-Siemens AG
Product-siprotec_5_7ut85_firmwaresiprotec_5_6md85_firmwaresiprotec_5_7sl82siprotec_5_7sl86siprotec_5_communication_module_ethba2el_firmwaresiprotec_5_7sj81siprotec_5_7sl87siprotec_5_7sj85siprotec_5_7sd82_firmwaresiprotec_5_7sl87_firmwaresiprotec_5_7sk85siprotec_5_7sx85_firmwaresiprotec_5_7ut85siprotec_5_communication_module_ethbb2fosiprotec_5_7sj86siprotec_5_7st85siprotec_5_7sj82siprotec_5_7sk85_firmwaresiprotec_5_7sj86_firmwaresiprotec_5_7ut87_firmwaresiprotec_5_7ut82_firmwaresiprotec_5_communication_module_ethbd2fosiprotec_5_7vk87siprotec_5_6md86siprotec_5_7ut86_firmwaresiprotec_5_7sd87siprotec_5_7um85siprotec_5_6md85siprotec_5_communication_module_ethbd2fo_firmwaresiprotec_5_7st85_firmwaresiprotec_5_7ss85_firmwaresiprotec_5_7ve85_firmwaresiprotec_5_compact_7sx800_firmwaresiprotec_5_7ss85siprotec_5_7um85_firmwaresiprotec_5_7sj81_firmwaresiprotec_5_7sk82_firmwaresiprotec_5_7sa86siprotec_5_7sd86_firmwaresiprotec_5_7sa82siprotec_5_7ut82siprotec_5_communication_module_ethbb2fo_firmwaresiprotec_5_7sd82siprotec_5_7sd86siprotec_5_7sj85_firmwaresiprotec_5_7ke85siprotec_5_6md86_firmwaresiprotec_5_7sa86_firmwaresiprotec_5_6mu85_firmwaresiprotec_5_7ut86siprotec_5_7sk82siprotec_5_7ut87siprotec_5_7sj82_firmwaresiprotec_5_7sa82_firmwaresiprotec_5_7sd87_firmwaresiprotec_5_communication_module_ethba2elsiprotec_5_7ve85siprotec_5_7sa87siprotec_5_6md89siprotec_5_6md89_firmwaresiprotec_5_7sx85siprotec_5_7vk87_firmwaresiprotec_5_7sl86_firmwaresiprotec_5_7sl82_firmwaresiprotec_5_7sa87_firmwaresiprotec_5_6mu85siprotec_5_compact_7sx800siprotec_5_7ke85_firmwareSIPROTEC 5 Communication Module ETH-BD-2FOSIPROTEC 5 7SJ81 (CP150)SIPROTEC 5 7SL87 (CP300)SIPROTEC 5 6MD85 (CP300)SIPROTEC 5 Communication Module ETH-BA-2ELSIPROTEC 5 7KE85 (CP200)SIPROTEC 5 7SA87 (CP300)SIPROTEC 5 7ST85 (CP300)SIPROTEC 5 7VE85 (CP300)SIPROTEC 5 7UT86 (CP300)SIPROTEC 5 7UM85 (CP300)SIPROTEC 5 7SK82 (CP150)SIPROTEC 5 6MD89 (CP300)SIPROTEC 5 7SD86 (CP200)SIPROTEC 5 6MD84 (CP300)SIPROTEC 5 7SA86 (CP200)SIPROTEC 5 7SJ82 (CP100)SIPROTEC 5 7SK85 (CP300)SIPROTEC 5 7SA87 (CP200)SIPROTEC 5 7VU85 (CP300)SIPROTEC 5 7VK87 (CP300)SIPROTEC 5 7SD87 (CP300)SIPROTEC 5 7SL82 (CP150)SIPROTEC 5 7SJ86 (CP200)SIPROTEC 5 6MD86 (CP300)SIPROTEC 5 7SD86 (CP300)SIPROTEC 5 7SA82 (CP150)SIPROTEC 5 7SD84 (CP200)SIPROTEC 5 6MU85 (CP300)SIPROTEC 5 7KE85 (CP300)SIPROTEC 5 7SD82 (CP150)SIPROTEC 5 7SS85 (CP200)SIPROTEC 5 7SJ82 (CP150)SIPROTEC 5 Compact 7SX800 (CP050)SIPROTEC 5 7UT86 (CP200)SIPROTEC 5 7SJ86 (CP300)SIPROTEC 5 7SD87 (CP200)SIPROTEC 5 7SL82 (CP100)SIPROTEC 5 7SK85 (CP200)SIPROTEC 5 7ST86 (CP300)SIPROTEC 5 7SJ81 (CP100)SIPROTEC 5 7SA84 (CP200)SIPROTEC 5 7SL86 (CP200)SIPROTEC 5 7UT87 (CP300)SIPROTEC 5 7UT82 (CP150)SIPROTEC 5 7UT85 (CP200)SIPROTEC 5 Communication Module ETH-BB-2FOSIPROTEC 5 7SL87 (CP200)SIPROTEC 5 6MD86 (CP200)SIPROTEC 5 7UT87 (CP200)SIPROTEC 5 7VK87 (CP200)SIPROTEC 5 6MD85 (CP200)SIPROTEC 5 7SX82 (CP150)SIPROTEC 5 7SD82 (CP100)SIPROTEC 5 7UT82 (CP100)SIPROTEC 5 7SL86 (CP300)SIPROTEC 5 7ST85 (CP200)SIPROTEC 5 7SA82 (CP100)SIPROTEC 5 7SA86 (CP300)SIPROTEC 5 7SJ85 (CP200)SIPROTEC 5 7SK82 (CP100)SIPROTEC 5 7SS85 (CP300)SIPROTEC 5 7UT85 (CP300)SIPROTEC 5 7SX85 (CP300)SIPROTEC 5 7SJ85 (CP300)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-22040
