Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-27640

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-10 May, 2022 | 09:47
Updated At-03 Aug, 2024 | 05:32
Rejected At-
Credits

A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP 443-1 RNA (All versions < V1.5.18). The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming attacks, which can cause the device to reboot.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:10 May, 2022 | 09:47
Updated At:03 Aug, 2024 | 05:32
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP 443-1 RNA (All versions < V1.5.18). The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming attacks, which can cause the device to reboot.

Affected Products
Vendor
Siemens AGSiemens
Product
SIMATIC CP 442-1 RNA
Versions
Affected
  • All versions < V1.5.18
Vendor
Siemens AGSiemens
Product
SIMATIC CP 443-1 RNA
Versions
Affected
  • All versions < V1.5.18
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400: Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400: Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-480937.pdf
x_refsource_MISC
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-480937.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-480937.pdf
x_refsource_MISC
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-480937.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:20 May, 2022 | 13:15
Updated At:01 Jun, 2022 | 18:10

A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP 443-1 RNA (All versions < V1.5.18). The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming attacks, which can cause the device to reboot.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.06.1MEDIUM
AV:A/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 6.1
Base severity: MEDIUM
Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Siemens AG
siemens
>>simatic_cp_442-1_rna_firmware>>Versions before 1.5.18(exclusive)
cpe:2.3:o:siemens:simatic_cp_442-1_rna_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_cp_442-1_rna>>-
cpe:2.3:h:siemens:simatic_cp_442-1_rna:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_cp_443-1_rna_firmware>>Versions before 1.5.18(exclusive)
cpe:2.3:o:siemens:simatic_cp_443-1_rna_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_cp_443-1_rna>>-
cpe:2.3:h:siemens:simatic_cp_443-1_rna:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Primarynvd@nist.gov
CWE-400Secondaryproductcert@siemens.com
CWE ID: CWE-400
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-400
Type: Secondary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-480937.pdfproductcert@siemens.com
Patch
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-480937.pdf
Source: productcert@siemens.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

