Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-24040

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-10 May, 2022 | 09:46
Updated At-03 Aug, 2024 | 03:59
Rejected At-
Credits

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:10 May, 2022 | 09:46
Updated At:03 Aug, 2024 | 03:59
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account.

Affected Products
Vendor
Siemens AGSiemens
Product
Desigo DXR2
Versions
Affected
  • All versions < V01.21.142.5-22
Vendor
Siemens AGSiemens
Product
Desigo PXC3
Versions
Affected
  • All versions < V01.21.142.4-18
Vendor
Siemens AGSiemens
Product
Desigo PXC4
Versions
Affected
  • All versions < V02.20.142.10-10884
Vendor
Siemens AGSiemens
Product
Desigo PXC5
Versions
Affected
  • All versions < V02.20.142.10-10884
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400: Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400: Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf
x_refsource_MISC
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf
x_refsource_MISC
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:10 May, 2022 | 11:15
Updated At:06 Oct, 2022 | 02:50

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P
CPE Matches
Siemens AG
siemens
>>desigo_pxc5_firmware>>Versions before 02.20.142.10-10884(exclusive)
cpe:2.3:o:siemens:desigo_pxc5_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>desigo_pxc5>>-
cpe:2.3:h:siemens:desigo_pxc5:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>desigo_pxc4_firmware>>Versions before 02.20.142.10-10884(exclusive)
cpe:2.3:o:siemens:desigo_pxc4_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>desigo_pxc4>>-
cpe:2.3:h:siemens:desigo_pxc4:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>desigo_pxc3_firmware>>Versions before 01.21.142.4-18(exclusive)
cpe:2.3:o:siemens:desigo_pxc3_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>desigo_pxc3>>-
cpe:2.3:h:siemens:desigo_pxc3:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>desigo_dxr2_firmware>>Versions before 01.21.142.5-22(exclusive)
cpe:2.3:o:siemens:desigo_dxr2_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>desigo_dxr2>>-
cpe:2.3:h:siemens:desigo_dxr2:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Primarynvd@nist.gov
CWE-400Secondaryproductcert@siemens.com
CWE ID: CWE-400
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-400
Type: Secondary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

341Records found
CVE-2023-44321
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-5.1||MEDIUM
EPSS-0.06% / 19.84%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 11:04
Updated-12 Aug, 2025 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again.

Action-Not Available
Vendor-Siemens AG
Product-6gk5328-4ss00-2ar3_firmware6gk5206-2bb00-2ac26ag1206-2bs00-7ac2_firmware6gk5208-0ga00-2ac2_firmware6gk5204-0ba00-2gf2_firmware6gk5208-0ha00-2ts6_firmware6ag1216-4bs00-7ac26gk5324-0ba00-3ar36gk5205-3bf00-2tb2_firmware6gk5208-0ba00-2tb2_firmware6gk5216-3rs00-2ac26gk5208-0ga00-2ac26gk5213-3bb00-2tb2_firmware6gk5206-2rs00-5ac26gk5224-4gs00-2ac26gk5328-4fs00-3rr3_firmware6gk5216-0ha00-2es6_firmware6gk5204-0ba00-2gf26gk5326-2qs00-3rr3_firmware6gk5328-4fs00-2ar3_firmware6gk5216-0ha00-2ts6_firmware6gk5328-4fs00-3ar36gk5206-2rs00-2ac2_firmware6gk5213-3bd00-2ab2_firmware6gk5205-3bb00-2ab26gk5208-0ga00-2tc2_firmware6gk5213-3bd00-2tb26gk5204-0ba00-2yf2_firmware6gk5206-2rs00-5ac2_firmware6gk5206-2gs00-2fc2_firmware6gk5224-0ba00-2ac2_firmware6gk5216-0ba00-2ac2_firmware6gk5205-3bb00-2tb26gk5324-0ba00-2ar3_firmware6gk5216-4gs00-2fc2_firmware6gk5208-0ua00-5es66ag1208-0ba00-7ac26gk5224-4gs00-2fc2_firmware6gk5328-4fs00-2ar36gk5213-3bf00-2tb2_firmware6gk5205-3bb00-2tb2_firmware6gk5208-0ra00-2ac2_firmware6gk5224-4gs00-2tc26gk5216-0ba00-2ac26gk5324-0ba00-3ar3_firmware6gk5216-4bs00-2ac26gk5224-4gs00-2ac2_firmware6gk5326-2qs00-3ar3_firmware6gk5324-0ba00-2ar36gk5208-0ga00-2tc26gk5213-3bf00-2ab26gk5216-0ha00-2as66gk5216-0ha00-2es66gk5216-4gs00-2tc26gk5206-2bd00-2ac26gk5224-0ba00-2ac26gk5328-4fs00-2rr3_firmware6gk5206-2rs00-5fc26gk5206-2gs00-2tc2_firmware6gk5208-0ua00-5es6_firmware6gk5206-2gs00-2tc26gk5216-0ua00-5es66gk5213-3bf00-2ab2_firmware6gk5205-3bf00-2ab26ag1206-2bb00-7ac2_firmware6gk5208-0ga00-2fc26gk5213-3bd00-2tb2_firmware6gk5208-0ga00-2fc2_firmware6gk5213-3bf00-2tb26gk5328-4fs00-2rr36gk5213-3bb00-2tb26gk5216-0ba00-2ab26gk5216-0ba00-2fc2_firmware6gk5204-2aa00-2yf26gk5213-3bd00-2ab26gk5206-2gs00-2fc26gk5206-2gs00-2ac26gk5205-3bb00-2ab2_firmware6gk5208-0ba00-2fc2_firmware6gk5208-0ba00-2ab26gk5204-2aa00-2gf26gk5208-0ba00-2ac2_firmware6gk5216-0ba00-2fc26gk5328-4ss00-3ar36gk5216-3rs00-5ac26gk5208-0ba00-2tb26gk5206-2rs00-5fc2_firmware6gk5206-2bs00-2ac26gk5328-4fs00-3rr36gk5205-3bd00-2ab26gk5224-4gs00-2tc2_firmware6gk5224-4gs00-2fc26gk5208-0ba00-2ac26gk5206-2bs00-2fc26gk5208-0ha00-2as6_firmware6gk5206-2bs00-2ac2_firmware6gk5208-0ra00-2ac26gk5205-3bf00-2tb26gk5216-0ua00-5es6_firmware6gk5216-4gs00-2ac26gk5208-0ha00-2as66gk5205-3bd00-2tb26ag1206-2bs00-7ac26gk5204-0ba00-2yf26gk5208-0ha00-2ts66gk5208-0ra00-5ac26gk5213-3bb00-2ab26gk5216-0ba00-2ab2_firmware6gk5216-0ha00-2ts66gk5208-0ba00-2fc26gk5216-0ba00-2tb2_firmware6gk5206-2gs00-2ac2_firmware6gk5326-2qs00-3rr36gk5216-4bs00-2ac2_firmware6gk5216-4gs00-2ac2_firmware6gk5206-2bs00-2fc2_firmware6gk5205-3bd00-2ab2_firmware6gk5328-4ss00-2ar36ag1216-4bs00-7ac2_firmware6gk5208-0ha00-2es6_firmware6gk5205-3bf00-2ab2_firmware6gk5216-3rs00-2ac2_firmware6ag1206-2bb00-7ac26gk5204-2aa00-2gf2_firmware6gk5208-0ra00-5ac2_firmware6gk5216-4gs00-2tc2_firmware6gk5208-0ha00-2es66gk5328-4ss00-3ar3_firmware6gk5216-3rs00-5ac2_firmware6gk5204-2aa00-2yf2_firmware6gk5216-0ha00-2as6_firmware6gk5216-4gs00-2fc26gk5206-2bd00-2ac2_firmware6gk5328-4fs00-3ar3_firmware6gk5208-0ba00-2ab2_firmware6gk5205-3bd00-2tb2_firmware6ag1208-0ba00-7ac2_firmware6gk5326-2qs00-3ar36gk5206-2rs00-2ac26gk5206-2bb00-2ac2_firmware6gk5213-3bb00-2ab2_firmware6gk5216-0ba00-2tb2SCALANCE XC208SCALANCE XB213-3 (ST, E/IP)SCALANCE M876-3SCALANCE XR326-2C PoE WGSCALANCE MUM853-1 (EU)SCALANCE XB205-3 (ST, PN)SCALANCE XC216-4C G EECSCALANCE M812-1 ADSL-Router familySCALANCE XB208 (E/IP)SCALANCE XP208SCALANCE XP208GSCALANCE S615 LAN-RouterSCALANCE XP216G EECSCALANCE MUM853-1 (B1)SCALANCE XP216EEC (V2)SCALANCE M804PBSCALANCE XP208G PoE EECSIPLUS NET SCALANCE XC208SCALANCE XB205-3LD (SC, E/IP)SCALANCE XP216SCALANCE XC206-2G PoE (54 V DC)SCALANCE S615 EEC LAN-RouterSCALANCE XP208PoE EECSCALANCE M876-4SCALANCE XB213-3LD (SC, PN)SCALANCE MUM856-1 (EU)SCALANCE MUM856-1 (RoW)SCALANCE XB213-3 (ST, PN)SCALANCE M816-1 ADSL-Router familySCALANCE XF204-2BASCALANCE XC216-4C G (EIP Def.)SIPLUS NET SCALANCE XC206-2SCALANCE XC208G PoE (54 V DC)SCALANCE M874-2SCALANCE XB206-2 STSIPLUS NET SCALANCE XC206-2SFPSCALANCE XP216GSCALANCE XC206-2G PoE EEC (54 V DC)SCALANCE XC206-2G PoESCALANCE XC216SCALANCE XB213-3 (SC, PN)SCALANCE XC216-3G PoE (54 V DC)SCALANCE XF204GSCALANCE XB206-2 (ST/BFOC)SCALANCE MUM856-1 (A1)SCALANCE XC206-2 (ST/BFOC)SCALANCE XC224SCALANCE M874-3 3G-Router (CN)SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE XC206-2SFP EECSCALANCE XP208EECSCALANCE XP216G PoE EECSCALANCE MUM856-1 (CN)SCALANCE XC216EECSCALANCE XF204-2BA DNASCALANCE XC206-2 (SC)SCALANCE M826-2 SHDSL-RouterSCALANCE XC216-4C GSCALANCE XC216-3G PoESCALANCE M874-3SCALANCE XP216PoE EEC (V2)SCALANCE XB206-2LDSCALANCE XC224-4C G EECSCALANCE XC208EECSCALANCE XC208GSCALANCE XB208 (PN)SCALANCE XB216 (E/IP)SCALANCE XC206-2SFP G EECSCALANCE XF204SCALANCE XP208G EECSCALANCE XP216 (Ethernet/IP)SCALANCE XC206-2SFP GSCALANCE XC206-2SFP G (EIP DEF.)SCALANCE MUM856-1 (B1)SCALANCE XB205-3 (ST, E/IP)SCALANCE XR324WG (24 X FE, DC 24V)SCALANCE XR328-4C WG (28xGE, DC 24V)SCALANCE XB206-2 SCSIPLUS NET SCALANCE XC216-4CSCALANCE XC208G PoESCALANCE XR324WG (24 x FE, AC 230V)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE MUM853-1 (A1)SCALANCE XC224-4C G (EIP Def.)SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SCALANCE XC216-4CSCALANCE XB216 (PN)SCALANCE XP216EECSCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE XR328-4C WG (28xGE, AC 230V)SCALANCE XC224-4C GSCALANCE M876-4 (EU)SCALANCE XP208G PPSCALANCE XB213-3LD (SC, E/IP)SCALANCE XB213-3 (SC, E/IP)SCALANCE XB205-3LD (SC, PN)SCALANCE M876-3 (ROK)SCALANCE XB205-3 (SC, PN)SCALANCE XC208G EECSCALANCE XP216POE EECSCALANCE XR326-2C PoE WG (without UL)SCALANCE M876-4 (NAM)SCALANCE XP216 (V2)SCALANCE XB206-2 (SC)SCALANCE XP208 (Ethernet/IP)SCALANCE XC206-2SFPSCALANCE XB206-2 LDSCALANCE XC208G (EIP def.)SCALANCE XF204 DNA
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-5380
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-4.3||MEDIUM
EPSS-1.40% / 79.65%
||
7 Day CHG~0.00%
Published-19 Feb, 2018 | 13:00
Updated-17 Sep, 2024 | 01:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.