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.00%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 10:21
Updated-01 Aug, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.3.5617), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions), Sinteso FS20 EN Fire Panel FC20 MP8 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems insufficiently validates HMAC values which might result in a buffer overread. This could allow an unauthenticated remote attacker to crash the network service.

Action-Not Available
Vendor-Siemens AG
Product-Cerberus PRO EN Fire Panel FC72x IP7Sinteso FS20 EN X300 Cloud Distribution MP7Sinteso MobileCerberus PRO UL X300 Cloud DistributionSinteso FS20 EN Engineering ToolDesigo Fire Safety UL Compact Panel FC2025/2050Desigo Fire Safety UL Engineering ToolSinteso FS20 EN X200 Cloud Distribution MP8Cerberus PRO UL Engineering ToolSinteso FS20 EN Fire Panel FC20 MP8Sinteso FS20 EN X300 Cloud Distribution MP8Cerberus PRO UL Compact Panel FC922/924Sinteso FS20 EN Fire Panel FC20 MP7Cerberus PRO EN Fire Panel FC72x IP8Cerberus PRO EN X300 Cloud Distribution IP7Desigo Fire Safety UL X300 Cloud DistributionCerberus PRO EN Engineering ToolSinteso FS20 EN X200 Cloud Distribution MP7Cerberus PRO EN Fire Panel FC72x IP6Cerberus PRO EN X200 Cloud Distribution IP7Sinteso FS20 EN Fire Panel FC20 MP6Cerberus PRO EN X200 Cloud Distribution IP8Cerberus PRO EN X300 Cloud Distribution IP8cerberus_pro_ul_engineering_toolsinteso_fs20_en_engineering_toolcerberus_pro_ul_compact_panelcerberus_pro_en_fire_panel_fc72xcerberus_pro_en_engineering_toolcerberus_pro_en_x300_cloud_distributioncerberus_pro_ul_x300_cloudsinteso_fs20_en_x300_cloud_distributiondesigo_fire_safety_ul_engineering_tooldesigo_fire_safety_ul_compact_panelsinteso_fs20_en_fire_panel_fc20sinteso_mobilesinteso_fs20_en_x200_cloud_distributioncerberus_pro_en_x200_cloud_distribution
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-4953
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.64% / 93.71%
||
7 Day CHG-3.96%
Published-05 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

Action-Not Available
Vendor-ntpn/aSiemens AGopenSUSESUSEOracle Corporation
Product-tim_4r-iesolarissimatic_net_cp_443-1_opc_ualeapntpopensusemanager_proxyopenstack_cloudtim_4r-ie_dnp3_firmwarelinux_enterprise_desktopsimatic_net_cp_443-1_opc_ua_firmwaremanagertim_4r-ie_dnp3tim_4r-ie_firmwarelinux_enterprise_servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-4954
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.94% / 91.04%
||
7 Day CHG-1.06%
Published-05 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.