122Records found
CVE-2017-2680
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-2.33% / 84.21%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf685r_firmwaresinamics_g150simatic_s7-200_smartsimatic_et_200m_firmwareextension_unit_15_profinet_firmwareek-ertec_200_pn_iosinamics_g150_firmwaresimatic_rf680r_firmwaresimatic_cp_343-1_advsimatic_s7-300sitop_psu8600sinamics_gh150simatic_dk-1604_pn_iosinamics_g130simatic_rf650r_firmwaresinamics_v90_pnsimatic_et_200mp_firmwaresimatic_s7-1500_software_controller_firmwaresinumerik_840d_sl_firmwaresimatic_s7-1500_firmwareextension_unit_19_profinet_firmwaredk_standard_ethernet_controller_firmwaresimatic_cp_443-1_adv_firmwarescalance_x200sinamics_gm150_firmwaresinamics_dcpscalance_w700scalance_s615_firmwaresimocode_pro_v_profinetsimatic_s7-1200_firmwaresimatic_rf680rsirius_motor_starter_m200d_profinet_firmwaresimatic_cp_443-1_stdsimatic_cp_1543sp-1_firmwaresimatic_et_200ecopnsinamics_g110m_s110_pnsimatic_s7-1200simatic_cp_1542sp-1_irc_firmwaresimatic_cp_1243-1_dnp3_firmwaresimatic_cp_1626_firmwareextension_unit_12_profinet_firmwaresinamics_g120\(c\/p\/d\)_w._pnsimatic_s7-400simatic_teleservice_adapter_ie_advanced_modemsimatic_hmi_mobile_panelssimatic_cp_1243-1sinamics_v90_pn_firmwaresinumerik_828d_firmwareextension_unit_22_profinetsimatic_winac_rtx_firmwaresimatic_s7-400_firmwareextension_unit_15_profinetsimatic_cp_343-1_lean_firmwaresimatic_cp_1243-1_firmwaresimatic_dk-1604_pn_io_firmwareie\/pb-linksimatic_dk-1616_pn_io_firmwarepn\/pn_coupler_firmwaresinamics_s150simotionsimatic_cp_1616_firmwaresimatic_et_200s_firmwaresimatic_cp_1543-1simatic_cp_1616ie\/as-i_link_pn_io_firmwarescalance_x300sinamics__s110_pn_firmwarescalance_m-800_firmwaresimatic_hmi_multi_panelssirius_act_3su1simatic_cp_343-1_adv_firmwaresirius_soft_starter_3rw44_pn_firmwaresimatic_dk-1616_pn_ioie\/as-i_link_pn_iosimatic_cp_443-1_std_firmwarescalance_xm400sinamics_sm120_firmwarescalance_m-800ek-ertec_200_pn_io_firmwaresimatic_teleservice_adapter_ie_basic_firmwaresimatic_et_200al_firmwaresinamics_sm120simatic_cp_1243-1_ircscalance_w700_firmwaresinamics_g110m_firmwarescalance_x200_irt_firmwaresimatic_cp_1542sp-1_ircsimatic_et_200propn\/pn_couplersinamics_sl150sinamics_dcp_firmwaresimatic_cp_1543-1_firmwareextension_unit_19_profinetscalance_x408simatic_hmi_comfort_panelssirius_act_3su1_firmwarescalance_x200_firmwaresinamics_dcm_firmwaresoftnet_profinet_io_firmwaresimatic_teleservice_adapter_ie_basicsimatic_winac_rtxsimatic_cm_1542-1scalance_xm400_firmwaresimatic_tdc_cp51m1simatic_cp_343-1_stdsimatic_cp_1243-8ups1600_profinet_firmwaresimatic_cp_1243-1_iec_firmwarescalance_xr500_firmwaresimatic_cp_1243-1_iecsimatic_rf685rsimatic_tdc_cpu555_firmwaresimatic_cp_1243-7_lte\/us_firmwaredk_standard_ethernet_controllerextension_unit_12_profinetsimatic_cp_1243-8_firmwaresimatic_et_200alsimatic_cp_443-1_opc-ua_firmwaresimatic_et_200sscalance_s615simatic_cp_1543sp-1simatic_teleservice_adapter_ie_standard_firmwaresinamics_gl150_firmwaresimocode_pro_v_profinet_firmwaresimatic_s7-200_smart_firmwaresinamics_gm150simatic_cp_443-1_advsimatic_cp_1243-7_lte\/ussinamics_dcmsimotion_firmwaresimatic_cp_1243-1_dnp3simatic_cp_443-1_opc-uasinumerik_840d_slsimatic_et_200ecopn_firmwaresimatic_cp_1243-1_irc_firmwarescalance_x414_firmwaresimatic_et_200sp_firmwaresirius_motor_starter_m200d_profinetsimatic_s7-1500simatic_cp_1604scalance_xr500scalance_x414ie\/pb-link_firmwarescalance_x200_irtsimatic_et_200pro_firmwaresinumerik_828dsinamics_gh150_firmwaresimatic_s7-1500_software_controllersinamics_s120simatic_cp_1242-7_gprs_firmwaresoftnet_profinet_ioek-ertec_200p_pn_io_firmwaresimatic_cp_343-1_leansimatic_cp_1542sp-1sinamics_s120_firmwaresimatic_s7-300_firmwareextension_unit_22_profinet_firmwaresinamics_g130_firmwarescalance_x408_firmwaresimatic_et_200mpsimatic_tdc_cpu555sinamics_g120\(c\/p\/d\)_w._pn_firmwaresimatic_rf650rsitop_psu8600_firmwaresimatic_et_200spsimatic_cp_1542sp-1_firmwarescalance_x300_firmwaresimatic_teleservice_adapter_ie_advanced_firmwaresimatic_cp_1242-7_gprssinamics_s150_firmwareek-ertec_200p_pn_iosimatic_teleservice_adapter_ie_standardsimatic_et_200msimatic_cp_1604_firmwareups1600_profinetsinamics_gl150simatic_cp_1626sinamics_sl150_firmwaresimatic_tdc_cp51m1_firmwaresimatic_cp_343-1_std_firmwaresirius_soft_starter_3rw44_pnsimatic_cm_1542-1_firmwareSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)SINAMICS SL150 V4.7.5 w. PROFINETSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC Teleservice Adapter IE StandardSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIRIUS Motor Starter M200D PROFINETSCALANCE X-200 family (incl. SIPLUS NET variants)SIMATIC CP 1543SP-1 (incl. SIPLUS variants)SIMATIC MV440 HRSINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN: IO-Link MasterSINAMICS SL150 V4.7.4 w. PROFINETSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC Teleservice Adapter IE AdvancedSIMATIC CP 1626SIMATIC MV420 SR-BSCALANCE XR-500 familySIMATIC ET200ecoPN, 16DI, DC24V, 8xM12Extension Unit 19" PROFINETSIMATIC ET 200MP IM 155-5 PN STSIMATIC DK-16xx PN IOSIMATIC MV420 SR-PSINUMERIK 840D sl V4.7SIMATIC TDC CPU555SIMATIC TDC CP51M1IE/PB-Link (incl. SIPLUS NET variants)SIMATIC ET 200MP IM 155-5 PN BASINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants)SIMATIC MV420 SR-B BodyDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC RF650RSCALANCE XM-400 familySINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySINAMICS S150 V4.8 w. PNSIMATIC MV440 SRSIMATIC S7-200 SMARTSIMATIC CP 1243-8 IRCExtension Unit 22" PROFINETSIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)SINAMICS S150 V4.7 w. PNSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)SINAMICS SM120 V4.7 w. PROFINETSIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIMATIC RF680RSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SINAMICS GH150 V4.7 w. PROFINETSIMATIC CP 1543-1 (incl. SIPLUS variants)SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMOTIONSINAMICS GL150 V4.7 w. PROFINETSINAMICS S110 w. PNSIMATIC RF685RSITOP UPS1600 PROFINET (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASIMATIC CM 1542-1SCALANCE X408 familySIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC ET 200SP IM 155-6 PN HFSIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 PN STSCALANCE X-200IRT family (incl. SIPLUS NET variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC CP 1243-7 LTE USSoftnet PROFINET IO for PC-based Windows systemsSIMATIC CP 1242-7 V2 (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASINAMICS SL150 V4.7.0 w. PROFINETSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC CP 1604SIMATIC S7-1500 Software ControllerSIMATIC ET200S (incl. SIPLUS variants)IE/AS-i Link PN IOSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC CP 1243-1 (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC CP 343-1 (incl. SIPLUS variants)SITOP PSU8600 PROFINETSIMATIC CM 1542SP-1SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SINUMERIK 828D V4.7SINUMERIK 828D V4.5 and priorExtension Unit 12" PROFINETSIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)SIMATIC CP 1616SINAMICS V90 w. PNSCALANCE X-300 family (incl. X408 and SIPLUS NET variants)SINAMICS DCM w. PNSINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSCALANCE M-800 family (incl. S615, MUM-800 and RM1224)SINUMERIK 840D sl V4.5 and priorSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIMATIC Teleservice Adapter IE BasicSINAMICS DCP w. PNSINAMICS GM150 V4.7 w. PROFINETSIMATIC ET 200M (incl. SIPLUS variants)Extension Unit 15" PROFINETSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SIPLUS ET 200SP IM 155-6 PN STSIMATIC MV440 URSIRIUS ACT 3SU1 interface module PROFINETSIPLUS ET 200MP IM 155-5 PN HFSCALANCE X414SINAMICS G150 V4.8 w. PNSIMATIC CP 443-1 (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-2681