Action-Not Available
Vendor-quaggaQuaggaDebian GNU/LinuxSiemens AGCanonical Ltd.
Product-ubuntu_linuxdebian_linuxquaggaruggedcom_rox_ii_firmwareruggedcom_rox_iibgpd
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4856
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-4.9||MEDIUM
EPSS-0.23% / 45.96%
||
7 Day CHG~0.00%
Published-03 Jul, 2018 | 14:00
Updated-17 Sep, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users.

Action-Not Available
Vendor-Siemens AG
Product-siclock_tc400siclock_tc400_firmwaresiclock_tc100_firmwaresiclock_tc100SICLOCK TC100, SICLOCK TC400
CWE ID-CWE-287
Improper Authentication
CVE-2022-46144
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.38% / 58.51%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-21 Apr, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V2.3), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V2.3), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V2.3), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V2.3), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V2.3), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V2.3), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V2.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V2.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V2.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V2.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V2.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V2.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V2.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V2.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V2.0.0). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive.

Action-Not Available
Vendor-Siemens AG
Product-6gk5642-2gs00-2ac26gk5632-2gs00-2ac2_firmware6gk5622-2gs00-2ac2_firmware6gk5646-2gs00-2ac26gk5636-2gs00-2ac26gk5636-2gs00-2ac2_firmware6gk5646-2gs00-2ac2_firmware6gk5642-2gs00-2ac2_firmware6gk5626-2gs00-2ac26gk5632-2gs00-2ac26gk5626-2gs00-2ac2_firmware6gk5622-2gs00-2ac2SCALANCE WAM763-1SCALANCE WAM766-1 EEC (US)SCALANCE WAM766-1 EECSCALANCE WUM766-1 (USA)SCALANCE WAM766-1 (US)SCALANCE SC646-2CSCALANCE SC632-2CSCALANCE SC642-2CSCALANCE WAM766-1SCALANCE SC636-2CSCALANCE SC622-2CSCALANCE SC626-2CSCALANCE WUM763-1SCALANCE WUM766-1
CWE ID-CWE-664
Improper Control of a Resource Through its Lifetime
CVE-2015-7855
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-60.88% / 98.23%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxNetApp, Inc.Siemens AG
Product-oncommand_unified_manageroncommand_performance_manageroncommand_balancetim_4r-ie_dnp3_firmwareclustered_data_ontaptim_4r-ie_dnp3debian_linuxtim_4r-ie_firmwaretim_4r-ientpdata_ontapn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2025-40593
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.06% / 19.20%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 10:34
Updated-21 Aug, 2025 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0). The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cn_4100SIMATIC CN 4100
CWE ID-CWE-20
Improper Input Validation
CVE-2021-25214
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
CVSS Score-6.5||MEDIUM
EPSS-0.48% / 64.16%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 00:55
Updated-17 Sep, 2024 | 00:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.Debian GNU/LinuxNetApp, Inc.Siemens AGFedora Project
Product-aff_500f_firmwareh300eh500scloud_backuph300s_firmwareactive_iq_unified_managerh410sh300ssinec_infrastructure_network_servicesh300e_firmwaredebian_linuxh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareaff_a250aff_500fh700ebindh700e_firmwareh700saff_a250_firmwareBIND9
CWE ID-CWE-617
Reachable Assertion
CVE-2025-24812
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:29
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1212C AC/DC/Rly (6ES7212-1BE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1212C DC/DC/DC (6ES7212-1AE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1212C DC/DC/Rly (6ES7212-1HE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1212FC DC/DC/DC (6ES7212-1AF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1212FC DC/DC/Rly (6ES7212-1HF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1214C AC/DC/Rly (6ES7214-1BG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1214C DC/DC/DC (6ES7214-1AG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1214C DC/DC/Rly (6ES7214-1HG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1214FC DC/DC/DC (6ES7214-1AF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1214FC DC/DC/Rly (6ES7214-1HF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1215C AC/DC/Rly (6ES7215-1BG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1215C DC/DC/DC (6ES7215-1AG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1215C DC/DC/Rly (6ES7215-1HG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1215FC DC/DC/DC (6ES7215-1AF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1215FC DC/DC/Rly (6ES7215-1HF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL (6AG2212-1AE40-1XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL (6AG2214-1AG40-1XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214FC DC/DC/DC (6AG1214-1AF40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214FC DC/DC/RLY (6AG1214-1HF40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215C DC/DC/DC (6AG1215-1AG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215FC DC/DC/DC (6AG1215-1AF40-5XB0) (All versions < V4.7). Affected devices do not process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC S7-1200 CPU 1212C DC/DC/DCSIMATIC S7-1200 CPU 1214C AC/DC/RlySIPLUS S7-1200 CPU 1215 DC/DC/DCSIMATIC S7-1200 CPU 1212C DC/DC/RlySIMATIC S7-1200 CPU 1211C DC/DC/RlySIMATIC S7-1200 CPU 1215FC DC/DC/RlySIMATIC S7-1200 CPU 1214C DC/DC/RlySIMATIC S7-1200 CPU 1215C DC/DC/RlySIPLUS S7-1200 CPU 1214 DC/DC/DCSIMATIC S7-1200 CPU 1212C AC/DC/RlySIMATIC S7-1200 CPU 1211C AC/DC/RlySIPLUS S7-1200 CPU 1214FC DC/DC/RLYSIPLUS S7-1200 CPU 1215C DC/DC/DCSIMATIC S7-1200 CPU 1214FC DC/DC/RlySIPLUS S7-1200 CPU 1214C DC/DC/DC RAILSIPLUS S7-1200 CPU 1215 AC/DC/RLYSIMATIC S7-1200 CPU 1214FC DC/DC/DCSIPLUS S7-1200 CPU 1214 DC/DC/RLYSIPLUS S7-1200 CPU 1212 AC/DC/RLYSIPLUS S7-1200 CPU 1214FC DC/DC/DCSIPLUS S7-1200 CPU 1212C DC/DC/DC RAILSIPLUS S7-1200 CPU 1214 AC/DC/RLYSIPLUS S7-1200 CPU 1212 DC/DC/RLYSIMATIC S7-1200 CPU 1214C DC/DC/DCSIMATIC S7-1200 CPU 1212FC DC/DC/RlySIPLUS S7-1200 CPU 1215 DC/DC/RLYSIMATIC S7-1200 CPU 1215C DC/DC/DCSIMATIC S7-1200 CPU 1211C DC/DC/DCSIPLUS S7-1200 CPU 1215FC DC/DC/DCSIMATIC S7-1200 CPU 1217C DC/DC/DCSIMATIC S7-1200 CPU 1215C AC/DC/RlySIPLUS S7-1200 CPU 1212C DC/DC/DCSIMATIC S7-1200 CPU 1212FC DC/DC/DCSIMATIC S7-1200 CPU 1215FC DC/DC/DC
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2022-40225
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.23% / 45.34%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 14:19
Updated-03 Aug, 2024 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices.

Action-Not Available
Vendor-Siemens AG
Product-siplus_tim_1531_ircsiplus_tim_1531_irc_firmwareTIM 1531 IRCSIPLUS TIM 1531 IRCtim_1531_ircsiplus_tim_1531_irc
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2013-0669
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4||MEDIUM
EPSS-0.17% / 38.10%
||
7 Day CHG~0.00%
Published-21 Mar, 2013 | 14:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.

Action-Not Available
Vendor-n/aSiemens AG
Product-wincc_tia_portaln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6867
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-4.9||MEDIUM
EPSS-0.61% / 68.87%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_wincc_runtimesimatic_winccsimatic_wincc_\(tia_portal\)Siemens SIMATIC WinCC
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34467
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.44% / 62.14%
||
7 Day CHG~0.00%
Published-12 Jul, 2022 | 10:07
Updated-03 Aug, 2024 | 09:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Mendix Excel Importer Module (Mendix 8 compatible) (All versions < V9.2.2), Mendix Excel Importer Module (Mendix 9 compatible) (All versions < V10.1.2). The affected component is vulnerable to XML Entity Expansion Injection. An attacker may use this to compromise the availability of the affected component.

Action-Not Available
Vendor-mendixSiemens AG
Product-excel_importerMendix Excel Importer Module (Mendix 9 compatible)Mendix Excel Importer Module (Mendix 8 compatible)
CWE ID-CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CVE-2020-14405
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.30% / 78.86%
||
7 Day CHG~0.00%
Published-17 Jun, 2020 | 15:11
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.