Action-Not Available
Vendor-ntpn/aSiemens AGopenSUSESUSEOracle Corporation
Product-tim_4r-iesolarissimatic_net_cp_443-1_opc_ualeapntpopensusemanager_proxyopenstack_cloudtim_4r-ie_dnp3_firmwarelinux_enterprise_desktopsimatic_net_cp_443-1_opc_ua_firmwaremanagertim_4r-ie_dnp3tim_4r-ie_firmwarelinux_enterprise_servern/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-43768
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.03%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 09:02
Updated-07 Feb, 2025 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.

Action-Not Available
Vendor-Siemens AG
Product-siplus_s7-1200_cp_1243-1_railsimatic_ipc_diagbase_firmwaresiplus_tim_1531_ircsimatic_cp_1243-8_irc_firmwaresimatic_cp_1542sp-1_firmwaresiplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmwaresimatic_cp_1243-1_dnp3simatic_cp_1243-1_iec_firmwaresimatic_cp_1243-1_firmwaresimatic_cp_1243-7_lte_eu_firmwaresiplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmwaresiplus_net_cp_443-1_advancedsiplus_net_cp_1242-7_v2_firmwaresimatic_cp_1242-7_v2siplus_net_cp_443-1_advanced_firmwaretim_1531_irctim_1531_irc_firmwaresimatic_cp_443-1siplus_s7-1200_cp_1243-1_rail_firmwaresimatic_cp_1242-7_v2_firmwaresimatic_cp_1243-8_ircsiplus_s7-1200_cp_1243-1_firmwaresimatic_ipc_diagmonitorsiplus_net_cp_1242-7_v2simatic_cp_1543sp-1simatic_cp_443-1_advanced_firmwaresiplus_et_200sp_cp_1542sp-1_irc_tx_railsimatic_cp_443-1_firmwaresiplus_tim_1531_irc_firmwaresimatic_cp_1243-7_lte_eusiplus_s7-1200_cp_1243-1simatic_cp_1542sp-1_ircsimatic_cp_1243-1siplus_et_200sp_cp_1543sp-1_isecsimatic_cp_1243-1_dnp3_firmwaresimatic_cp_1542sp-1_irc_firmwaresimatic_cp_1543sp-1_firmwaresimatic_cp_1542sp-1siplus_net_cp_443-1siplus_et_200sp_cp_1543sp-1_isec_tx_railsiplus_et_200sp_cp_1543sp-1_isec_firmwaresimatic_cp_1243-1_iecsimatic_ipc_diagmonitor_firmwaresiplus_net_cp_443-1_firmwaresimatic_cp_1243-7_lte_us_firmwaresimatic_ipc_diagbasesimatic_cp_443-1_advancedsimatic_cp_1243-7_lte_usSIMATIC CP 1243-7 LTE USSIPLUS NET CP 1242-7 V2SIPLUS TIM 1531 IRCSIMATIC CP 443-1 AdvancedSIPLUS ET 200SP CP 1543SP-1 ISEC TX RAILSIMATIC CP 1243-7 LTE EUSIMATIC CP 1542SP-1 IRCSIPLUS S7-1200 CP 1243-1TIM 1531 IRCSIPLUS NET CP 443-1SIMATIC CP 1242-7 V2SIMATIC CP 1542SP-1SIPLUS ET 200SP CP 1542SP-1 IRC TX RAILSIMATIC CP 1243-8 IRCSIPLUS ET 200SP CP 1543SP-1 ISECSIMATIC CP 1243-1SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIMATIC CP 1543SP-1SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SIPLUS S7-1200 CP 1243-1 RAILSIMATIC CP 443-1SIPLUS NET CP 443-1 Advanced
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-22041
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.65%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 10:21
Updated-01 Aug, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.3.5617), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions), Sinteso FS20 EN Fire Panel FC20 MP8 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems improperly handles memory buffers when parsing X.509 certificates. This could allow an unauthenticated remote attacker to crash the network service.