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.44% / 62.36%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf685r_firmwaresinamics_g150simatic_s7-200_smartsimatic_et_200m_firmwareek-ertec_200_pn_iosinamics_g150_firmwaresinamics_g120\(c\/p\/d\)_pn_firmwaresimatic_rf680r_firmwaresimatic_cp_343-1_advsimatic_s7-300sitop_psu8600sinamics_g130simatic_rf650r_firmwaresinamics_v90_pnsimatic_et_200mp_firmwaresinumerik_840d_sl_firmwaresimatic_s7-1500_firmwaredk_standard_ethernet_controller_firmwaresimatic_cp_443-1_adv_firmwarescalance_x200sinamics_dcpscalance_w700scalance_s615_firmwaresimocode_pro_v_profinetsimatic_cm_1542sp-1simatic_s7-1200_firmwaresimatic_teleservice_adapter_ie_basic_modem_firmwaresimatic_rf680rsirius_motor_starter_m200d_profinet_firmwaresimatic_cp_443-1_stdsimatic_cp_1543sp-1_firmwaresimatic_teleservice_adapter_ie_advanced_modem_firmwaresimatic_et_200ecopnsinamics_g110msimatic_s7-1200sinamics_s110_pn_firmwaresimatic_cp_1542sp-1_irc_firmwaresimatic_cp_1243-1_dnp3_firmwaresimatic_s7-400simatic_teleservice_adapter_ie_advanced_modemsimatic_hmi_mobile_panelssimatic_cp_1243-1sinamics_v90_pn_firmwaresinumerik_828d_firmwaresimatic_winac_rtx_firmwaresimatic_s7-400_firmwaresimatic_cp_343-1_lean_firmwaresimatic_cp_1243-1_firmwareie\/pb-linkpn\/pn_coupler_firmwaresinamics_s150simotionsimatic_cp_1616_firmwaresimatic_et_200s_firmwaresimatic_cp_1543-1simatic_cp_1616ie\/as-i_link_pn_io_firmwarescalance_x300scalance_m-800_firmwaresimatic_hmi_multi_panelssirius_act_3su1simatic_cp_343-1_adv_firmwaresirius_soft_starter_3rw44_pn_firmwareie\/as-i_link_pn_iosimatic_cp_443-1_std_firmwarescalance_xm400scalance_m-800ek-ertec_200_pn_io_firmwaresinamics_s110_pnsimatic_et_200al_firmwaresimatic_cp_1243-1_ircscalance_w700_firmwaresinamics_g110m_firmwarescalance_x200_irt_firmwaresimatic_cp_1542sp-1_ircsimatic_et_200propn\/pn_couplersinamics_dcp_firmwaresimatic_teleservice_adapter_standard_modem_firmwaresimatic_cp_1543-1_firmwarescalance_x408simatic_hmi_comfort_panelssirius_act_3su1_firmwarescalance_x200_firmwaresinamics_dcm_firmwaresoftnet_profinet_io_firmwaresimatic_winac_rtxsimatic_cm_1542-1scalance_xm400_firmwaresimatic_tdc_cp51m1simatic_cp_343-1_stdsinamics_g120\(c\/p\/d\)_pnsimatic_cm_1542sp-1_firmwareups1600_profinet_firmwaresimatic_cp_1243-1_iec_firmwarescalance_xr500_firmwaresimatic_cp_1243-1_iecsimatic_rf685rsimatic_teleservice_adapter_ie_basic_modemsimatic_tdc_cpu555_firmwaredk_standard_ethernet_controllersimatic_et_200alsimatic_cp_443-1_opc-ua_firmwaresimatic_et_200sscalance_s615simatic_cp_1543sp-1simocode_pro_v_profinet_firmwaresimatic_s7-200_smart_firmwaresimatic_cp_443-1_advsinamics_dcmsimotion_firmwaresimatic_dk-16xx_pn_iosimatic_cp_1243-1_dnp3simatic_cp_443-1_opc-uasinumerik_840d_slsimatic_et_200ecopn_firmwaresimatic_cp_1243-1_irc_firmwaresimatic_dk-16xx_pn_io_firmwarescalance_x414_firmwaresimatic_et_200sp_firmwaresirius_motor_starter_m200d_profinetsimatic_s7-1500simatic_cp_1604scalance_xr500scalance_x414ie\/pb-link_firmwarescalance_x200_irtsimatic_et_200pro_firmwaresinumerik_828dsinamics_s120simatic_s7-1500_software_controllersoftnet_profinet_ioek-ertec_200p_pn_io_firmwaresimatic_cp_343-1_leansimatic_cp_1542sp-1sinamics_s120_firmwaresimatic_s7-300_firmwaresinamics_g130_firmwarescalance_x408_firmwaresimatic_teleservice_adapter_standard_modemsimatic_et_200mpsimatic_tdc_cpu555simatic_rf650rsitop_psu8600_firmwaresimatic_et_200spscalance_x300_firmwaresinamics_s150_firmwareek-ertec_200p_pn_iosimatic_et_200msimatic_cp_1604_firmwareups1600_profinetsimatic_tdc_cp51m1_firmwaresimatic_cp_343-1_std_firmwaresirius_soft_starter_3rw44_pnsimatic_cm_1542-1_firmwareSINAMICS S110 w. PNSIMATIC RF685RSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SITOP UPS1600 PROFINET (incl. SIPLUS variants)SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASIMATIC CM 1542-1SCALANCE X408 familySIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC Teleservice Adapter IE StandardSIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC ET 200SP IM 155-6 PN HFSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIRIUS Motor Starter M200D PROFINETSIPLUS ET 200SP IM 155-6 PN HFSCALANCE X-200 family (incl. SIPLUS NET variants)SIMATIC CP 1543SP-1 (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN STSIMATIC MV440 HRSCALANCE X-200IRT family (incl. SIPLUS NET variants)SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC ET200ecoPN: IO-Link MasterSoftnet PROFINET IO for PC-based Windows systemsSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC Teleservice Adapter IE AdvancedSIMATIC MV420 SR-BSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSCALANCE XR-500 familySIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC CP 1604SIMATIC ET 200MP IM 155-5 PN STSIMATIC S7-1500 Software ControllerSIMATIC DK-16xx PN IOSIMATIC MV420 SR-PSINUMERIK 840D sl V4.7SIMATIC TDC CPU555SIMATIC ET200S (incl. SIPLUS variants)IE/AS-i Link PN IOSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC CP 1243-1 (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC CP 343-1 (incl. SIPLUS variants)SITOP PSU8600 PROFINETSIMATIC TDC CP51M1SIMATIC CM 1542SP-1IE/PB-Link (incl. SIPLUS NET variants)SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SINUMERIK 828D V4.7SIMATIC ET 200MP IM 155-5 PN BASINUMERIK 828D V4.5 and priorSINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SIMATIC CP 1616SINAMICS V90 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSCALANCE X-300 family (incl. X408 and SIPLUS NET variants)SIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants)SINAMICS DCM w. PNSIMATIC MV420 SR-B BodySINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC RF650RDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSCALANCE M-800 family (incl. S615, MUM-800 and RM1224)SINUMERIK 840D sl V4.5 and priorSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SCALANCE XM-400 familySIMATIC Teleservice Adapter IE BasicSINAMICS DCP w. PNSINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySINAMICS S150 V4.8 w. PNSIMATIC ET 200M (incl. SIPLUS variants)SIMATIC CP 443-1 (incl. SIPLUS variants)SIMATIC MV440 SRSIMATIC S7-200 SMARTSIMATIC CP 1243-8 IRCSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)SINAMICS S150 V4.7 w. PNSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200SP IM 155-6 PN STSIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC MV440 URSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIMATIC RF680RSIRIUS ACT 3SU1 interface module PROFINETSIPLUS ET 200MP IM 155-5 PN HFSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SCALANCE X414SINAMICS G150 V4.8 w. PNSIMATIC CP 1543-1 (incl. SIPLUS variants)SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMOTION
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-4843
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 28.44%
||
7 Day CHG~0.00%
Published-20 Mar, 2018 | 14:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system. The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-400_h_v6simatic_s7-400_pn\/dp_v7_firmwaresimatic_s7-400_h_v6_firmwaresimatic_cp_343-1simatic_cp_443-1_firmwaresimatic_s7-400_pn\/dp_v7simatic_winac_rtx_2010_firmwaresimatic_s7-1500_firmwaresimatic_s7-400_pn\/dp_v6sinumerik_828d_firmwaresimatic_s7-1500simatic_cp_443-1sinumerik_828dsimatic_s7-300simatic_s7-400_pn\/dp_v6_firmwaresimatic_s7-410_firmwaresoftnet_pn-io_linux_firmwaresimatic_s7-410simatic_winac_rtx_2010softnet_pn-io_linuxsimatic_s7-300_firmwaresimatic_cp_343-1_firmwareSIMATIC CP 343-1 (incl. SIPLUS variants)SIMATIC WinAC RTX 2010SIMATIC ET 200S IM151-8 PN/DP CPUSIMATIC ET 200S IM151-8F PN/DP CPU SIMATIC S7-400 CPU 416F-3 PN/DP V7SIMATIC S7-410 CPU family (incl. SIPLUS variants)SIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317F-2 PN/DPSIMATIC CP 443-1 AdvancedSINUMERIK 828DSIMATIC S7-300 CPU 315F-2 PN/DPSIPLUS NET CP 443-1 Advanced SIMATIC S7-400 CPU 414-3 PN/DP V7SIMATIC S7-300 CPU 317-2 PN/DPSIMATIC S7-300 CPU 317TF-3 PN/DP SIMATIC S7-400 CPU 416-3 PN/DP V7SIMATIC S7-300 CPU 315-2 PN/DPSIMATIC CP 443-1SIPLUS S7-300 CPU 315-2 PN/DPSoftnet PROFINET IO for PC-based Windows systemsSIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC S7-300 CPU 319F-3 PN/DPSIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) SIMATIC S7-400 CPU 414F-3 PN/DP V7SIMATIC ET 200pro IM154-8F PN/DP CPUSIMATIC S7-300 CPU 317T-3 PN/DPSIMATIC S7-300 CPU 319-3 PN/DPSIPLUS S7-400 CPU 416-3 PN/DP V7SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIMATIC WinAC RTX F 2010SIPLUS ET 200S IM151-8 PN/DP CPUSIPLUS NET CP 443-1SIMATIC S7-1500 Software ControllerSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIPLUS ET 200S IM151-8F PN/DP CPUSIPLUS S7-300 CPU 317-2 PN/DPSIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC ET 200pro IM154-8 PN/DP CPUSIMATIC ET 200pro IM154-8FX PN/DP CPUSIMATIC S7-300 CPU 315T-3 PN/DPSIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC S7-400 CPU 412-2 PN V7SIPLUS S7-300 CPU 314C-2 PN/DP
CWE ID-CWE-20
Improper Input Validation
CVE-2025-40556
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.02% / 4.52%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-13 May, 2025 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in BACnet ATEC 550-440 (All versions), BACnet ATEC 550-441 (All versions), BACnet ATEC 550-445 (All versions), BACnet ATEC 550-446 (All versions). Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device's normal operation.