Action-Not Available
Vendor-libvnc_projectn/aDebian GNU/LinuxSiemens AGCanonical Ltd.
Product-simatic_itc1500_pro_firmwareubuntu_linuxdebian_linuxsimatic_itc1500_prosimatic_itc1500simatic_itc1900simatic_itc1900_firmwaresimatic_itc1900_pro_firmwaresimatic_itc1500_firmwaresimatic_itc2200_firmwaresimatic_itc2200_prosimatic_itc2200_pro_firmwarelibvncserversimatic_itc1900_prosimatic_itc2200n/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-10927
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.61% / 68.76%
||
7 Day CHG~0.00%
Published-13 Aug, 2019 | 18:55
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SCALANCE XP-200 (V4.1), SCALANCE XR-300WG (V4.1). An authenticated attacker with network access to to port 22/tcp of an affected device may cause a Denial-of-Service condition. The security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the availability of the affected device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xp-200_firmwarescalance_xb-200_firmwarescalance_xf-200ba_firmwarescalance_xc-200_firmwarescalance_xc-200scalance_xb-200scalance_xr-300wg_firmwarescalance_xr-300wgscalance_xp-200scalance_xf-200baSCALANCE XR-300WGSCALANCE XF-200BASCALANCE SC-600SCALANCE XP-200SCALANCE XC-200SCALANCE XB-200
CWE ID-CWE-703
Improper Check or Handling of Exceptional Conditions
CVE-2024-33495
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.49% / 64.65%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:02
Updated-02 Aug, 2024 | 02:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). The affected application does not properly limit the size of specific logs. This could allow an unauthenticated remote attacker to exhaust system resources by creating a great number of log entries which could potentially lead to a denial of service condition. A successful exploitation requires the attacker to have access to specific SIMATIC RTLS Locating Manager Clients in the deployment.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC RTLS Locating Managersimatic_rtls_locating_manager
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-39869
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.48% / 64.19%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-01 May, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected products allow to upload certificates. An authenticated attacker could upload a crafted certificates leading to a permanent denial-of-service situation. In order to recover from such an attack, the offending certificate needs to be removed manually.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Server
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2017-14023
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4.9||MEDIUM
EPSS-2.77% / 85.45%
||
7 Day CHG~0.00%
Published-06 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_pcs7simatic_winccSiemens SIMATIC PCS 7
CWE ID-CWE-20
Improper Input Validation
CVE-2018-5391
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-1.73% / 81.69%
||
7 Day CHG~0.00%
Published-06 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Canonical Ltd.F5, Inc.Siemens AGLinux Kernel Organization, IncMicrosoft Corporation
Product-ubuntu_linuxbig-ip_webacceleratorbig-ip_application_acceleration_managerenterprise_linux_server_euswindows_8.1big-ip_policy_enforcement_managerenterprise_linux_server_ausscalance_sc-600_firmwaresimatic_rf188_firmwareruggedcom_rm1224_firmwarebig-ip_local_traffic_managersimatic_net_cp_1243-7_lte_uswindows_10simatic_net_cp_1243-7_lte_us_firmwarescalance_w700_ieee_802.11a\/b\/g\/nsinema_remote_connect_serverenterprise_linux_workstationsimatic_net_cp_1243-1simatic_net_cp_1243-7_lte_eu_firmwaresimatic_rf185c_firmwarescalance_s615_firmwaresimatic_net_cp_1543sp-1enterprise_linux_desktopsimatic_net_cp_1543-1scalance_m-800_firmwaresimatic_net_cp_1242-7_firmwaresimatic_net_cp_1542sp-1_firmwarebig-ip_domain_name_systemsimatic_net_cp_1543sp-1_firmwarescalance_w1700_ieee_802.11ac_firmwareruggedcom_rox_iisimatic_net_cp_1542sp-1big-ip_edge_gatewaydebian_linuxlinux_kernelsimatic_net_cp_1543-1_firmwarescalance_sc-600simatic_net_cp_1242-7simatic_net_cp_1243-1_firmwarewindows_server_2008simatic_net_cp_1542sp-1_irc_firmwareenterprise_linux_serverwindows_server_2016windows_server_2012simatic_rf188big-ip_fraud_protection_serviceruggedcom_rox_ii_firmwarescalance_w700_ieee_802.11a\/b\/g\/n_firmwaresimatic_rf186c_firmwaresimatic_net_cp_1542sp-1_ircbig-ip_application_security_managerruggedcom_rm1224simatic_rf185cscalance_s615simatic_rf186cisimatic_net_cp_1243-8_ircbig-ip_access_policy_managersimatic_net_cp_1243-8_irc_firmwaresimatic_rf186ci_firmwaresimatic_rf188ci_firmwaresinema_remote_connect_server_firmwarewindows_rt_8.1big-ip_global_traffic_managerbig-ip_analyticssimatic_rf186cbig-ip_link_controllerscalance_w1700_ieee_802.11acwindows_7scalance_m-800enterprise_linux_server_tusbig-ip_advanced_firewall_managersimatic_rf188cisimatic_net_cp_1243-7_lte_euKernel
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-20
Improper Input Validation
CVE-2018-4837
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.48% / 80.20%
||
7 Day CHG~0.00%
Published-25 Jan, 2018 | 14:00
Updated-16 Sep, 2024 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with access to the TeleControl Server Basic's webserver (port 80/tcp or 443/tcp) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-7584
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.16%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:18
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-200 SMART CPU family (All versions >= V2.2 < V2.5.1). Affected devices do not properly handle large numbers of new incomming connections and could crash under certain circumstances. An attacker may leverage this to cause a Denial-of-Service situation.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-200_smart_sr_cpusimatic_s7-200_smart_sr_cpu_firmwaresimatic_s7-200_smart_st_cpu_firmwaresimatic_s7-200_smart_st_cpuSIMATIC S7-200 SMART CPU family
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-23814
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.20% / 42.48%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:28
Updated-10 Jul, 2025 | 10:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication services are not affected. Affected devices will resume normal operation after the attack terminates.

Action-Not Available
Vendor-Siemens AG
Product-SIPLUS S7-1200 CPU 1212 AC/DC/RLYSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 319F-3 PN/DPSIMATIC ET 200SP CPU 1512SP F-1 PNSIMATIC TDC CPU555SIPLUS S7-1200 CPU 1214FC DC/DC/DCSIMATIC ET 200pro IM 154-4 PN HFSIPLUS S7-1200 CPU 1215FC DC/DC/DCSIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIMATIC S7-300 CPU 317F-2 PN/DPSIWAREX WP241SIPLUS S7-1200 CPU 1215 AC/DC/RLYSIMATIC ET 200SP IM 155-6 PN HFSIPLUS ET 200S IM151-3 PN HFSIPLUS ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1200 CPU 1211C DC/DC/DCSIMATIC ET 200AL IM 157-1 PNSIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)SIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC ET 200SP IM 155-6 PN/2 HFSIMATIC S7-1500 CPU 1513-1 PNSIDOOR ATD430WSIPLUS ET 200S IM 151-8F PN/DP CPUSIMATIC S7-1500 CPU 1511-1 PNSIMATIC ET 200S IM 151-3 PN FOSIMATIC S7-300 CPU 315T-3 PN/DPSIMATIC S7-1200 CPU 1215C DC/DC/DCSIPLUS NET PN/PN CouplerSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC ET 200SP IM 155-6 PN ST BASIMATIC ET 200MP IM 155-5 PN STSIMATIC S7-1200 CPU 1212C AC/DC/RlySIMATIC ET 200SP CPU 1512SP-1 PNSIWAREX WP521 STSIMATIC ET 200S IM 151-8 PN/DP CPUSIMATIC Power Line Booster PLB, Modem Module STSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC CFU DIQSIPLUS HCS4200 CIM4210CSINUMERIK 840D slSIMATIC S7-1200 CPU 1212C DC/DC/DCSIMATIC S7-1500 CPU 1516F-3 PN/DPSIPLUS ET 200M IM 153-4 PN IO STSIPLUS HCS4300 CIM4310SIPLUS S7-1200 CPU 1214 DC/DC/DCSIPLUS S7-1500 CPU 1511-1 PNSIMATIC ET 200SP IM 155-6 PN BASIMATIC S7-300 CPU 317T-3 PN/DPSIPLUS ET 200SP IM 155-6 PN HFSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC PN/PN CouplerSIPLUS S7-1500 CPU 1516-3 PN/DPSIMATIC S7-1200 CPU 1214FC DC/DC/RlySIMATIC ET 200M IM 153-4 PN IO HFSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM 154-3 PN HFSIPLUS ET 200M IM 153-4 PN IO HFSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC S7-1200 CPU 1214C AC/DC/RlySIPLUS ET 200S IM 151-8 PN/DP CPUSIMATIC ET 200pro IM 154-8FX PN/DP CPUSIMATIC ET 200S IM 151-3 PN STSIMATIC CFU PASIPLUS S7-1200 CPU 1212C DC/DC/DC RAILSIPLUS S7-1200 CPU 1212C DC/DC/DCSIMATIC ET 200MP IM 155-5 PN BASIDOOR ATE530S COATEDSIPLUS S7-1200 CPU 1215 DC/DC/DCSIPLUS S7-1500 CPU 1516F-3 PN/DPSIPLUS S7-1200 CPU 1214 DC/DC/RLYSIPLUS S7-1200 CPU 1214 AC/DC/RLYSIMATIC S7-1500 CPU 1515F-2 PNSIPLUS S7-1200 CPU 1214FC DC/DC/RLYSIPLUS S7-1200 CPU 1212 DC/DC/RLYSIMATIC S7-1500 CPU 1513F-1 PNSIMOCODE pro V PROFINETSIWAREX WP522 STSIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMATIC ET 200S IM 151-3 PN HSSIMATIC S7-1200 CPU 1212FC DC/DC/DCSIPLUS HCS4200 CIM4210SIMATIC S7-1200 CPU 1212FC DC/DC/RlySIMATIC S7-1200 CPU 1215C DC/DC/RlySIMATIC ET 200S IM 151-8F PN/DP CPUSIMATIC ET 200pro IM 154-8 PN/DP CPUSIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)SIPLUS S7-1500 CPU 1513-1 PNSIMATIC S7-1200 CPU 1212C DC/DC/RlySIMATIC S7-1200 CPU 1215FC DC/DC/RlySIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIPLUS S7-1200 CPU 1215 DC/DC/RLYSIMATIC Power Line Booster PLB, Base ModuleSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC ET 200S IM 151-3 PN HFSIPLUS S7-1200 CPU 1214C DC/DC/DC RAILSIWAREX WP251SIMATIC TDC CP51M1SIPLUS S7-300 CPU 315-2 PN/DPSIPLUS S7-300 CPU 314C-2 PN/DPSIMATIC S7-1200 CPU 1211C AC/DC/RlySIPLUS ET 200MP IM 155-5 PN STSIPLUS ET 200SP IM 155-6 PN STSIPLUS S7-1500 CPU 1511F-1 PNSIMATIC ET 200SP CPU 1510SP-1 PNSIMATIC S7-1200 CPU 1215C AC/DC/RlySIMATIC S7-1200 CPU 1214FC DC/DC/DCSIWAREX WP231SIMATIC S7-1200 CPU 1217C DC/DC/DCSIMATIC S7-1500 CPU 1516-3 PN/DPSIDOOR ATE530G COATEDSIMATIC S7-1200 CPU 1214C DC/DC/DCSIPLUS ET 200S IM151-3 PN STSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC S7-1200 CPU 1211C DC/DC/RlySIMATIC S7-1500 CPU 1515-2 PNSIMATIC S7-1200 CPU 1215FC DC/DC/DCSIMATIC ET 200SP IM 155-6 PN/3 HFSIMATIC ET 200SP IM 155-6 PN STSIMATIC ET 200M IM 153-4 PN IO STSIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SIMATIC S7-1200 CPU 1214C DC/DC/RlySIMATIC S7-300 CPU 317-2 PN/DPSIMATIC ET 200SP IM 155-6 PN HSSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIPLUS S7-1200 CPU 1215C DC/DC/DCSIMATIC ET 200SP IM 155-6 MF HFSIPLUS ET 200SP IM 155-6 PN ST TX RAILSIPLUS ET 200MP IM 155-5 PN HFSIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC ET 200SP CPU 1510SP F-1 PNSIMATIC ET 200pro IM 154-8F PN/DP CPU
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-3749
Matching Score-6
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-6
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-8.37% / 91.93%
||
7 Day CHG-0.21%
Published-31 Aug, 2021 | 10:36
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Inefficient Regular Expression Complexity in axios/axios

axios is vulnerable to Inefficient Regular Expression Complexity

Action-Not Available
Vendor-axiosaxiosOracle CorporationSiemens AG
Product-sinec_insgoldengateaxiosaxios/axios
CWE ID-CWE-1333
Inefficient Regular Expression Complexity
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-46352
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.29% / 51.46%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products.

Action-Not Available
Vendor-Siemens AG
Product-6gk5204-0bs00-3pa36gk5204-0ba00-2mb2_firmware6gk5204-0ba00-2kb2_firmware6gk5204-0ba00-2mb26gk5204-0ba00-2kb26gk5204-0bs00-3la3_firmware6gk5204-0bs00-2na3_firmware6gk5204-0bs00-3pa3_firmware6gk5204-0bs00-2na36gk5204-0bs00-3la3SCALANCE X204RNA (HSR)SCALANCE X204RNA EEC (PRP/HSR)SCALANCE X204RNA EEC (PRP)SCALANCE X204RNA EEC (HSR)SCALANCE X204RNA (PRP)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-40766
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 1.77%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 11:17
Updated-15 Aug, 2025 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service (DoS) attack.

Action-Not Available
Vendor-Siemens AG
Product-sinec_traffic_analyzerSINEC Traffic Analyzer
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-13805
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.71%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 17:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 incl. F (All versions >= V2.0 and < V2.5). An attacker can cause a denial-of-service condition on the network stack by sending a large number of specially crafted packets to the PLC. The PLC will lose its ability to communicate over the network. This vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no privileges and no user interaction. An attacker could use this vulnerability to compromise availability of the network connectivity. At the time of advisory publication no public exploitation of this vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500fsimatic_et_200spsimatic_et_200sp_firmwaresimatic_s7-1500_firmwaresimatic_s7-1500f_firmwaresimatic_s7-1500SIMATIC S7-1500 incl. FSIMATIC ET 200SP Open ControllerSIMATIC S7-1500 Software Controller
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-25659
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.45%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 10:35
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0 SP9 Update 2). Sending specially crafted packets to port 4410/tcp of an affected system could lead to extensive memory being consumed and as such could cause a denial-of-service preventing legitimate users from using the system.