Action-Not Available
Vendor-Siemens AG
Product-Cerberus PRO EN Fire Panel FC72x IP7Sinteso FS20 EN X300 Cloud Distribution MP7Sinteso MobileCerberus PRO UL X300 Cloud DistributionSinteso FS20 EN Engineering ToolDesigo Fire Safety UL Compact Panel FC2025/2050Desigo Fire Safety UL Engineering ToolSinteso FS20 EN X200 Cloud Distribution MP8Cerberus PRO UL Engineering ToolSinteso FS20 EN Fire Panel FC20 MP8Sinteso FS20 EN X300 Cloud Distribution MP8Cerberus PRO UL Compact Panel FC922/924Sinteso FS20 EN Fire Panel FC20 MP7Cerberus PRO EN Fire Panel FC72x IP8Cerberus PRO EN X300 Cloud Distribution IP7Desigo Fire Safety UL X300 Cloud DistributionCerberus PRO EN Engineering ToolSinteso FS20 EN X200 Cloud Distribution MP7Cerberus PRO EN Fire Panel FC72x IP6Cerberus PRO EN X200 Cloud Distribution IP7Sinteso FS20 EN Fire Panel FC20 MP6Cerberus PRO EN X200 Cloud Distribution IP8Cerberus PRO EN X300 Cloud Distribution IP8cerberus_pro_ul_engineering_toolcerberus_pro_ul_compact_panelcerberus_pro_en_fire_panel_fc72xcerberus_pro_en_engineering_toolcerberus_pro_en_x300_cloud_distributioncerberus_pro_ul_x300_cloudsinteso_fs20_en_x300_cloud_distributiondesigo_fire_safety_ul_engineering_tooldesigo_fire_safety_ul_compact_panelsinteso_fs20_en_fire_panel_fc20sinteso_mobilesinteso_fs20_en_x200_cloud_distributioncerberus_pro_en_x200_cloud_distribution
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-43716
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.21% / 42.75%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 09:02
Updated-10 Sep, 2024 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.