Action-Not Available
Vendor-Siemens AG
Product-BACnet ATEC 550-446BACnet ATEC 550-445BACnet ATEC 550-441BACnet ATEC 550-440
CWE ID-CWE-20
Improper Input Validation
CVE-2021-31882
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-1.41% / 79.74%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-11 Mar, 2025 | 09:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011)

Action-Not Available
Vendor-Siemens AG
Product-nucleus_readystart_v3talon_tc_compactnucleus_nettalon_tc_compact_firmwareapogee_pxc_compactapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwareapogee_modular_equiment_controllerapogee_modular_building_controllercapital_vstarapogee_pxc_modular_firmwareapogee_pxc_modulartalon_tc_modular_firmwaretalon_tc_modularapogee_modular_building_controller_firmwarenucleus_source_codeCapital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-48363
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.09% / 27.26%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 08:59
Updated-18 Oct, 2024 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain unorganized RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server.

Action-Not Available
Vendor-Siemens AG
Product-openpcs_7simatic_winccsimatic_pcs_7simatic_route_controlsimatic_wincc_runtime_professionalsimatic_batchSIMATIC WinCC Runtime Professional V19SIMATIC PCS 7 V9.1OpenPCS 7 V9.1SIMATIC BATCH V9.1SIMATIC WinCC V7.4SIMATIC WinCC V7.5SIMATIC Route Control V9.1SIMATIC WinCC V8.0SIMATIC WinCC Runtime Professional V18
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-48364
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.07% / 23.18%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 08:59
Updated-18 Oct, 2024 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server.

Action-Not Available
Vendor-Siemens AG
Product-openpcs_7simatic_winccsimatic_pcs_7simatic_route_controlsimatic_wincc_runtime_professionalsimatic_batchSIMATIC WinCC Runtime Professional V19SIMATIC PCS 7 V9.1OpenPCS 7 V9.1SIMATIC BATCH V9.1SIMATIC WinCC V7.4SIMATIC WinCC V7.5SIMATIC Route Control V9.1SIMATIC WinCC V8.0SIMATIC WinCC Runtime Professional V18
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2014-2252
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.16% / 37.41%
||
7 Day CHG~0.00%
Published-22 Mar, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted PROFINET packets, a different vulnerability than CVE-2014-2253.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_s7_cpu_1200_firmwaresimatic_s7_cpu_1212csimatic_s7_cpu_1215csimatic_s7_cpu-1211csimatic_s7_cpu_1214csimatic_s7_cpu_1217cn/a
CVE-2014-2253
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.16% / 37.41%
||
7 Day CHG~0.00%
Published-16 Mar, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted Profinet packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_s7-1500_cpu_firmwaren/a
CVE-2025-24510
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.02% / 4.52%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-13 May, 2025 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in MS/TP Point Pickup Module (All versions). Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device's normal operation.

Action-Not Available
Vendor-Siemens AG
Product-MS/TP Point Pickup Module
CWE ID-CWE-20
Improper Input Validation
CVE-2017-9945
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 35.52%
||
7 Day CHG~0.00%
Published-30 Aug, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Ethernet (Layer 2) broadcast. The affected component requires a manual restart via the main device to recover.

Action-Not Available
Vendor-n/aSiemens AG
Product-7km_pac_switched_ethernet_profinet_expansion_module_firmware7km_pac_switched_ethernet_profinet_expansion_moduleSiemens 7KM PAC Switched Ethernet PROFINET expansion module: All versions < V2.1.3
CWE ID-CWE-20
Improper Input Validation
CVE-2022-37894
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 27.53%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InstantOS that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-arubaosscalance_w1750d_firmwareinstantscalance_w1750dAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;
CVE-2017-6865
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 25.31%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover.

Action-Not Available
Vendor-Siemens AG
Product-simatic_automation_toolsinaut_st7ccsimatic_step_7_\(tia_portal\)simatic_winccsimatic_winac_rtx_2010smart_pc_accesssimatic_wincc_flexible_2008simatic_winac_rtx_f_2010security_configuration_toolsinema_serverpcs_7sinumerik_808d_programming_toolsimatic_wincc_\(tia_portal\)primary_setup_toolsimatic_step_7_micro\/win_smartsimatic_net_pc-softwareSIMATIC WinAC RTX F 2010 SP2Security Configuration Tool (SCT)SIMATIC STEP 7 (TIA Portal) V13SIMATIC WinCC (TIA Portal) V14SIMATIC Automation ToolSIMATIC WinCC (TIA Portal) V13SIMATIC WinCC V7.2 and priorSIMATIC NET PC-SoftwareSIMATIC WinCC V7.3SIMATIC WinCC flexible 2008STEP 7 - Micro/WIN SMARTSIMATIC WinCC V7.4Primary Setup Tool (PST)SMART PC AccessSIMATIC PCS 7 V8.1SIMATIC STEP 7 V5.XSINEMA ServerSINUMERIK 808D Programming ToolSINAUT ST7CCSIMATIC WinAC RTX 2010 SP2SIMATIC PCS 7 V8.2SIMATIC STEP 7 (TIA Portal) V14
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37183
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 32.89%
||
7 Day CHG~0.00%
Published-14 Sep, 2021 | 10:47
Updated-23 Apr, 2025 | 19:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software allows sending send-to-sleep notifications to the managed devices. An unauthenticated attacker in the same network of the affected system can abuse these notifications to cause a Denial-of-Service condition in the managed devices.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Server
CWE ID-CWE-284
Improper Access Control
CVE-2012-1800
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-6.1||MEDIUM
EPSS-0.25% / 48.02%
||
7 Day CHG~0.00%
Published-18 Apr, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a crafted DCP frame.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_s_firmwarescalance_s602scalance_s612scalance_s613n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-28329
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 48.85%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:08
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle malformed TCP packets received over the RemoteCapture feature. This could allow an attacker to lead to a denial of service condition which only affects the port used by the RemoteCapture feature.