Action-Not Available
Vendor-Siemens AG
Product-automation_license_managerAutomation License Manager 5Automation License Manager 6
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-37195
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.69%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 10:21
Updated-19 Sep, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests. This could allow local attackers with administrative privileges to cause a denial of service situation on the host. A physical power cycle is required to get the system working again.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cp_1604_firmwaresimatic_cp_1616simatic_cp_1628_firmwaresimatic_cp_1626_firmwaresimatic_cp_1604simatic_cp_1623_firmwaresimatic_cp_1623simatic_cp_1628simatic_cp_1616_firmwaresimatic_cp_1626SIMATIC CP 1628SIMATIC CP 1604SIMATIC CP 1626SIMATIC CP 1616SIMATIC CP 1623
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-35921
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.73% / 71.83%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-13 Nov, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted Ethernet frames sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-simatic_mv540_s_firmwaresimatic_mv540_ssimatic_mv560_x_firmwaresimatic_mv560_usimatic_mv560_u_firmwaresimatic_mv550_s_firmwaresimatic_mv540_hsimatic_mv550_h_firmwaresimatic_mv550_ssimatic_mv560_xsimatic_mv550_hsimatic_mv540_h_firmwareSIMATIC MV560 USIMATIC MV540 SSIMATIC MV540 HSIMATIC MV550 HSIMATIC MV550 SSIMATIC MV560 Xsimatic_mv540_ssimatic_mv560_usimatic_mv540_hsimatic_mv550_ssimatic_mv560_xsimatic_mv550_h
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-22883
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-87.36% / 99.42%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 17:38
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.

Action-Not Available
Vendor-Node.js (OpenJS Foundation)Oracle CorporationNetApp, Inc.Siemens AGFedora Project
Product-sinec_infrastructure_network_servicespeoplesoft_enterprise_peopletoolsgraalvme-series_performance_analyzermysql_clusternosql_databasefedorajd_edwards_enterpriseone_toolsnode.jsNode
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2022-39158
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.29% / 51.46%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 00:00
Updated-12 Aug, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2100PNC (32M) V4.X, RUGGEDCOM RSG2100PNC (32M) V5.X, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Affected devices improperly handle partial HTTP requests which makes them vulnerable to slowloris attacks. This could allow a remote attacker to create a denial of service condition that persists until the attack ends.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rsg2100_\(32m\)ruggedcom_rsg2300pruggedcom_rsg907rruggedcom_rst916pruggedcom_rsg910cruggedcom_rsl910ruggedcom_rs900_\(32m\)ruggedcom_rosruggedcom_rsg920pruggedcom_rsg2300ruggedcom_rs416v2ruggedcom_rst916cruggedcom_rst2228ruggedcom_rst2228pruggedcom_rmc8388ruggedcom_rsg909rruggedcom_rsg908cruggedcom_rs416pv2ruggedcom_rsg2488ruggedcom_rsg2288ruggedcom_rs900g_\(32m\)RUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS900MNC-STND-XX-C01RUGGEDCOM RSG920P V4.XRUGGEDCOM RS401NCRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS920LNCRUGGEDCOM RS910LRUGGEDCOM RS930WRUGGEDCOM RSG2100NC(32M) V5.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2288NC V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600RUGGEDCOM i801NCRUGGEDCOM RS940GRUGGEDCOM RSG2100NC(32M) V4.XRUGGEDCOM i800NCRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RS8000NCRUGGEDCOM RS400FRUGGEDCOM RS900NC(32M) V4.XRUGGEDCOM RS920LRUGGEDCOM RMC8388 V4.XRUGGEDCOM RS8000HRUGGEDCOM RS900LNCRUGGEDCOM RS8000TRUGGEDCOM RS910NCRUGGEDCOM RS416PFRUGGEDCOM RS900GRUGGEDCOM M2100FRUGGEDCOM RS900M-STND-XXRUGGEDCOM RS900WRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS900MNC-STND-XXRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RSG910CRUGGEDCOM RSG2300PFRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS1600NCRUGGEDCOM RS969RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RSG909RRUGGEDCOM RS416FRUGGEDCOM RS900GPFRUGGEDCOM RSG2100PRUGGEDCOM RS930LNCRUGGEDCOM RS416PRUGGEDCOM RSG920P V5.XRUGGEDCOM RSG2200NCRUGGEDCOM RS8000HNCRUGGEDCOM RSG2300PNC V5.XRUGGEDCOM RSG2288 V5.XRUGGEDCOM RS1600FRUGGEDCOM RS416NCRUGGEDCOM RS930LRUGGEDCOM RSG907RRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS910WRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS940GNCRUGGEDCOM RS900GNCRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RMC8388NC V5.XRUGGEDCOM RS940GFRUGGEDCOM RS910LNCRUGGEDCOM RSG2288NC V4.XRUGGEDCOM RSG2488 V5.XRUGGEDCOM RMC30RUGGEDCOM RS900GFRUGGEDCOM RS8000ANCRUGGEDCOM RMC8388NC V4.XRUGGEDCOM RS1600TRUGGEDCOM M969FRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RS400NCRUGGEDCOM RS900MNC-GETS-C01RUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2488NC V4.XRUGGEDCOM M2200FRUGGEDCOM RP110RUGGEDCOM i801RUGGEDCOM RS416v2 V4.XRUGGEDCOM RS416NCv2 V4.XRUGGEDCOM RS8000TNCRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM RS900FRUGGEDCOM M2200RUGGEDCOM RS900MNC-GETS-XXRUGGEDCOM RSG2300NC V5.XRUGGEDCOM RS900GNC(32M) V4.XRUGGEDCOM RS900RUGGEDCOM RSG2100RUGGEDCOM M969NCRUGGEDCOM RS416PNCRUGGEDCOM RS1600FNCRUGGEDCOM RS400RUGGEDCOM RS900NC(32M) V5.XRUGGEDCOM RS1600TNCRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM M969RUGGEDCOM RS416PNCv2 V4.XRUGGEDCOM M2200NCRUGGEDCOM RS8000ARUGGEDCOM i803RUGGEDCOM RSG2100PNCRUGGEDCOM RSG920PNC V5.XRUGGEDCOM RSG2100NCRUGGEDCOM RSG2488FRUGGEDCOM RP110NCRUGGEDCOM RSG2200RUGGEDCOM RSG2488NC V5.XRUGGEDCOM RSL910NCRUGGEDCOM RS969NCRUGGEDCOM RS416RUGGEDCOM RST2228PRUGGEDCOM i800RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-GETS-XXRUGGEDCOM RST916PRUGGEDCOM RS416PNCv2 V5.XRUGGEDCOM RS416NCv2 V5.XRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSL910RUGGEDCOM RSG2100PFRUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RS900GPNCRUGGEDCOM RSG2100FRUGGEDCOM RSG2488 V4.XRUGGEDCOM i802RUGGEDCOM RS900GNC(32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS401RUGGEDCOM RSG2300NC V4.XRUGGEDCOM RSG920PNC V4.XRUGGEDCOM i802NCRUGGEDCOM i803NCRUGGEDCOM M2100RUGGEDCOM RSG2300FRUGGEDCOM RSG2300PNC V4.XRUGGEDCOM RS900NCRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RMC30NCRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSG2200FRUGGEDCOM M2100NCRUGGEDCOM RSG2100P (32M) V5.X
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-38371
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.51% / 65.56%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-13 May, 2025 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC00-U (All versions >= V2.3 < V6.30.37), Desigo PXC001-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC100-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC12-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC128-U (All versions >= V2.3 < V6.30.37), Desigo PXC200-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC36.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC50-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC64-U (All versions >= V2.3 < V6.30.37), Desigo PXM20-E (All versions >= V2.3 < V6.30.37), Nucleus NET for Nucleus PLUS V1 (All versions < V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions < V5.4), Nucleus ReadyStart V3 V2012 (All versions < V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions < V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions < V3.5.7), TALON TC Modular (BACnet) (All versions < V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.