Action-Not Available
Vendor-Siemens AG
Product-siplus_s7-1200_cp_1243-1_railsimatic_ipc_diagbase_firmwaresiplus_tim_1531_ircsimatic_cp_1243-8_irc_firmwaresimatic_cp_1542sp-1_firmwaresiplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmwaresimatic_cp_1243-1_dnp3simatic_cp_1243-1_iec_firmwaresimatic_cp_1243-1_firmwaresimatic_cp_1243-7_lte_eu_firmwaresiplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmwaresiplus_net_cp_443-1_advancedsiplus_net_cp_1242-7_v2_firmwaresimatic_cp_1242-7_v2siplus_net_cp_443-1_advanced_firmwaretim_1531_irctim_1531_irc_firmwaresimatic_cp_443-1siplus_s7-1200_cp_1243-1_rail_firmwaresimatic_cp_1242-7_v2_firmwaresimatic_cp_1243-8_ircsiplus_s7-1200_cp_1243-1_firmwaresimatic_ipc_diagmonitorsiplus_net_cp_1242-7_v2simatic_cp_1543sp-1simatic_cp_443-1_advanced_firmwaresiplus_et_200sp_cp_1542sp-1_irc_tx_railsimatic_cp_443-1_firmwaresiplus_tim_1531_irc_firmwaresimatic_cp_1243-7_lte_eusiplus_s7-1200_cp_1243-1simatic_cp_1542sp-1_ircsimatic_cp_1243-1siplus_et_200sp_cp_1543sp-1_isecsimatic_cp_1243-1_dnp3_firmwaresimatic_cp_1542sp-1_irc_firmwaresimatic_cp_1543sp-1_firmwaresimatic_cp_1542sp-1siplus_net_cp_443-1siplus_et_200sp_cp_1543sp-1_isec_tx_railsiplus_et_200sp_cp_1543sp-1_isec_firmwaresimatic_cp_1243-1_iecsimatic_ipc_diagmonitor_firmwaresiplus_net_cp_443-1_firmwaresimatic_cp_1243-7_lte_us_firmwaresimatic_ipc_diagbasesimatic_cp_443-1_advancedsimatic_cp_1243-7_lte_usSIMATIC CP 1542SP-1TIM 1531 IRCSIPLUS ET 200SP CP 1543SP-1 ISECSIMATIC CP 1242-7 V2SIPLUS S7-1200 CP 1243-1SIMATIC CP 1243-8 IRCSIMATIC CP 1543SP-1SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAILSIPLUS TIM 1531 IRCSIPLUS S7-1200 CP 1243-1 RAILSIMATIC CP 443-1 AdvancedSIMATIC CP 1243-1SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS NET CP 443-1 AdvancedSIPLUS ET 200SP CP 1542SP-1 IRC TX RAILSIMATIC CP 1542SP-1 IRCSIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SIPLUS NET CP 1242-7 V2SIMATIC CP 443-1SIMATIC CP 1243-7 LTE USSIMATIC CP 1243-7 LTE EUSIPLUS NET CP 443-1siplus_s7-1200_cp_1243-1_railsimatic_cp_1543sp-1siplus_tim_1531_ircsiplus_et_200sp_cp_1542sp-1_irc_tx_railsimatic_cp_1243-1_dnp3siplus_net_cp_443-1_advancedsimatic_cp_1243-7_lte_eusiplus_s7-1200_cp_1243-1simatic_cp_1542sp-1_ircsimatic_cp_1243-1siplus_et_200sp_cp_1543sp-1_isecsimatic_cp_1542sp-1simatic_cp_443-1siplus_net_cp_443-1siplus_et_200sp_cp_1543sp-1_isec_tx_railsimatic_cp_1243-1_iecsimatic_cp_1242-7_gprs_v2simatic_cp_443-1_advancedsiplus_net_cp_1242-7_v2simatic_cp_1243-7_lte_ussimatic_cp_1243-8
CWE ID-CWE-416
Use After Free
CVE-2022-43767
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.39%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 09:02
Updated-10 Sep, 2024 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.