Action-Not Available
Vendor-Siemens AG
Product-scalance_w1788-2ia_m12scalance_w1788-2ia_m12_firmwarescalance_w1788-2_m12_firmwarescalance_w1788-1_m12_firmwarescalance_w1788-2_eec_m12_firmwarescalance_w1788-1_m12scalance_w1788-2_eec_m12scalance_w1788-2_m12SCALANCE W1788-1 M12SCALANCE W1788-2IA M12SCALANCE W1788-2 M12SCALANCE W1788-2 EEC M12
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0675
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-6.1||MEDIUM
EPSS-0.06% / 20.11%
||
7 Day CHG~0.00%
Published-21 Mar, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_pcs7winccn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5391
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-1.73% / 81.69%
||
7 Day CHG~0.00%
Published-06 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Canonical Ltd.F5, Inc.Siemens AGLinux Kernel Organization, IncMicrosoft Corporation
Product-ubuntu_linuxbig-ip_webacceleratorbig-ip_application_acceleration_managerenterprise_linux_server_euswindows_8.1big-ip_policy_enforcement_managerenterprise_linux_server_ausscalance_sc-600_firmwaresimatic_rf188_firmwareruggedcom_rm1224_firmwarebig-ip_local_traffic_managersimatic_net_cp_1243-7_lte_uswindows_10simatic_net_cp_1243-7_lte_us_firmwarescalance_w700_ieee_802.11a\/b\/g\/nsinema_remote_connect_serverenterprise_linux_workstationsimatic_net_cp_1243-1simatic_net_cp_1243-7_lte_eu_firmwaresimatic_rf185c_firmwarescalance_s615_firmwaresimatic_net_cp_1543sp-1enterprise_linux_desktopsimatic_net_cp_1543-1scalance_m-800_firmwaresimatic_net_cp_1242-7_firmwaresimatic_net_cp_1542sp-1_firmwarebig-ip_domain_name_systemsimatic_net_cp_1543sp-1_firmwarescalance_w1700_ieee_802.11ac_firmwareruggedcom_rox_iisimatic_net_cp_1542sp-1big-ip_edge_gatewaydebian_linuxlinux_kernelsimatic_net_cp_1543-1_firmwarescalance_sc-600simatic_net_cp_1242-7simatic_net_cp_1243-1_firmwarewindows_server_2008simatic_net_cp_1542sp-1_irc_firmwareenterprise_linux_serverwindows_server_2016windows_server_2012simatic_rf188big-ip_fraud_protection_serviceruggedcom_rox_ii_firmwarescalance_w700_ieee_802.11a\/b\/g\/n_firmwaresimatic_rf186c_firmwaresimatic_net_cp_1542sp-1_ircbig-ip_application_security_managerruggedcom_rm1224simatic_rf185cscalance_s615simatic_rf186cisimatic_net_cp_1243-8_ircbig-ip_access_policy_managersimatic_net_cp_1243-8_irc_firmwaresimatic_rf186ci_firmwaresimatic_rf188ci_firmwaresinema_remote_connect_server_firmwarewindows_rt_8.1big-ip_global_traffic_managerbig-ip_analyticssimatic_rf186cbig-ip_link_controllerscalance_w1700_ieee_802.11acwindows_7scalance_m-800enterprise_linux_server_tusbig-ip_advanced_firewall_managersimatic_rf188cisimatic_net_cp_1243-7_lte_euKernel
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-20
Improper Input Validation
CVE-2018-4837
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.48% / 80.20%
||
7 Day CHG~0.00%
Published-25 Jan, 2018 | 14:00
Updated-16 Sep, 2024 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with access to the TeleControl Server Basic's webserver (port 80/tcp or 443/tcp) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-7584
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.16%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:18
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-200 SMART CPU family (All versions >= V2.2 < V2.5.1). Affected devices do not properly handle large numbers of new incomming connections and could crash under certain circumstances. An attacker may leverage this to cause a Denial-of-Service situation.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-200_smart_sr_cpusimatic_s7-200_smart_sr_cpu_firmwaresimatic_s7-200_smart_st_cpu_firmwaresimatic_s7-200_smart_st_cpuSIMATIC S7-200 SMART CPU family
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-23814
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.20% / 42.48%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:28
Updated-10 Jul, 2025 | 10:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication services are not affected. Affected devices will resume normal operation after the attack terminates.