Action-Not Available
Vendor-Siemens AG
Product-talon_tc_compactdesigo_pxm20-edesigo_pxc22.1-e.dapogee_pxc_compactdesigo_pxc001-e.d_firmwaredesigo_pxc12-e.dapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwaredesigo_pxc200-e.d_firmwareapogee_modular_equiment_controllerdesigo_pxc100-e.dapogee_modular_building_controllerdesigo_pxc001-e.dapogee_pxc_modular_firmwaredesigo_pxc22.1-e.d_firmwaredesigo_pxc50-e.dapogee_modular_building_controller_firmwaredesigo_pxc12-e.d_firmwaredesigo_pxc22-e.ddesigo_pxc22-e.d_firmwaredesigo_pxc00-u_firmwarenucleus_readystart_v3desigo_pxc00-e.ddesigo_pxc100-e.d_firmwaredesigo_pxc200-e.ddesigo_pxc00-e.d_firmwaredesigo_pxc50-e.d_firmwarenucleus_netdesigo_pxc64-utalon_tc_compact_firmwaredesigo_pxc36.1-e.d_firmwaredesigo_pxc64-u_firmwaredesigo_pxc128-udesigo_pxc00-uapogee_pxc_modulardesigo_pxm20-e_firmwaredesigo_pxc36.1-e.ddesigo_pxc128-u_firmwarenucleus_source_codeDesigo PXC22.1-E.DAPOGEE PXC Modular (P2 Ethernet)Nucleus ReadyStart V3 V2017Desigo PXC50-E.DDesigo PXC64-UDesigo PXC001-E.DAPOGEE PXC Compact (P2 Ethernet)Desigo PXC36.1-E.DNucleus NET for Nucleus PLUS V1TALON TC Compact (BACnet)APOGEE PXC Modular (BACnet)APOGEE MBC (PPC) (P2 Ethernet)Desigo PXC22-E.DTALON TC Modular (BACnet)Desigo PXC100-E.DAPOGEE PXC Compact (BACnet)APOGEE MEC (PPC) (BACnet)Desigo PXC00-UDesigo PXC00-E.DDesigo PXC200-E.DDesigo PXM20-EAPOGEE MEC (PPC) (P2 Ethernet)APOGEE MBC (PPC) (BACnet)Nucleus Source CodeDesigo PXC12-E.DNucleus NET for Nucleus PLUS V2Desigo PXC128-UNucleus ReadyStart V3 V2012
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2024-46891
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.19% / 40.96%
||
7 Day CHG+0.02%
Published-12 Nov, 2024 | 12:49
Updated-20 Aug, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INSsinec_ins
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-43647
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.40% / 59.88%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-10 Sep, 2024 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices do not properly handle TCP packets with an incorrect structure. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the network cable of the device needs to be unplugged and re-plugged.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC S7-200 SMART CPU CR40SIMATIC S7-200 SMART CPU ST60SIMATIC S7-200 SMART CPU SR40SIMATIC S7-200 SMART CPU ST30SIMATIC S7-200 SMART CPU SR30SIMATIC S7-200 SMART CPU SR60SIMATIC S7-200 SMART CPU CR60SIMATIC S7-200 SMART CPU SR20SIMATIC S7-200 SMART CPU ST40SIMATIC S7-200 SMART CPU ST20simatic_s7-200_smart_cpu_st60
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-2680
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-2.33% / 84.21%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf685r_firmwaresinamics_g150simatic_s7-200_smartsimatic_et_200m_firmwareextension_unit_15_profinet_firmwareek-ertec_200_pn_iosinamics_g150_firmwaresimatic_rf680r_firmwaresimatic_cp_343-1_advsimatic_s7-300sitop_psu8600sinamics_gh150simatic_dk-1604_pn_iosinamics_g130simatic_rf650r_firmwaresinamics_v90_pnsimatic_et_200mp_firmwaresimatic_s7-1500_software_controller_firmwaresinumerik_840d_sl_firmwaresimatic_s7-1500_firmwareextension_unit_19_profinet_firmwaredk_standard_ethernet_controller_firmwaresimatic_cp_443-1_adv_firmwarescalance_x200sinamics_gm150_firmwaresinamics_dcpscalance_w700scalance_s615_firmwaresimocode_pro_v_profinetsimatic_s7-1200_firmwaresimatic_rf680rsirius_motor_starter_m200d_profinet_firmwaresimatic_cp_443-1_stdsimatic_cp_1543sp-1_firmwaresimatic_et_200ecopnsinamics_g110m_s110_pnsimatic_s7-1200simatic_cp_1542sp-1_irc_firmwaresimatic_cp_1243-1_dnp3_firmwaresimatic_cp_1626_firmwareextension_unit_12_profinet_firmwaresinamics_g120\(c\/p\/d\)_w._pnsimatic_s7-400simatic_teleservice_adapter_ie_advanced_modemsimatic_hmi_mobile_panelssimatic_cp_1243-1sinamics_v90_pn_firmwaresinumerik_828d_firmwareextension_unit_22_profinetsimatic_winac_rtx_firmwaresimatic_s7-400_firmwareextension_unit_15_profinetsimatic_cp_343-1_lean_firmwaresimatic_cp_1243-1_firmwaresimatic_dk-1604_pn_io_firmwareie\/pb-linksimatic_dk-1616_pn_io_firmwarepn\/pn_coupler_firmwaresinamics_s150simotionsimatic_cp_1616_firmwaresimatic_et_200s_firmwaresimatic_cp_1543-1simatic_cp_1616ie\/as-i_link_pn_io_firmwarescalance_x300sinamics__s110_pn_firmwarescalance_m-800_firmwaresimatic_hmi_multi_panelssirius_act_3su1simatic_cp_343-1_adv_firmwaresirius_soft_starter_3rw44_pn_firmwaresimatic_dk-1616_pn_ioie\/as-i_link_pn_iosimatic_cp_443-1_std_firmwarescalance_xm400sinamics_sm120_firmwarescalance_m-800ek-ertec_200_pn_io_firmwaresimatic_teleservice_adapter_ie_basic_firmwaresimatic_et_200al_firmwaresinamics_sm120simatic_cp_1243-1_ircscalance_w700_firmwaresinamics_g110m_firmwarescalance_x200_irt_firmwaresimatic_cp_1542sp-1_ircsimatic_et_200propn\/pn_couplersinamics_sl150sinamics_dcp_firmwaresimatic_cp_1543-1_firmwareextension_unit_19_profinetscalance_x408simatic_hmi_comfort_panelssirius_act_3su1_firmwarescalance_x200_firmwaresinamics_dcm_firmwaresoftnet_profinet_io_firmwaresimatic_teleservice_adapter_ie_basicsimatic_winac_rtxsimatic_cm_1542-1scalance_xm400_firmwaresimatic_tdc_cp51m1simatic_cp_343-1_stdsimatic_cp_1243-8ups1600_profinet_firmwaresimatic_cp_1243-1_iec_firmwarescalance_xr500_firmwaresimatic_cp_1243-1_iecsimatic_rf685rsimatic_tdc_cpu555_firmwaresimatic_cp_1243-7_lte\/us_firmwaredk_standard_ethernet_controllerextension_unit_12_profinetsimatic_cp_1243-8_firmwaresimatic_et_200alsimatic_cp_443-1_opc-ua_firmwaresimatic_et_200sscalance_s615simatic_cp_1543sp-1simatic_teleservice_adapter_ie_standard_firmwaresinamics_gl150_firmwaresimocode_pro_v_profinet_firmwaresimatic_s7-200_smart_firmwaresinamics_gm150simatic_cp_443-1_advsimatic_cp_1243-7_lte\/ussinamics_dcmsimotion_firmwaresimatic_cp_1243-1_dnp3simatic_cp_443-1_opc-uasinumerik_840d_slsimatic_et_200ecopn_firmwaresimatic_cp_1243-1_irc_firmwarescalance_x414_firmwaresimatic_et_200sp_firmwaresirius_motor_starter_m200d_profinetsimatic_s7-1500simatic_cp_1604scalance_xr500scalance_x414ie\/pb-link_firmwarescalance_x200_irtsimatic_et_200pro_firmwaresinumerik_828dsinamics_gh150_firmwaresimatic_s7-1500_software_controllersinamics_s120simatic_cp_1242-7_gprs_firmwaresoftnet_profinet_ioek-ertec_200p_pn_io_firmwaresimatic_cp_343-1_leansimatic_cp_1542sp-1sinamics_s120_firmwaresimatic_s7-300_firmwareextension_unit_22_profinet_firmwaresinamics_g130_firmwarescalance_x408_firmwaresimatic_et_200mpsimatic_tdc_cpu555sinamics_g120\(c\/p\/d\)_w._pn_firmwaresimatic_rf650rsitop_psu8600_firmwaresimatic_et_200spsimatic_cp_1542sp-1_firmwarescalance_x300_firmwaresimatic_teleservice_adapter_ie_advanced_firmwaresimatic_cp_1242-7_gprssinamics_s150_firmwareek-ertec_200p_pn_iosimatic_teleservice_adapter_ie_standardsimatic_et_200msimatic_cp_1604_firmwareups1600_profinetsinamics_gl150simatic_cp_1626sinamics_sl150_firmwaresimatic_tdc_cp51m1_firmwaresimatic_cp_343-1_std_firmwaresirius_soft_starter_3rw44_pnsimatic_cm_1542-1_firmwareSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)SINAMICS SL150 V4.7.5 w. PROFINETSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC Teleservice Adapter IE StandardSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIRIUS Motor Starter M200D PROFINETSCALANCE X-200 family (incl. SIPLUS NET variants)SIMATIC CP 1543SP-1 (incl. SIPLUS variants)SIMATIC MV440 HRSINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN: IO-Link MasterSINAMICS SL150 V4.7.4 w. PROFINETSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC Teleservice Adapter IE AdvancedSIMATIC CP 1626SIMATIC MV420 SR-BSCALANCE XR-500 familySIMATIC ET200ecoPN, 16DI, DC24V, 8xM12Extension Unit 19" PROFINETSIMATIC ET 200MP IM 155-5 PN STSIMATIC DK-16xx PN IOSIMATIC MV420 SR-PSINUMERIK 840D sl V4.7SIMATIC TDC CPU555SIMATIC TDC CP51M1IE/PB-Link (incl. SIPLUS NET variants)SIMATIC ET 200MP IM 155-5 PN BASINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants)SIMATIC MV420 SR-B BodyDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC RF650RSCALANCE XM-400 familySINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySINAMICS S150 V4.8 w. PNSIMATIC MV440 SRSIMATIC S7-200 SMARTSIMATIC CP 1243-8 IRCExtension Unit 22" PROFINETSIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)SINAMICS S150 V4.7 w. PNSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)SINAMICS SM120 V4.7 w. PROFINETSIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIMATIC RF680RSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SINAMICS GH150 V4.7 w. PROFINETSIMATIC CP 1543-1 (incl. SIPLUS variants)SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMOTIONSINAMICS GL150 V4.7 w. PROFINETSINAMICS S110 w. PNSIMATIC RF685RSITOP UPS1600 PROFINET (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASIMATIC CM 1542-1SCALANCE X408 familySIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC ET 200SP IM 155-6 PN HFSIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 PN STSCALANCE X-200IRT family (incl. SIPLUS NET variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC CP 1243-7 LTE USSoftnet PROFINET IO for PC-based Windows systemsSIMATIC CP 1242-7 V2 (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASINAMICS SL150 V4.7.0 w. PROFINETSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC CP 1604SIMATIC S7-1500 Software ControllerSIMATIC ET200S (incl. SIPLUS variants)IE/AS-i Link PN IOSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC CP 1243-1 (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC CP 343-1 (incl. SIPLUS variants)SITOP PSU8600 PROFINETSIMATIC CM 1542SP-1SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SINUMERIK 828D V4.7SINUMERIK 828D V4.5 and priorExtension Unit 12" PROFINETSIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)SIMATIC CP 1616SINAMICS V90 w. PNSCALANCE X-300 family (incl. X408 and SIPLUS NET variants)SINAMICS DCM w. PNSINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSCALANCE M-800 family (incl. S615, MUM-800 and RM1224)SINUMERIK 840D sl V4.5 and priorSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIMATIC Teleservice Adapter IE BasicSINAMICS DCP w. PNSINAMICS GM150 V4.7 w. PROFINETSIMATIC ET 200M (incl. SIPLUS variants)Extension Unit 15" PROFINETSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SIPLUS ET 200SP IM 155-6 PN STSIMATIC MV440 URSIRIUS ACT 3SU1 interface module PROFINETSIPLUS ET 200MP IM 155-5 PN HFSCALANCE X414SINAMICS G150 V4.8 w. PNSIMATIC CP 443-1 (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-27640
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 48.23%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:47
Updated-03 Aug, 2024 | 05:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP 443-1 RNA (All versions < V1.5.18). The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming attacks, which can cause the device to reboot.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cp_443-1_rna_firmwaresimatic_cp_442-1_rnasimatic_cp_442-1_rna_firmwaresimatic_cp_443-1_rnaSIMATIC CP 442-1 RNASIMATIC CP 443-1 RNA
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-27194
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.47%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:07
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit this vulnerability to cause a Denial-of-Service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-simatic_pcs_neototally_integrated_automation_portalsinetplanSIMATIC PCS neo (Administration Console)SINETPLANTIA Portal
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-25622
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.12% / 31.14%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 00:00
Updated-21 Apr, 2025 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.