Action-Not Available
Vendor-Siemens AG
Product-siplus_s7-1200_cp_1243-1_railsimatic_ipc_diagbase_firmwaresiplus_tim_1531_ircsimatic_cp_1243-8_irc_firmwaresimatic_cp_1542sp-1_firmwaresiplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmwaresimatic_cp_1243-1_dnp3simatic_cp_1243-1_iec_firmwaresimatic_cp_1243-1_firmwaresimatic_cp_1243-7_lte_eu_firmwaresiplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmwaresiplus_net_cp_443-1_advancedsiplus_net_cp_1242-7_v2_firmwaresimatic_cp_1242-7_v2siplus_net_cp_443-1_advanced_firmwaretim_1531_irctim_1531_irc_firmwaresimatic_cp_443-1siplus_s7-1200_cp_1243-1_rail_firmwaresimatic_cp_1242-7_v2_firmwaresimatic_cp_1243-8_ircsiplus_s7-1200_cp_1243-1_firmwaresimatic_ipc_diagmonitorsiplus_net_cp_1242-7_v2simatic_cp_1543sp-1simatic_cp_443-1_advanced_firmwaresiplus_et_200sp_cp_1542sp-1_irc_tx_railsimatic_cp_443-1_firmwaresiplus_tim_1531_irc_firmwaresimatic_cp_1243-7_lte_eusiplus_s7-1200_cp_1243-1simatic_cp_1542sp-1_ircsimatic_cp_1243-1siplus_et_200sp_cp_1543sp-1_isecsimatic_cp_1243-1_dnp3_firmwaresimatic_cp_1542sp-1_irc_firmwaresimatic_cp_1543sp-1_firmwaresimatic_cp_1542sp-1siplus_net_cp_443-1siplus_et_200sp_cp_1543sp-1_isec_tx_railsiplus_et_200sp_cp_1543sp-1_isec_firmwaresimatic_cp_1243-1_iecsimatic_ipc_diagmonitor_firmwaresiplus_net_cp_443-1_firmwaresimatic_cp_1243-7_lte_us_firmwaresimatic_ipc_diagbasesimatic_cp_443-1_advancedsimatic_cp_1243-7_lte_usSIMATIC CP 1542SP-1TIM 1531 IRCSIPLUS ET 200SP CP 1543SP-1 ISECSIMATIC CP 1242-7 V2SIPLUS S7-1200 CP 1243-1SIMATIC CP 1243-8 IRCSIMATIC CP 1543SP-1SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAILSIPLUS TIM 1531 IRCSIPLUS S7-1200 CP 1243-1 RAILSIMATIC CP 443-1 AdvancedSIMATIC CP 1243-1SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS NET CP 443-1 AdvancedSIPLUS ET 200SP CP 1542SP-1 IRC TX RAILSIMATIC CP 1542SP-1 IRCSIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SIPLUS NET CP 1242-7 V2SIMATIC CP 443-1SIMATIC CP 1243-7 LTE USSIMATIC CP 1243-7 LTE EUSIPLUS NET CP 443-1siplus_s7-1200_cp_1243-1_railsimatic_cp_1543sp-1siplus_tim_1531_ircsiplus_et_200sp_cp_1542sp-1_irc_tx_railsimatic_cp_1243-1_dnp3siplus_net_cp_443-1_advancedsiplus_s7-1200_cp_1243-1simatic_cp_1243-7_lte_eusimatic_cp_1542sp-1_ircsimatic_cp_1243-1siplus_et_200sp_cp_1543sp-1_isecsimatic_cp_1242-7_v2tim_1531_ircsimatic_cp_1542sp-1simatic_cp_443-1siplus_net_cp_443-1simatic_cp_1243-8_ircsiplus_et_200sp_cp_1543sp-1_isec_tx_railsimatic_cp_1243-1_iecsimatic_cp_443-1_advancedsiplus_net_cp_1242-7_v2simatic_cp_1243-7_lte_us
CWE ID-CWE-833
Deadlock
CVE-2022-40225
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.23% / 45.34%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 14:19
Updated-03 Aug, 2024 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices.