Action-Not Available
Vendor-Siemens AG
Product-SIPLUS S7-1200 CPU 1212 AC/DC/RLYSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 319F-3 PN/DPSIMATIC ET 200SP CPU 1512SP F-1 PNSIMATIC TDC CPU555SIPLUS S7-1200 CPU 1214FC DC/DC/DCSIMATIC ET 200pro IM 154-4 PN HFSIPLUS S7-1200 CPU 1215FC DC/DC/DCSIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIMATIC S7-300 CPU 317F-2 PN/DPSIWAREX WP241SIPLUS S7-1200 CPU 1215 AC/DC/RLYSIMATIC ET 200SP IM 155-6 PN HFSIPLUS ET 200S IM151-3 PN HFSIPLUS ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1200 CPU 1211C DC/DC/DCSIMATIC ET 200AL IM 157-1 PNSIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)SIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC ET 200SP IM 155-6 PN/2 HFSIMATIC S7-1500 CPU 1513-1 PNSIDOOR ATD430WSIPLUS ET 200S IM 151-8F PN/DP CPUSIMATIC S7-1500 CPU 1511-1 PNSIMATIC ET 200S IM 151-3 PN FOSIMATIC S7-300 CPU 315T-3 PN/DPSIMATIC S7-1200 CPU 1215C DC/DC/DCSIPLUS NET PN/PN CouplerSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC ET 200SP IM 155-6 PN ST BASIMATIC ET 200MP IM 155-5 PN STSIMATIC S7-1200 CPU 1212C AC/DC/RlySIMATIC ET 200SP CPU 1512SP-1 PNSIWAREX WP521 STSIMATIC ET 200S IM 151-8 PN/DP CPUSIMATIC Power Line Booster PLB, Modem Module STSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC CFU DIQSIPLUS HCS4200 CIM4210CSINUMERIK 840D slSIMATIC S7-1200 CPU 1212C DC/DC/DCSIMATIC S7-1500 CPU 1516F-3 PN/DPSIPLUS ET 200M IM 153-4 PN IO STSIPLUS HCS4300 CIM4310SIPLUS S7-1200 CPU 1214 DC/DC/DCSIPLUS S7-1500 CPU 1511-1 PNSIMATIC ET 200SP IM 155-6 PN BASIMATIC S7-300 CPU 317T-3 PN/DPSIPLUS ET 200SP IM 155-6 PN HFSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC PN/PN CouplerSIPLUS S7-1500 CPU 1516-3 PN/DPSIMATIC S7-1200 CPU 1214FC DC/DC/RlySIMATIC ET 200M IM 153-4 PN IO HFSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM 154-3 PN HFSIPLUS ET 200M IM 153-4 PN IO HFSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC S7-1200 CPU 1214C AC/DC/RlySIPLUS ET 200S IM 151-8 PN/DP CPUSIMATIC ET 200pro IM 154-8FX PN/DP CPUSIMATIC ET 200S IM 151-3 PN STSIMATIC CFU PASIPLUS S7-1200 CPU 1212C DC/DC/DC RAILSIPLUS S7-1200 CPU 1212C DC/DC/DCSIMATIC ET 200MP IM 155-5 PN BASIDOOR ATE530S COATEDSIPLUS S7-1200 CPU 1215 DC/DC/DCSIPLUS S7-1500 CPU 1516F-3 PN/DPSIPLUS S7-1200 CPU 1214 DC/DC/RLYSIPLUS S7-1200 CPU 1214 AC/DC/RLYSIMATIC S7-1500 CPU 1515F-2 PNSIPLUS S7-1200 CPU 1214FC DC/DC/RLYSIPLUS S7-1200 CPU 1212 DC/DC/RLYSIMATIC S7-1500 CPU 1513F-1 PNSIMOCODE pro V PROFINETSIWAREX WP522 STSIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMATIC ET 200S IM 151-3 PN HSSIMATIC S7-1200 CPU 1212FC DC/DC/DCSIPLUS HCS4200 CIM4210SIMATIC S7-1200 CPU 1212FC DC/DC/RlySIMATIC S7-1200 CPU 1215C DC/DC/RlySIMATIC ET 200S IM 151-8F PN/DP CPUSIMATIC ET 200pro IM 154-8 PN/DP CPUSIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)SIPLUS S7-1500 CPU 1513-1 PNSIMATIC S7-1200 CPU 1212C DC/DC/RlySIMATIC S7-1200 CPU 1215FC DC/DC/RlySIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIPLUS S7-1200 CPU 1215 DC/DC/RLYSIMATIC Power Line Booster PLB, Base ModuleSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC ET 200S IM 151-3 PN HFSIPLUS S7-1200 CPU 1214C DC/DC/DC RAILSIWAREX WP251SIMATIC TDC CP51M1SIPLUS S7-300 CPU 315-2 PN/DPSIPLUS S7-300 CPU 314C-2 PN/DPSIMATIC S7-1200 CPU 1211C AC/DC/RlySIPLUS ET 200MP IM 155-5 PN STSIPLUS ET 200SP IM 155-6 PN STSIPLUS S7-1500 CPU 1511F-1 PNSIMATIC ET 200SP CPU 1510SP-1 PNSIMATIC S7-1200 CPU 1215C AC/DC/RlySIMATIC S7-1200 CPU 1214FC DC/DC/DCSIWAREX WP231SIMATIC S7-1200 CPU 1217C DC/DC/DCSIMATIC S7-1500 CPU 1516-3 PN/DPSIDOOR ATE530G COATEDSIMATIC S7-1200 CPU 1214C DC/DC/DCSIPLUS ET 200S IM151-3 PN STSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC S7-1200 CPU 1211C DC/DC/RlySIMATIC S7-1500 CPU 1515-2 PNSIMATIC S7-1200 CPU 1215FC DC/DC/DCSIMATIC ET 200SP IM 155-6 PN/3 HFSIMATIC ET 200SP IM 155-6 PN STSIMATIC ET 200M IM 153-4 PN IO STSIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SIMATIC S7-1200 CPU 1214C DC/DC/RlySIMATIC S7-300 CPU 317-2 PN/DPSIMATIC ET 200SP IM 155-6 PN HSSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIPLUS S7-1200 CPU 1215C DC/DC/DCSIMATIC ET 200SP IM 155-6 MF HFSIPLUS ET 200SP IM 155-6 PN ST TX RAILSIPLUS ET 200MP IM 155-5 PN HFSIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC ET 200SP CPU 1510SP F-1 PNSIMATIC ET 200pro IM 154-8F PN/DP CPU
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-3749
Matching Score-6
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-6
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-8.37% / 91.93%
||
7 Day CHG-0.21%
Published-31 Aug, 2021 | 10:36
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Inefficient Regular Expression Complexity in axios/axios

axios is vulnerable to Inefficient Regular Expression Complexity

Action-Not Available
Vendor-axiosaxiosOracle CorporationSiemens AG
Product-sinec_insgoldengateaxiosaxios/axios
CWE ID-CWE-1333
Inefficient Regular Expression Complexity
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-46352
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.29% / 51.46%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products.

Action-Not Available
Vendor-Siemens AG
Product-6gk5204-0bs00-3pa36gk5204-0ba00-2mb2_firmware6gk5204-0ba00-2kb2_firmware6gk5204-0ba00-2mb26gk5204-0ba00-2kb26gk5204-0bs00-3la3_firmware6gk5204-0bs00-2na3_firmware6gk5204-0bs00-3pa3_firmware6gk5204-0bs00-2na36gk5204-0bs00-3la3SCALANCE X204RNA (HSR)SCALANCE X204RNA EEC (PRP/HSR)SCALANCE X204RNA EEC (PRP)SCALANCE X204RNA EEC (HSR)SCALANCE X204RNA (PRP)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-40766
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 1.77%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 11:17
Updated-15 Aug, 2025 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service (DoS) attack.

Action-Not Available
Vendor-Siemens AG
Product-sinec_traffic_analyzerSINEC Traffic Analyzer
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-13805
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.71%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 17:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 incl. F (All versions >= V2.0 and < V2.5). An attacker can cause a denial-of-service condition on the network stack by sending a large number of specially crafted packets to the PLC. The PLC will lose its ability to communicate over the network. This vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no privileges and no user interaction. An attacker could use this vulnerability to compromise availability of the network connectivity. At the time of advisory publication no public exploitation of this vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500fsimatic_et_200spsimatic_et_200sp_firmwaresimatic_s7-1500_firmwaresimatic_s7-1500f_firmwaresimatic_s7-1500SIMATIC S7-1500 incl. FSIMATIC ET 200SP Open ControllerSIMATIC S7-1500 Software Controller
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-25659
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.45%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 10:35
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0 SP9 Update 2). Sending specially crafted packets to port 4410/tcp of an affected system could lead to extensive memory being consumed and as such could cause a denial-of-service preventing legitimate users from using the system.

Action-Not Available
Vendor-Siemens AG
Product-automation_license_managerAutomation License Manager 5Automation License Manager 6
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-37195
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.69%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 10:21
Updated-19 Sep, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests. This could allow local attackers with administrative privileges to cause a denial of service situation on the host. A physical power cycle is required to get the system working again.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cp_1604_firmwaresimatic_cp_1616simatic_cp_1628_firmwaresimatic_cp_1626_firmwaresimatic_cp_1604simatic_cp_1623_firmwaresimatic_cp_1623simatic_cp_1628simatic_cp_1616_firmwaresimatic_cp_1626SIMATIC CP 1628SIMATIC CP 1604SIMATIC CP 1626SIMATIC CP 1616SIMATIC CP 1623
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-35921
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.73% / 71.83%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-13 Nov, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted Ethernet frames sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-simatic_mv540_s_firmwaresimatic_mv540_ssimatic_mv560_x_firmwaresimatic_mv560_usimatic_mv560_u_firmwaresimatic_mv550_s_firmwaresimatic_mv540_hsimatic_mv550_h_firmwaresimatic_mv550_ssimatic_mv560_xsimatic_mv550_hsimatic_mv540_h_firmwareSIMATIC MV560 USIMATIC MV540 SSIMATIC MV540 HSIMATIC MV550 HSIMATIC MV550 SSIMATIC MV560 Xsimatic_mv540_ssimatic_mv560_usimatic_mv540_hsimatic_mv550_ssimatic_mv560_xsimatic_mv550_h
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-22883
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-87.36% / 99.42%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 17:38
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.