Action-Not Available
Vendor-Siemens AG
Product-simatic_tdc_cpu555_firmwaresimatic_tdc_cp51m1_firmwaresimatic_s7-400_pn\/dp_v7_firmwaresimatic_s7-1500_cpusimatic_cfu_pasimatic_tdc_cp51m1simatic_s7-400_pn\/dp_v7simatic_s7-410_v8_firmwaresimatic_s7-1500_cpu_firmwaresimatic_cfu_diqsimatic_s7-400h_v6_firmwaresimatic_tdc_cpu555simatic_winac_rtxsimit_simulation_platformsimatic_cfu_diq_firmwaresimatic_s7-400h_v6simatic_s7-410_v10simatic_s7-410_v8simatic_s7-300_cpu_firmwaresimatic_s7-410_v10_firmwaresimatic_winac_rtx_firmwaresimatic_cfu_pa_firmwaresimatic_s7-300_cpuSINAMICS S110SIMATIC CFU DIQSIMATIC ET 200pro IM 154-8F PN/DP CPUSIMATIC ET 200SP IM 155-6 PN HFSIMATIC TDC CP51M1SINAMICS G115DSIMATIC ET200ecoPN, AI 8xRTD/TC, M12-LSIMATIC S7-300 CPU 315F-2 PN/DPSINAMICS V90SIMATIC S7-400 CPU 414F-3 PN/DP V7SIPLUS ET 200S IM 151-8 PN/DP CPUSIMATIC ET200ecoPN, CM 4x IO-Link, M12-LSIMATIC S7-400 CPU 416F-3 PN/DP V7SIPLUS S7-400 CPU 416-3 PN/DP V7SIMATIC S7-300 CPU 315-2 PN/DPSIMATIC ET 200MP IM 155-5 PN HFSINAMICS S150SIMATIC S7-300 CPU 319-3 PN/DPSINAMICS G120 (incl. SIPLUS variants)SIPLUS S7-300 CPU 317F-2 PN/DPSIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-LSIMATIC PN/PN CouplerSIMATIC WinAC RTX F 2010SIMATIC TDC CPU555SIMATIC CFU PASIMATIC ET 200S IM 151-8F PN/DP CPUSINAMICS S210 (6SL5...)SINAMICS G110MSIPLUS HCS4300 CIM4310SIMATIC ET200ecoPN, CM 8x IO-Link, M12-LSIMATIC S7-300 CPU 317F-2 PN/DPSIPLUS ET 200SP IM 155-6 PN HFSIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-400 CPU 414-3 PN/DP V7SIMATIC ET200ecoPN, DI 16x24VDC, M12-LSIPLUS S7-300 CPU 314C-2 PN/DPSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIMATIC ET200ecoPN, DI 8x24VDC, M12-LSIPLUS HCS4200 CIM4210CSIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-LSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC ET 200pro IM 154-8FX PN/DP CPUSINAMICS G150SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC S7-300 CPU 315T-3 PN/DPSINAMICS S120 (incl. SIPLUS variants)SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIMATIC S7-300 CPU 317-2 PN/DPSIPLUS ET 200MP IM 155-5 PN HFSINAMICS DCMSIMATIC ET 200SP IM 155-6 PN/3 HFSIMATIC S7-300 CPU 319F-3 PN/DPSIPLUS NET PN/PN CouplerSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM 154-8 PN/DP CPUSIMATIC S7-300 CPU 317T-3 PN/DPSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC ET 200SP IM 155-6 PN/2 HFSIMATIC ET 200SP IM 155-6 MF HFSIMATIC ET 200S IM 151-8 PN/DP CPUSIPLUS HCS4200 CIM4210SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMATIC S7-400 CPU 416-3 PN/DP V7SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC PN/MF CouplerSIMATIC WinAC RTX 2010SINAMICS G130SIPLUS ET 200S IM 151-8F PN/DP CPUSIMATIC S7-400 CPU 412-2 PN V7SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-2681
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.44% / 62.36%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf685r_firmwaresinamics_g150simatic_s7-200_smartsimatic_et_200m_firmwareek-ertec_200_pn_iosinamics_g150_firmwaresinamics_g120\(c\/p\/d\)_pn_firmwaresimatic_rf680r_firmwaresimatic_cp_343-1_advsimatic_s7-300sitop_psu8600sinamics_g130simatic_rf650r_firmwaresinamics_v90_pnsimatic_et_200mp_firmwaresinumerik_840d_sl_firmwaresimatic_s7-1500_firmwaredk_standard_ethernet_controller_firmwaresimatic_cp_443-1_adv_firmwarescalance_x200sinamics_dcpscalance_w700scalance_s615_firmwaresimocode_pro_v_profinetsimatic_cm_1542sp-1simatic_s7-1200_firmwaresimatic_teleservice_adapter_ie_basic_modem_firmwaresimatic_rf680rsirius_motor_starter_m200d_profinet_firmwaresimatic_cp_443-1_stdsimatic_cp_1543sp-1_firmwaresimatic_teleservice_adapter_ie_advanced_modem_firmwaresimatic_et_200ecopnsinamics_g110msimatic_s7-1200sinamics_s110_pn_firmwaresimatic_cp_1542sp-1_irc_firmwaresimatic_cp_1243-1_dnp3_firmwaresimatic_s7-400simatic_teleservice_adapter_ie_advanced_modemsimatic_hmi_mobile_panelssimatic_cp_1243-1sinamics_v90_pn_firmwaresinumerik_828d_firmwaresimatic_winac_rtx_firmwaresimatic_s7-400_firmwaresimatic_cp_343-1_lean_firmwaresimatic_cp_1243-1_firmwareie\/pb-linkpn\/pn_coupler_firmwaresinamics_s150simotionsimatic_cp_1616_firmwaresimatic_et_200s_firmwaresimatic_cp_1543-1simatic_cp_1616ie\/as-i_link_pn_io_firmwarescalance_x300scalance_m-800_firmwaresimatic_hmi_multi_panelssirius_act_3su1simatic_cp_343-1_adv_firmwaresirius_soft_starter_3rw44_pn_firmwareie\/as-i_link_pn_iosimatic_cp_443-1_std_firmwarescalance_xm400scalance_m-800ek-ertec_200_pn_io_firmwaresinamics_s110_pnsimatic_et_200al_firmwaresimatic_cp_1243-1_ircscalance_w700_firmwaresinamics_g110m_firmwarescalance_x200_irt_firmwaresimatic_cp_1542sp-1_ircsimatic_et_200propn\/pn_couplersinamics_dcp_firmwaresimatic_teleservice_adapter_standard_modem_firmwaresimatic_cp_1543-1_firmwarescalance_x408simatic_hmi_comfort_panelssirius_act_3su1_firmwarescalance_x200_firmwaresinamics_dcm_firmwaresoftnet_profinet_io_firmwaresimatic_winac_rtxsimatic_cm_1542-1scalance_xm400_firmwaresimatic_tdc_cp51m1simatic_cp_343-1_stdsinamics_g120\(c\/p\/d\)_pnsimatic_cm_1542sp-1_firmwareups1600_profinet_firmwaresimatic_cp_1243-1_iec_firmwarescalance_xr500_firmwaresimatic_cp_1243-1_iecsimatic_rf685rsimatic_teleservice_adapter_ie_basic_modemsimatic_tdc_cpu555_firmwaredk_standard_ethernet_controllersimatic_et_200alsimatic_cp_443-1_opc-ua_firmwaresimatic_et_200sscalance_s615simatic_cp_1543sp-1simocode_pro_v_profinet_firmwaresimatic_s7-200_smart_firmwaresimatic_cp_443-1_advsinamics_dcmsimotion_firmwaresimatic_dk-16xx_pn_iosimatic_cp_1243-1_dnp3simatic_cp_443-1_opc-uasinumerik_840d_slsimatic_et_200ecopn_firmwaresimatic_cp_1243-1_irc_firmwaresimatic_dk-16xx_pn_io_firmwarescalance_x414_firmwaresimatic_et_200sp_firmwaresirius_motor_starter_m200d_profinetsimatic_s7-1500simatic_cp_1604scalance_xr500scalance_x414ie\/pb-link_firmwarescalance_x200_irtsimatic_et_200pro_firmwaresinumerik_828dsinamics_s120simatic_s7-1500_software_controllersoftnet_profinet_ioek-ertec_200p_pn_io_firmwaresimatic_cp_343-1_leansimatic_cp_1542sp-1sinamics_s120_firmwaresimatic_s7-300_firmwaresinamics_g130_firmwarescalance_x408_firmwaresimatic_teleservice_adapter_standard_modemsimatic_et_200mpsimatic_tdc_cpu555simatic_rf650rsitop_psu8600_firmwaresimatic_et_200spscalance_x300_firmwaresinamics_s150_firmwareek-ertec_200p_pn_iosimatic_et_200msimatic_cp_1604_firmwareups1600_profinetsimatic_tdc_cp51m1_firmwaresimatic_cp_343-1_std_firmwaresirius_soft_starter_3rw44_pnsimatic_cm_1542-1_firmwareSINAMICS S110 w. PNSIMATIC RF685RSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SITOP UPS1600 PROFINET (incl. SIPLUS variants)SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASIMATIC CM 1542-1SCALANCE X408 familySIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC Teleservice Adapter IE StandardSIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC ET 200SP IM 155-6 PN HFSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIRIUS Motor Starter M200D PROFINETSIPLUS ET 200SP IM 155-6 PN HFSCALANCE X-200 family (incl. SIPLUS NET variants)SIMATIC CP 1543SP-1 (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN STSIMATIC MV440 HRSCALANCE X-200IRT family (incl. SIPLUS NET variants)SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC ET200ecoPN: IO-Link MasterSoftnet PROFINET IO for PC-based Windows systemsSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC Teleservice Adapter IE AdvancedSIMATIC MV420 SR-BSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSCALANCE XR-500 familySIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC CP 1604SIMATIC ET 200MP IM 155-5 PN STSIMATIC S7-1500 Software ControllerSIMATIC DK-16xx PN IOSIMATIC MV420 SR-PSINUMERIK 840D sl V4.7SIMATIC TDC CPU555SIMATIC ET200S (incl. SIPLUS variants)IE/AS-i Link PN IOSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC CP 1243-1 (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC CP 343-1 (incl. SIPLUS variants)SITOP PSU8600 PROFINETSIMATIC TDC CP51M1SIMATIC CM 1542SP-1IE/PB-Link (incl. SIPLUS NET variants)SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SINUMERIK 828D V4.7SIMATIC ET 200MP IM 155-5 PN BASINUMERIK 828D V4.5 and priorSINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SIMATIC CP 1616SINAMICS V90 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSCALANCE X-300 family (incl. X408 and SIPLUS NET variants)SIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants)SINAMICS DCM w. PNSIMATIC MV420 SR-B BodySINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC RF650RDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSCALANCE M-800 family (incl. S615, MUM-800 and RM1224)SINUMERIK 840D sl V4.5 and priorSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SCALANCE XM-400 familySIMATIC Teleservice Adapter IE BasicSINAMICS DCP w. PNSINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySINAMICS S150 V4.8 w. PNSIMATIC ET 200M (incl. SIPLUS variants)SIMATIC CP 443-1 (incl. SIPLUS variants)SIMATIC MV440 SRSIMATIC S7-200 SMARTSIMATIC CP 1243-8 IRCSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)SINAMICS S150 V4.7 w. PNSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200SP IM 155-6 PN STSIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC MV440 URSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIMATIC RF680RSIRIUS ACT 3SU1 interface module PROFINETSIPLUS ET 200MP IM 155-5 PN HFSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SCALANCE X414SINAMICS G150 V4.8 w. PNSIMATIC CP 1543-1 (incl. SIPLUS variants)SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMOTION
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-27827
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.81%
||
7 Day CHG~0.00%
Published-18 Mar, 2021 | 00:00
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-openvswitchlldpd_projectn/aSiemens AGRed Hat, Inc.Fedora Project
Product-simatic_net_cp_1543-1virtualizationlldpdopenvswitchopenshift_container_platformsimatic_net_cp_1542sp-1_firmwareopenstackenterprise_linuxsimatic_hmi_unified_comfort_panelssimatic_net_cp_1542sp-1_ircsinumerik_onesimatic_net_cp_1543sp-1_firmwaresimatic_net_cp_1542sp-1tim_1531_ircsinumerik_one_firmwaresimatic_net_cp_1543-1_firmwaretim_1531_irc_firmwaresimatic_net_cp_1545-1simatic_net_cp_1243-1fedorasimatic_hmi_unified_comfort_panels_firmwaresimatic_net_cp_1243-1_firmwaresimatic_net_cp_1545-1_firmwaresimatic_net_cp_1243-8_ircsimatic_net_cp_1543sp-1simatic_net_cp_1243-8_irc_firmwaresimatic_net_cp_1542sp-1_irc_firmwarelldp/openvswitch
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-25242
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.79%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions). Specially crafted packets sent to TCP port 102 could cause a Denial-of-Service condition on the affected devices. A cold restart might be necessary in order to recover.