Action-Not Available
Vendor-Siemens AG
Product-siplus_tim_1531_ircsiplus_tim_1531_irc_firmwareTIM 1531 IRCSIPLUS TIM 1531 IRCtim_1531_ircsiplus_tim_1531_irc
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2022-39158
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.29% / 51.46%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 00:00
Updated-12 Aug, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2100PNC (32M) V4.X, RUGGEDCOM RSG2100PNC (32M) V5.X, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Affected devices improperly handle partial HTTP requests which makes them vulnerable to slowloris attacks. This could allow a remote attacker to create a denial of service condition that persists until the attack ends.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rsg2100_\(32m\)ruggedcom_rsg2300pruggedcom_rsg907rruggedcom_rst916pruggedcom_rsg910cruggedcom_rsl910ruggedcom_rs900_\(32m\)ruggedcom_rosruggedcom_rsg920pruggedcom_rsg2300ruggedcom_rs416v2ruggedcom_rst916cruggedcom_rst2228ruggedcom_rst2228pruggedcom_rmc8388ruggedcom_rsg909rruggedcom_rsg908cruggedcom_rs416pv2ruggedcom_rsg2488ruggedcom_rsg2288ruggedcom_rs900g_\(32m\)RUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS900MNC-STND-XX-C01RUGGEDCOM RSG920P V4.XRUGGEDCOM RS401NCRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS920LNCRUGGEDCOM RS910LRUGGEDCOM RS930WRUGGEDCOM RSG2100NC(32M) V5.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2288NC V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600RUGGEDCOM i801NCRUGGEDCOM RS940GRUGGEDCOM RSG2100NC(32M) V4.XRUGGEDCOM i800NCRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RS8000NCRUGGEDCOM RS400FRUGGEDCOM RS900NC(32M) V4.XRUGGEDCOM RS920LRUGGEDCOM RMC8388 V4.XRUGGEDCOM RS8000HRUGGEDCOM RS900LNCRUGGEDCOM RS8000TRUGGEDCOM RS910NCRUGGEDCOM RS416PFRUGGEDCOM RS900GRUGGEDCOM M2100FRUGGEDCOM RS900M-STND-XXRUGGEDCOM RS900WRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS900MNC-STND-XXRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RSG910CRUGGEDCOM RSG2300PFRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS1600NCRUGGEDCOM RS969RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RSG909RRUGGEDCOM RS416FRUGGEDCOM RS900GPFRUGGEDCOM RSG2100PRUGGEDCOM RS930LNCRUGGEDCOM RS416PRUGGEDCOM RSG920P V5.XRUGGEDCOM RSG2200NCRUGGEDCOM RS8000HNCRUGGEDCOM RSG2300PNC V5.XRUGGEDCOM RSG2288 V5.XRUGGEDCOM RS1600FRUGGEDCOM RS416NCRUGGEDCOM RS930LRUGGEDCOM RSG907RRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS910WRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS940GNCRUGGEDCOM RS900GNCRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RMC8388NC V5.XRUGGEDCOM RS940GFRUGGEDCOM RS910LNCRUGGEDCOM RSG2288NC V4.XRUGGEDCOM RSG2488 V5.XRUGGEDCOM RMC30RUGGEDCOM RS900GFRUGGEDCOM RS8000ANCRUGGEDCOM RMC8388NC V4.XRUGGEDCOM RS1600TRUGGEDCOM M969FRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RS400NCRUGGEDCOM RS900MNC-GETS-C01RUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2488NC V4.XRUGGEDCOM M2200FRUGGEDCOM RP110RUGGEDCOM i801RUGGEDCOM RS416v2 V4.XRUGGEDCOM RS416NCv2 V4.XRUGGEDCOM RS8000TNCRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM RS900FRUGGEDCOM M2200RUGGEDCOM RS900MNC-GETS-XXRUGGEDCOM RSG2300NC V5.XRUGGEDCOM RS900GNC(32M) V4.XRUGGEDCOM RS900RUGGEDCOM RSG2100RUGGEDCOM M969NCRUGGEDCOM RS416PNCRUGGEDCOM RS1600FNCRUGGEDCOM RS400RUGGEDCOM RS900NC(32M) V5.XRUGGEDCOM RS1600TNCRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM M969RUGGEDCOM RS416PNCv2 V4.XRUGGEDCOM M2200NCRUGGEDCOM RS8000ARUGGEDCOM i803RUGGEDCOM RSG2100PNCRUGGEDCOM RSG920PNC V5.XRUGGEDCOM RSG2100NCRUGGEDCOM RSG2488FRUGGEDCOM RP110NCRUGGEDCOM