Action-Not Available
Vendor-Node.js (OpenJS Foundation)Oracle CorporationNetApp, Inc.Siemens AGFedora Project
Product-sinec_infrastructure_network_servicespeoplesoft_enterprise_peopletoolsgraalvme-series_performance_analyzermysql_clusternosql_databasefedorajd_edwards_enterpriseone_toolsnode.jsNode
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2022-39158
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.29% / 51.46%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 00:00
Updated-12 Aug, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2100PNC (32M) V4.X, RUGGEDCOM RSG2100PNC (32M) V5.X, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Affected devices improperly handle partial HTTP requests which makes them vulnerable to slowloris attacks. This could allow a remote attacker to create a denial of service condition that persists until the attack ends.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rsg2100_\(32m\)ruggedcom_rsg2300pruggedcom_rsg907rruggedcom_rst916pruggedcom_rsg910cruggedcom_rsl910ruggedcom_rs900_\(32m\)ruggedcom_rosruggedcom_rsg920pruggedcom_rsg2300ruggedcom_rs416v2ruggedcom_rst916cruggedcom_rst2228ruggedcom_rst2228pruggedcom_rmc8388ruggedcom_rsg909rruggedcom_rsg908cruggedcom_rs416pv2ruggedcom_rsg2488ruggedcom_rsg2288ruggedcom_rs900g_\(32m\)RUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS900MNC-STND-XX-C01RUGGEDCOM RSG920P V4.XRUGGEDCOM RS401NCRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS920LNCRUGGEDCOM RS910LRUGGEDCOM RS930WRUGGEDCOM RSG2100NC(32M) V5.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2288NC V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600RUGGEDCOM i801NCRUGGEDCOM RS940GRUGGEDCOM RSG2100NC(32M) V4.XRUGGEDCOM i800NCRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RS8000NCRUGGEDCOM RS400FRUGGEDCOM RS900NC(32M) V4.XRUGGEDCOM RS920LRUGGEDCOM RMC8388 V4.XRUGGEDCOM RS8000HRUGGEDCOM RS900LNCRUGGEDCOM RS8000TRUGGEDCOM RS910NCRUGGEDCOM RS416PFRUGGEDCOM RS900GRUGGEDCOM M2100FRUGGEDCOM RS900M-STND-XXRUGGEDCOM RS900WRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS900MNC-STND-XXRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RSG910CRUGGEDCOM RSG2300PFRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS1600NCRUGGEDCOM RS969RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RSG909RRUGGEDCOM RS416FRUGGEDCOM RS900GPFRUGGEDCOM RSG2100PRUGGEDCOM RS930LNCRUGGEDCOM RS416PRUGGEDCOM RSG920P V5.XRUGGEDCOM RSG2200NCRUGGEDCOM RS8000HNCRUGGEDCOM RSG2300PNC V5.XRUGGEDCOM RSG2288 V5.XRUGGEDCOM RS1600FRUGGEDCOM RS416NCRUGGEDCOM RS930LRUGGEDCOM RSG907RRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS910WRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS940GNCRUGGEDCOM RS900GNCRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RMC8388NC V5.XRUGGEDCOM RS940GFRUGGEDCOM RS910LNCRUGGEDCOM RSG2288NC V4.XRUGGEDCOM RSG2488 V5.XRUGGEDCOM RMC30RUGGEDCOM RS900GFRUGGEDCOM RS8000ANCRUGGEDCOM RMC8388NC V4.XRUGGEDCOM RS1600TRUGGEDCOM M969FRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RS400NCRUGGEDCOM RS900MNC-GETS-C01RUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2488NC V4.XRUGGEDCOM M2200FRUGGEDCOM RP110RUGGEDCOM i801RUGGEDCOM RS416v2 V4.XRUGGEDCOM RS416NCv2 V4.XRUGGEDCOM RS8000TNCRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM RS900FRUGGEDCOM M2200RUGGEDCOM RS900MNC-GETS-XXRUGGEDCOM RSG2300NC V5.XRUGGEDCOM RS900GNC(32M) V4.XRUGGEDCOM RS900RUGGEDCOM RSG2100RUGGEDCOM M969NCRUGGEDCOM RS416PNCRUGGEDCOM RS1600FNCRUGGEDCOM RS400RUGGEDCOM RS900NC(32M) V5.XRUGGEDCOM RS1600TNCRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM M969RUGGEDCOM RS416PNCv2 V4.XRUGGEDCOM M2200NCRUGGEDCOM RS8000ARUGGEDCOM i803RUGGEDCOM RSG2100PNCRUGGEDCOM RSG920PNC V5.XRUGGEDCOM RSG2100NCRUGGEDCOM RSG2488FRUGGEDCOM RP110NCRUGGEDCOM RSG2200RUGGEDCOM RSG2488NC V5.XRUGGEDCOM RSL910NCRUGGEDCOM RS969NCRUGGEDCOM RS416RUGGEDCOM RST2228PRUGGEDCOM i800RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-GETS-XXRUGGEDCOM RST916PRUGGEDCOM RS416PNCv2 V5.XRUGGEDCOM RS416NCv2 V5.XRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSL910RUGGEDCOM RSG2100PFRUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RS900GPNCRUGGEDCOM RSG2100FRUGGEDCOM RSG2488 V4.XRUGGEDCOM i802RUGGEDCOM RS900GNC(32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS401RUGGEDCOM RSG2300NC V4.XRUGGEDCOM RSG920PNC V4.XRUGGEDCOM i802NCRUGGEDCOM i803NCRUGGEDCOM M2100RUGGEDCOM RSG2300FRUGGEDCOM RSG2300PNC V4.XRUGGEDCOM RS900NCRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RMC30NCRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSG2200FRUGGEDCOM M2100NCRUGGEDCOM RSG2100P (32M) V5.X
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-38371
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.51% / 65.56%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-13 May, 2025 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC00-U (All versions >= V2.3 < V6.30.37), Desigo PXC001-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC100-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC12-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC128-U (All versions >= V2.3 < V6.30.37), Desigo PXC200-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC36.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC50-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC64-U (All versions >= V2.3 < V6.30.37), Desigo PXM20-E (All versions >= V2.3 < V6.30.37), Nucleus NET for Nucleus PLUS V1 (All versions < V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions < V5.4), Nucleus ReadyStart V3 V2012 (All versions < V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions < V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions < V3.5.7), TALON TC Modular (BACnet) (All versions < V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.