Action-Not Available
Vendor-Siemens AG
Product-simatic_net_cp_343-1_standard_firmwaresimatic_net_cp_343-1_advancedsimatic_net_cp_343-1_standardsimatic_net_cp_343-1_leansimatic_net_cp_343-1_advanced_firmwaresimatic_net_cp_343-1_lean_firmwareSIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants)SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-44228
Matching Score-6
Assigner-Apache Software Foundation
ShareView Details
Matching Score-6
Assigner-Apache Software Foundation
CVSS Score-10||CRITICAL
EPSS-94.36% / 99.96%
||
7 Day CHG~0.00%
Published-10 Dec, 2021 | 00:00
Updated-08 Aug, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-12-24||For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

Action-Not Available
Vendor-percussionsnowsoftwareApple Inc.The Apache Software FoundationFedora ProjectCisco Systems, Inc.Siemens AGIntel CorporationNetApp, Inc.Bentley Systems, IncorporatedSonicWall Inc.Debian GNU/Linux
Product-common_services_platform_collectorsolidfire_enterprise_sdsoncommand_insightdatacenter_manageractive_iq_unified_manageroperation_schedulerconnected_analytics_for_network_deploymentindustrial_edge_management_hubsnapcenterintegrated_management_controller_supervisorfirepower_1150iot_operations_dashboardwan_automation_enginefirepower_2140system_studiovirtualized_voice_browserfirepower_2110dna_centersolid_edge_cam_pro6bk1602-0aa42-0tp0energyipcomossecure_device_onboardfirepower_4120sppa-t3000_ses3000_firmwaresiveillance_viewpointfirepower_1120genomics_kernel_librarycontact_center_domain_managercrosswork_data_gatewayxpedition_package_integratornetwork_dashboard_fabric_controller6bk1602-0aa22-0tp0_firmwarecloud_secure_agentnexus_insights6bk1602-0aa22-0tp0firepower_10106bk1602-0aa32-0tp0email_securityunified_contact_center_management_portalopcenter_intelligencexcodedna_spaces_connectorfinessesolidfire_\&_hci_storage_nodepackaged_contact_center_enterpriseunified_sip_proxycloudcenter_suiteucs_directorenergy_engagefxoscustomer_experience_cloud_agentpaging_serverlogo\!_soft_comfortfirepower_2130siveillance_control_prospectrum_power_7cloud_managernetwork_insights_for_data_centersynchro_4d6bk1602-0aa52-0tp0solid_edge_harness_designfog_directornetwork_assurance_enginefirepower_4115nexus_dashboardsmart_phybusiness_process_automation6bk1602-0aa42-0tp0_firmwarebroadworksfirepower_4140emergency_responderucs_centralcomputer_vision_annotation_toolvideo_surveillance_managerconnected_mobile_experiencessynchrohead-end_system_universal_device_integration_systemsentron_powermanagerfedoracloudcenter_cost_optimizer6bk1602-0aa12-0tp0_firmwarespectrum_power_4cloudcentervm_access_proxycloudcenter_suite_adminoneapi_sample_browser6bk1602-0aa52-0tp0_firmwarefirepower_4150virtual_topology_systemfirepower_9300prime_service_catalogbrocade_san_navigatorenterprise_chat_and_emailcloud_connectfirepower_4145teamcenterunified_customer_voice_portalcloud_insightsrhythmyxfirepower_1140sipass_integratedsiveillance_vantageintersight_virtual_appliancesd-wan_vmanageucs_central_softwarecontact_center_management_portalwebex_meetings_serverunified_intelligence_centerunified_workforce_optimizationenergyip_prepaycrosswork_zero_touch_provisioningcx_cloud_agent6bk1602-0aa12-0tp0unity_connectioncloudcenter_workload_manageroptical_network_controllervirtualized_infrastructure_managervideo_surveillance_operations_manager6bk1602-0aa32-0tp0_firmwareunified_communications_manageradvanced_malware_protection_virtual_private_cloud_applianceidentity_services_enginesnow_commandercyber_vision_sensor_management_extensionfirepower_4112unified_contact_center_enterprisedebian_linuxunified_computing_systemunified_contact_center_expressxpedition_enterpriselog4jdesigo_cc_advanced_reportsontap_toolsunified_communications_manager_im_and_presence_servicefirepower_2120mobility_services_enginecrosswork_network_automationdna_spacesvesysautomated_subsea_tuningcyber_visionsiveillance_commandevolved_programmable_network_managerdna_spaces\firepower_4110mendixfirepower_4125sppa-t3000_ses3000unified_communications_manager_im_\&_presence_servicee-car_operation_centernxindustrial_edge_managementworkload_optimization_managerfirepower_threat_defensenavigatorcapitalcrosswork_platform_infrastructurenetwork_services_orchestratordata_center_network_managercrosswork_optimization_enginemindspheresiguard_dsagma-managerdesigo_cc_info_centercrosswork_network_controllersiveillance_identityApache Log4j2Log4j2
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2023-35920
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.73% / 71.83%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-12 Nov, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted IP packets sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-simatic_mv540_s_firmwaresimatic_mv540_ssimatic_mv560_x_firmwaresimatic_mv560_usimatic_mv560_u_firmwaresimatic_mv550_s_firmwaresimatic_mv540_hsimatic_mv550_h_firmwaresimatic_mv550_ssimatic_mv560_xsimatic_mv550_hsimatic_mv540_h_firmwareSIMATIC MV560 USIMATIC MV540 SSIMATIC MV540 HSIMATIC MV550 HSIMATIC MV550 SSIMATIC MV560 Xsimatic_mv540_ssimatic_mv560_usimatic_mv540_hsimatic_mv550_ssimatic_mv560_xsimatic_mv550_h
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2002-20001
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-11.63% / 93.39%
||
7 Day CHG~0.00%
Published-11 Nov, 2021 | 00:00
Updated-22 Aug, 2025 | 10:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

Action-Not Available
Vendor-balasysstormshieldn/aHewlett Packard Enterprise (HPE)SUSEF5, Inc.Siemens AG
Product-aruba_cx_8400big-ip_ddos_hybrid_defenderbig-iq_centralized_managementbig-ip_webacceleratoraruba_cx_4100ibig-ip_application_visibility_and_reportingaruba_cx_6300mbig-ip_access_policy_managerf5os-aaruba_cx_6200faruba_cx_6410big-ip_global_traffic_managerbig-ip_local_traffic_managerarubaos-cxaruba_cx_8360-12cbig-ip_domain_name_systembig-ip_carrier-grade_nataruba_cx_6200mbig-ip_application_acceleration_managerscalance_w1750d_firmwarearuba_cx_8360-32y4caruba_cx_8325-48y8cbig-ip_websafearuba_cx_8360-16y2cstormshield_management_centeraruba_cx_8325-32caruba_cx_6405dheateraruba_cx_6300fbig-ip_ssl_orchestratoraruba_cx_8360-48y6cbig-ip_analyticsbig-ip_fraud_protection_servicebig-ip_service_proxyscalance_w1750dbig-ip_advanced_web_application_firewallaruba_cx_6100linux_enterprise_serverbig-ip_advanced_firewall_managerbig-ip_application_security_managerbig-ip_edge_gatewayaruba_cx_8360-24xf2caruba_cx_8320traffix_signaling_delivery_controllerbig-ip_policy_enforcement_managerf5os-caruba_cx_8360-48xt4cstormshield_network_securitybig-ip_link_controllern/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-6578
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.49%
||
7 Day CHG~0.00%
Published-14 May, 2019 | 19:54
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G28), SINAMICS PERFECT HARMONY GH180 with NXG II control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G28). A denial of service vulnerability exists in the affected products. The vulnerability could be exploited by an attacker with network access to the device. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr3sinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr3sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr3_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr2_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr4sinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr4_firmwaresinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr4_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr3_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr2sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr4sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr2sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr2_firmwareSINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...-SINAMICS PERFECT HARMONY GH180 with NXG II control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...-
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-19281
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.63% / 69.33%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:16
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V2.5 and < V20.8), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 and < V2.8), SIMATIC S7-1500 Software Controller (All versions >= V2.5 and < V20.8). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a Denial-of-Service condition. The vulnerability can be triggered if specially crafted UDP packets are sent to the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the device availability.