RSG2200RUGGEDCOM RSG2488NC V5.XRUGGEDCOM RSL910NCRUGGEDCOM RS969NCRUGGEDCOM RS416RUGGEDCOM RST2228PRUGGEDCOM i800RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-GETS-XXRUGGEDCOM RST916PRUGGEDCOM RS416PNCv2 V5.XRUGGEDCOM RS416NCv2 V5.XRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSL910RUGGEDCOM RSG2100PFRUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RS900GPNCRUGGEDCOM RSG2100FRUGGEDCOM RSG2488 V4.XRUGGEDCOM i802RUGGEDCOM RS900GNC(32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS401RUGGEDCOM RSG2300NC V4.XRUGGEDCOM RSG920PNC V4.XRUGGEDCOM i802NCRUGGEDCOM i803NCRUGGEDCOM M2100RUGGEDCOM RSG2300FRUGGEDCOM RSG2300PNC V4.XRUGGEDCOM RS900NCRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RMC30NCRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSG2200FRUGGEDCOM M2100NCRUGGEDCOM RSG2100P (32M) V5.X
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-38371
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.51% / 65.57%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-13 May, 2025 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC00-U (All versions >= V2.3 < V6.30.37), Desigo PXC001-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC100-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC12-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC128-U (All versions >= V2.3 < V6.30.37), Desigo PXC200-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC36.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC50-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC64-U (All versions >= V2.3 < V6.30.37), Desigo PXM20-E (All versions >= V2.3 < V6.30.37), Nucleus NET for Nucleus PLUS V1 (All versions < V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions < V5.4), Nucleus ReadyStart V3 V2012 (All versions < V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions < V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions < V3.5.7), TALON TC Modular (BACnet) (All versions < V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.

Action-Not Available
Vendor-Siemens AG
Product-talon_tc_compactdesigo_pxm20-edesigo_pxc22.1-e.dapogee_pxc_compactdesigo_pxc001-e.d_firmwaredesigo_pxc12-e.dapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwaredesigo_pxc200-e.d_firmwareapogee_modular_equiment_controllerdesigo_pxc100-e.dapogee_modular_building_controllerdesigo_pxc001-e.dapogee_pxc_modular_firmwaredesigo_pxc22.1-e.d_firmwaredesigo_pxc50-e.dapogee_modular_building_controller_firmwaredesigo_pxc12-e.d_firmwaredesigo_pxc22-e.ddesigo_pxc22-e.d_firmwaredesigo_pxc00-u_firmwarenucleus_readystart_v3desigo_pxc00-e.ddesigo_pxc100-e.d_firmwaredesigo_pxc200-e.ddesigo_pxc00-e.d_firmwaredesigo_pxc50-e.d_firmwarenucleus_netdesigo_pxc64-utalon_tc_compact_firmwaredesigo_pxc36.1-e.d_firmwaredesigo_pxc64-u_firmwaredesigo_pxc128-udesigo_pxc00-uapogee_pxc_modulardesigo_pxm20-e_firmwaredesigo_pxc36.1-e.ddesigo_pxc128-u_firmwarenucleus_source_codeDesigo PXC22.1-E.DAPOGEE PXC Modular (P2 Ethernet)Nucleus ReadyStart V3 V2017Desigo PXC50-E.DDesigo PXC64-UDesigo PXC001-E.DAPOGEE PXC Compact (P2 Ethernet)Desigo PXC36.1-E.DNucleus NET for Nucleus PLUS V1TALON TC Compact (BACnet)APOGEE PXC Modular (BACnet)APOGEE MBC (PPC) (P2 Ethernet)Desigo PXC22-E.DTALON TC Modular (BACnet)Desigo PXC100-E.DAPOGEE PXC Compact (BACnet)APOGEE MEC (PPC) (BACnet)Desigo PXC00-UDesigo PXC00-E.DDesigo PXC200-E.DDesigo PXM20-EAPOGEE MEC (PPC) (P2 Ethernet)APOGEE MBC (PPC) (BACnet)Nucleus Source CodeDesigo PXC12-E.DNucleus NET for Nucleus PLUS V2Desigo PXC128-UNucleus ReadyStart V3 V2012
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 36
  • 37
  • Next
Details not found