Action-Not Available
Vendor-Siemens AG
Product-simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmwaresimatic_s7-1500_cpu_1507ssimatic_s7-1500_cpu_1516-3_dp_firmwaresimatic_s7-1500_cpu_1517-3_dp_firmwaresimatic_s7-1500_cpu_1508s_firmwaresimatic_s7-1500_cpu_1518-4_pn_firmwaresimatic_s7-1500_cpu_1518-4_dp_firmwaresimatic_s7-1500_cpu_1508s_f_firmwaresimatic_s7-1500_cpu_1507s_f_firmwaresimatic_s7-1500_cpu_1507s_fsimatic_s7-1500_cpu_1513-1_pn_firmwaresimatic_s7-1500_cpu_1516-3_pn_firmwaresimatic_s7-1500_cpu_1518-4_pnsimatic_s7-1500_cpu_1511-1_pn_firmwaresimatic_s7-1500_cpu_1515-2_pnsimatic_s7-1500_cpu_1517-3_pnsimatic_s7-1500_cpu_1508s_fsimatic_s7-1500_cpu_1515-2_pn_firmwaresimatic_s7-1500_cpu_1516-3_pnsimatic_s7-1500_cpu_1517-3_pn_firmwaresimatic_s7-1500_cpu_1516-3_dpsimatic_s7-1500_cpu_1508ssimatic_s7-1500_cpu_1507s_firmwaresimatic_s7-1500_cpu_1518-4_dpsimatic_s7-1500_cpu_1517-3_dpsimatic_s7-1500_cpu_1513-1_pnsimatic_s7-1500_cpu_1511-1_pnsimatic_et_200sp_open_controller_cpu_1515sp_pc2SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SIMATIC S7-1500 Software Controller
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-19301
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.54% / 66.60%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 19:50
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALANCE X204IRT PRO, SCALANCE X206-1, SCALANCE X206-1LD, SCALANCE X208, SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204-2, SCALANCE XF204-2BA IRT, SCALANCE XF204IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIMATIC CP 343-1 Advanced, SIMATIC CP 442-1 RNA, SIMATIC CP 443-1, SIMATIC CP 443-1, SIMATIC CP 443-1 Advanced, SIMATIC CP 443-1 RNA, SIMATIC RF180C, SIMATIC RF182C, SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SIPLUS NET SCALANCE X308-2. The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf182csimatic_rf182c_firmwarescalance_xp-200_firmwarescalance_x-200irt_pro_firmwaresimatic_cp_443-1_advanced_firmwarescalance_xc-200_firmwaresimatic_cp_443-1_firmwarescalance_xb-200scalance_xr-300wg_firmwarescalance_xr-300wgscalance_xp-200simatic_rf180cscalance_x-200irt_firmwarescalance_xr-300scalance_x-300scalance_x-200irtscalance_x-200irt_prosimatic_cp_443-1scalance_xb-200_firmwarescalance_xf-200_firmwarescalance_xf-200scalance_xr-300_firmwarescalance_x-300_firmwaresimatic_rf180c_firmwarescalance_xc-200simatic_cp_443-1_advancedSCALANCE XF208SCALANCE XR324-12M TS (24V)SCALANCE XR324-4M EEC (24V, ports on front)SCALANCE X204IRTSCALANCE XR324-12M (230V, ports on rear)SCALANCE X307-2 EEC (2x 24V, coated)SCALANCE XF204-2BA IRTSCALANCE X204-2FMSCALANCE X204-2TSSCALANCE X307-3SCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SCALANCE X204-2LD TSSCALANCE X302-7 EEC (24V, coated)SCALANCE X307-2 EEC (230V, coated)SIMATIC CP 443-1 AdvancedSIMATIC RF180CSCALANCE X224SIPLUS NET SCALANCE X308-2SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SCALANCE X202-2P IRTSCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SIMATIC CP 443-1SCALANCE X206-1LDSCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SIMATIC CP 343-1 AdvancedSCALANCE X208SCALANCE X304-2FESCALANCE X307-2 EEC (230V)SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SCALANCE X302-7 EEC (2x 24V)SCALANCE XF204IRTSCALANCE X307-2 EEC (2x 230V)SCALANCE X208PROSCALANCE X212-2LDSCALANCE X204IRT PROSCALANCE X302-7 EEC (24V)SCALANCE X204-2SCALANCE XF206-1SIMATIC RF182CSCALANCE XR324-4M EEC (2x 24V, ports on rear)SIPLUS NET CP 443-1SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SCALANCE X204-2LDSCALANCE X201-3P IRTSCALANCE X308-2MSCALANCE X308-2M PoESCALANCE X310FESCALANCE X308-2LH+SCALANCE X206-1SCALANCE XF204SIPLUS NET CP 343-1 AdvancedSCALANCE X307-3LDSCALANCE X202-2IRTSCALANCE X308-2LHSCALANCE XF204-2SCALANCE XR324-4M EEC (24V, ports on rear)SIMATIC CP 442-1 RNASCALANCE XR324-4M PoE (24V, ports on front)SIPLUS NET CP 443-1 AdvancedSCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SCALANCE XF201-3P IRTSCALANCE XF202-2P IRTSCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE X202-2P IRT PROSCALANCE X310SCALANCE X307-2 EEC (2x 24V)SCALANCE XR324-12M (24V, ports on front)SCALANCE X212-2SCALANCE X320-1 FESCALANCE X306-1LD FESIMATIC CP 443-1 RNASCALANCE X308-2M TSSCALANCE XR324-4M PoE (230V, ports on front)SCALANCE X216SCALANCE X302-7 EEC (230V, coated)SCALANCE X201-3P IRT PROSCALANCE X302-7 EEC (2x 230V, coated)SCALANCE X200-4P IRTSCALANCE X320-1-2LD FESCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE XR324-12M (230V, ports on front)SCALANCE XR324-4M EEC (2x 24V, ports on front)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-41546
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.55% / 67.00%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 09:49
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1), RUGGEDCOM ROX RX1511 (All versions < V2.14.1), RUGGEDCOM ROX RX1512 (All versions < V2.14.1), RUGGEDCOM ROX RX1524 (All versions < V2.14.1), RUGGEDCOM ROX RX1536 (All versions < V2.14.1), RUGGEDCOM ROX RX5000 (All versions < V2.14.1). Affected devices write crashdumps without checking if enough space is available on the filesystem. Once the crashdump fills the entire root filesystem, affected devices fail to boot successfully. An attacker can leverage this vulnerability to cause a permanent Denial-of-Service.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_rx1511ruggedcom_rox_rx1512ruggedcom_rox_mx5000_firmwareruggedcom_rox_rx5000_firmwareruggedcom_rox_rx1511_firmwareruggedcom_rox_rx1510ruggedcom_rox_rx1400_firmwareruggedcom_rox_rx1500_firmwareruggedcom_rox_rx1400ruggedcom_rox_rx1510_firmwareruggedcom_rox_rx1500ruggedcom_rox_rx1524_firmwareruggedcom_rox_rx5000ruggedcom_rox_rx1501ruggedcom_rox_rx1536ruggedcom_rox_mx5000ruggedcom_rox_rx1524ruggedcom_rox_rx1536_firmwareruggedcom_rox_rx1501_firmwareruggedcom_rox_rx1512_firmwareRUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1536RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1500RUGGEDCOM ROX RX1501RUGGEDCOM ROX RX5000RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1512
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2017-12741
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-3.94% / 87.87%
||
7 Day CHG~0.00%
Published-26 Dec, 2017 | 04:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-sinamics_g150simotion_p_firmwaresinamics_dcm_firmwaresimatic_et_200m_firmwareek-ertec_200p_firmwaresimatic_winac_rtx_f_2010sinamics_g150_firmwaresimotion_dsinamics_v90pnsimatic_winac_rtx_f_2010_firmwaresimatic_s7-200simotion_csimatic_s7-300sinamics_g110m\/g120pndk_standard_ethernet_controllersimotion_psinamics_s150_v4.8sinamics_g130simatic_et_200alsimatic_et_200mp_firmwaresinumerik_840d_sl_firmwaresimatic_et_200ssimatic_s7-1500_firmwaresinamics_s150_v4.7_firmwaredk_standard_ethernet_controller_firmwaresinamics_s110pnsimatic_compact_field_unit_firmwaresimatic_s7-400h_v6_firmwaresinamics_dcpsirius_soft_starter_3rw44pnsimocode_pro_v_profinetsimatic_s7-1200_firmwaresinamics_s110pn_firmwaresimocode_pro_v_profinet_firmwareek-ertec_200psirius_soft_starter_3rw44pn_firmwaresimatic_et_200ecopnsinamics_dcmsimatic_s7-1200simotion_d_firmwaresinamics_s150_v4.7ek-ertec_200pn_iosinumerik_840d_slsimatic_s7-410_v8simatic_et_200ecopn_firmwaresimatic_pn\/pn_couplersimatic_s7-400h_v6simatic_s7-1500_controllersimatic_et_200sp_firmwaresimatic_s7-410_v8_firmwaresimatic_s7-1500simatic_et_200pro_firmwaresimatic_s7-1500_controller_firmwaresinamics_s150_v4.8_firmwaresinamics_s120simatic_et_200s_firmwaresimatic_s7-400pn_v6sinamics_s120_firmwaresimatic_s7-300_firmwaresinamics_g130_firmwaresimatic_et_200mpsimotion_c_firmwaresimatic_s7-400pn\/dp_v7simatic_et_200spsimatic_pn\/pn_coupler_firmwaresimatic_s7-200_firmwaresimatic_s7-400pn_v6_firmwaresimatic_et_200msimatic_et_200al_firmwaresimatic_compact_field_unitsinamics_g110m\/g120pn_firmwaresimatic_et_200prosinamics_v90pn_firmwaresinamics_dcp_firmwareek-ertec_200pn_io_firmwaresimatic_s7-400pn\/dp_v7_firmwareSIMOTION DSINAMICS GL150 V4.7 w. PROFINETSINAMICS S110 w. PNSINUMERIK 840D slSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMOTION P V5SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SINAMICS SL150 V4.7.5 w. PROFINETSIMATIC ET200ecoPN, 4AO U/I 4xM12SIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC ET 200SP IM 155-6 PN HFSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 PN STSINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC ET200ecoPN: IO-Link MasterSINAMICS SL150 V4.7.4 w. PROFINETSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIPLUS ET 200SP IM 155-6 PN ST TX RAILSINAMICS SL150 V4.7.0 w. PROFINETSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSIMATIC ET 200MP IM 155-5 PN HFSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1500 Software ControllerSIMATIC ET 200MP IM 155-5 PN STSIMATIC TDC CPU555SIMATIC ET200S (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMOTION CSIMATIC TDC CP51M1SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SIMATIC ET 200MP IM 155-5 PN BASIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SINAMICS V90 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SINAMICS DCM w. PNSINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SINAMICS DCP w. PNSINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SINAMICS GM150 V4.7 w. PROFINETSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMOTION P V4.4 and V4.5SINAMICS S150 V4.8 w. PNSIMATIC ET 200M (incl. SIPLUS variants)SIMATIC Compact Field UnitSIMATIC S7-400 H V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-200 SMARTSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SINAMICS S150 V4.7 w. PNSINAMICS SM120 V4.7 w. PROFINETSIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200SP IM 155-6 PN STSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIPLUS ET 200MP IM 155-5 PN HFSINAMICS GH150 V4.7 w. PROFINETSINAMICS G150 V4.8 w. PN
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-31340
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.16%
||
7 Day CHG~0.00%
Published-08 Jun, 2021 | 19:47
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.

Action-Not Available
Vendor-Siemens AG
Product-simatic_reader_rf650r_fcc_firmwaresimatic_reader_rf650r_cmiit_firmwaresimatic_reader_rf680r_cmiitsimatic_reader_rf685r_fccsimatic_reader_rf610r_etsi_firmwaresimatic_reader_rf615r_etsi_firmwaresimatic_rf360rsimatic_reader_rf650r_aribsimatic_reader_rf610r_fccsimatic_reader_rf680r_fccsimatic_reader_rf685r_arib_firmwaresimatic_rf186c_firmwaresimatic_reader_rf615r_cmiitsimatic_rf188c_firmwaresimatic_reader_rf685r_fcc_firmwaresimatic_rf185csimatic_reader_rf680r_cmiit_firmwaresimatic_reader_rf685r_etsisimatic_rf360r_firmwaresimatic_rf186cisimatic_rf188csimatic_reader_rf610r_cmiit_firmwaresimatic_reader_rf610r_fcc_firmwaresimatic_rf185c_firmwaresimatic_reader_rf615r_fccsimatic_reader_rf615r_fcc_firmwaresimatic_reader_rf680r_etsisimatic_reader_rf680r_fcc_firmwaresimatic_reader_rf610r_etsisimatic_reader_rf680r_arib_firmwaresimatic_reader_rf685r_cmiit_firmwaresimatic_rf186ci_firmwaresimatic_rf166c_firmwaresimatic_rf188ci_firmwaresimatic_reader_rf650r_cmiitsimatic_reader_rf650r_fccsimatic_rf166csimatic_reader_rf685r_cmiitsimatic_reader_rf680r_aribsimatic_reader_rf650r_etsisimatic_reader_rf610r_cmiitsimatic_reader_rf650r_arib_firmwaresimatic_reader_rf680r_etsi_firmwaresimatic_reader_rf615r_etsisimatic_rf186csimatic_reader_rf650r_etsi_firmwaresimatic_reader_rf685r_aribsimatic_reader_rf615r_cmiit_firmwaresimatic_reader_rf685r_etsi_firmwaresimatic_rf188ciSIMATIC Reader RF650R ARIBSIMATIC Reader RF650R ETSISIMATIC Reader RF680R CMIITSIMATIC Reader RF615R ETSISIMATIC RF166CSIMATIC Reader RF685R CMIITSIMATIC RF185CSIMATIC Reader RF610R CMIITSIMATIC Reader RF685R ETSISIMATIC Reader RF615R CMIITSIMATIC RF188CISIMATIC Reader RF610R ETSISIMATIC Reader RF685R FCCSIMATIC Reader RF615R FCCSIMATIC RF186CSIMATIC RF360RSIMATIC Reader RF680R ARIBSIMATIC Reader RF685R ARIBSIMATIC RF188CSIMATIC Reader RF680R ETSISIMATIC Reader RF610R FCCSIMATIC Reader RF650R CMIITSIMATIC RF186CISIMATIC Reader RF680R FCCSIMATIC Reader RF650R FCC
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-27385
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.32%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_hmi_ktp_mobile_panels_ktp400fsinamics_gm150simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresinamics_sm150isinamics_gl150_firmwaresinamics_gl150simatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_comfort_panels_4\"_firmwaresinamics_gm150_firmwaresinamics_sm150simatic_hmi_comfort_outdoor_panels_7\"_firmwaresinamics_gh150simatic_hmi_ktp_mobile_panels_ktp700_firmwaresinamics_gh150_firmwaresinamics_sl150simatic_hmi_comfort_panels_22\"simatic_hmi_ktp_mobile_panels_ktp700fsinamics_sh150sinamics_sm150_firmwaresimatic_hmi_ktp_mobile_panels_ktp900fsinamics_sh150_firmwaresimatic_hmi_comfort_outdoor_panels_7\"sinamics_sm120simatic_hmi_ktp_mobile_panels_ktp700simatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_hmi_comfort_panels_4\"sinamics_sl150_firmwaresinamics_sm150i_firmwaresimatic_hmi_ktp_mobile_panels_ktp900simatic_hmi_comfort_outdoor_panels_15\"simatic_hmi_comfort_panels_22\"_firmwaresimatic_wincc_runtime_advancedsinamics_sm120_firmwareSIMATIC WinCC Runtime Advanced V16SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) SINAMICS SM150iSIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)SINAMICS GH150SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSINAMICS GM150 (with option X30)SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F SINAMICS GL150 (with option X30)SINAMICS SH150SIMATIC WinCC Runtime Advanced V15SINAMICS SL150SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) SINAMICS SM120SINAMICS SM150
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 6
  • 7
  • Next
Details not found