Action-Not Available
Vendor-Siemens AG
Product-talon_tc_compactdesigo_pxm20-edesigo_pxc22.1-e.dapogee_pxc_compactdesigo_pxc001-e.d_firmwaredesigo_pxc12-e.dapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwaredesigo_pxc200-e.d_firmwareapogee_modular_equiment_controllerdesigo_pxc100-e.dapogee_modular_building_controllerdesigo_pxc001-e.dapogee_pxc_modular_firmwaredesigo_pxc22.1-e.d_firmwaredesigo_pxc50-e.dapogee_modular_building_controller_firmwaredesigo_pxc12-e.d_firmwaredesigo_pxc22-e.ddesigo_pxc22-e.d_firmwaredesigo_pxc00-u_firmwarenucleus_readystart_v3desigo_pxc00-e.ddesigo_pxc100-e.d_firmwaredesigo_pxc200-e.ddesigo_pxc00-e.d_firmwaredesigo_pxc50-e.d_firmwarenucleus_netdesigo_pxc64-utalon_tc_compact_firmwaredesigo_pxc36.1-e.d_firmwaredesigo_pxc64-u_firmwaredesigo_pxc128-udesigo_pxc00-uapogee_pxc_modulardesigo_pxm20-e_firmwaredesigo_pxc36.1-e.ddesigo_pxc128-u_firmwarenucleus_source_codeDesigo PXC22.1-E.DAPOGEE PXC Modular (P2 Ethernet)Nucleus ReadyStart V3 V2017Desigo PXC50-E.DDesigo PXC64-UDesigo PXC001-E.DAPOGEE PXC Compact (P2 Ethernet)Desigo PXC36.1-E.DNucleus NET for Nucleus PLUS V1TALON TC Compact (BACnet)APOGEE PXC Modular (BACnet)APOGEE MBC (PPC) (P2 Ethernet)Desigo PXC22-E.DTALON TC Modular (BACnet)Desigo PXC100-E.DAPOGEE PXC Compact (BACnet)APOGEE MEC (PPC) (BACnet)Desigo PXC00-UDesigo PXC00-E.DDesigo PXC200-E.DDesigo PXM20-EAPOGEE MEC (PPC) (P2 Ethernet)APOGEE MBC (PPC) (BACnet)Nucleus Source CodeDesigo PXC12-E.DNucleus NET for Nucleus PLUS V2Desigo PXC128-UNucleus ReadyStart V3 V2012
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2024-46891
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.19% / 40.96%
||
7 Day CHG+0.02%
Published-12 Nov, 2024 | 12:49
Updated-20 Aug, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INSsinec_ins
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-43647
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.40% / 59.88%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-10 Sep, 2024 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices do not properly handle TCP packets with an incorrect structure. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the network cable of the device needs to be unplugged and re-plugged.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC S7-200 SMART CPU CR40SIMATIC S7-200 SMART CPU ST60SIMATIC S7-200 SMART CPU SR40SIMATIC S7-200 SMART CPU ST30SIMATIC S7-200 SMART CPU SR30SIMATIC S7-200 SMART CPU SR60SIMATIC S7-200 SMART CPU CR60SIMATIC S7-200 SMART CPU SR20SIMATIC S7-200 SMART CPU ST40SIMATIC S7-200 SMART CPU ST20simatic_s7-200_smart_cpu_st60
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-27194
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.47%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:07
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit this vulnerability to cause a Denial-of-Service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-simatic_pcs_neototally_integrated_automation_portalsinetplanSIMATIC PCS neo (Administration Console)SINETPLANTIA Portal
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-25622
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.12% / 31.14%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 00:00
Updated-21 Apr, 2025 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.

Action-Not Available
Vendor-Siemens AG
Product-simatic_tdc_cpu555_firmwaresimatic_tdc_cp51m1_firmwaresimatic_s7-400_pn\/dp_v7_firmwaresimatic_s7-1500_cpusimatic_cfu_pasimatic_tdc_cp51m1simatic_s7-400_pn\/dp_v7simatic_s7-410_v8_firmwaresimatic_s7-1500_cpu_firmwaresimatic_cfu_diqsimatic_s7-400h_v6_firmwaresimatic_tdc_cpu555simatic_winac_rtxsimit_simulation_platformsimatic_cfu_diq_firmwaresimatic_s7-400h_v6simatic_s7-410_v10simatic_s7-410_v8simatic_s7-300_cpu_firmwaresimatic_s7-410_v10_firmwaresimatic_winac_rtx_firmwaresimatic_cfu_pa_firmwaresimatic_s7-300_cpuSINAMICS S110SIMATIC CFU DIQSIMATIC ET 200pro IM 154-8F PN/DP CPUSIMATIC ET 200SP IM 155-6 PN HFSIMATIC TDC CP51M1SINAMICS G115DSIMATIC ET200ecoPN, AI 8xRTD/TC, M12-LSIMATIC S7-300 CPU 315F-2 PN/DPSINAMICS V90SIMATIC S7-400 CPU 414F-3 PN/DP V7SIPLUS ET 200S IM 151-8 PN/DP CPUSIMATIC ET200ecoPN, CM 4x IO-Link, M12-LSIMATIC S7-400 CPU 416F-3 PN/DP V7SIPLUS S7-400 CPU 416-3 PN/DP V7SIMATIC S7-300 CPU 315-2 PN/DPSIMATIC ET 200MP IM 155-5 PN HFSINAMICS S150SIMATIC S7-300 CPU 319-3 PN/DPSINAMICS G120 (incl. SIPLUS variants)SIPLUS S7-300 CPU 317F-2 PN/DPSIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-LSIMATIC PN/PN CouplerSIMATIC WinAC RTX F 2010SIMATIC TDC CPU555SIMATIC CFU PASIMATIC ET 200S IM 151-8F PN/DP CPUSINAMICS S210 (6SL5...)SINAMICS G110MSIPLUS HCS4300 CIM4310SIMATIC ET200ecoPN, CM 8x IO-Link, M12-LSIMATIC S7-300 CPU 317F-2 PN/DPSIPLUS ET 200SP IM 155-6 PN HFSIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-400 CPU 414-3 PN/DP V7SIMATIC ET200ecoPN, DI 16x24VDC, M12-LSIPLUS S7-300 CPU 314C-2 PN/DPSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIMATIC ET200ecoPN, DI 8x24VDC, M12-LSIPLUS HCS4200 CIM4210CSIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-LSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC ET 200pro IM 154-8FX PN/DP CPUSINAMICS G150SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC S7-300 CPU 315T-3 PN/DPSINAMICS S120 (incl. SIPLUS variants)SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIMATIC S7-300 CPU 317-2 PN/DPSIPLUS ET 200MP IM 155-5 PN HFSINAMICS DCMSIMATIC ET 200SP IM 155-6 PN/3 HFSIMATIC S7-300 CPU 319F-3 PN/DPSIPLUS NET PN/PN CouplerSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM 154-8 PN/DP CPUSIMATIC S7-300 CPU 317T-3 PN/DPSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC ET 200SP IM 155-6 PN/2 HFSIMATIC ET 200SP IM 155-6 MF HFSIMATIC ET 200S IM 151-8 PN/DP CPUSIPLUS HCS4200 CIM4210SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMATIC S7-400 CPU 416-3 PN/DP V7SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC PN/MF CouplerSIMATIC WinAC RTX 2010SINAMICS G130SIPLUS ET 200S IM 151-8F PN/DP CPUSIMATIC S7-400 CPU 412-2 PN V7SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-24040
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.53% / 66.30%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:46
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account.

Action-Not Available
Vendor-Siemens AG
Product-desigo_dxr2desigo_pxc3_firmwaredesigo_pxc4desigo_pxc5_firmwaredesigo_dxr2_firmwaredesigo_pxc4_firmwaredesigo_pxc3desigo_pxc5Desigo PXC5Desigo PXC3Desigo DXR2Desigo PXC4
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-44321
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.1||MEDIUM
EPSS-0.06% / 19.84%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 11:04
Updated-12 Aug, 2025 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available again.

Action-Not Available
Vendor-Siemens AG
Product-6gk5328-4ss00-2ar3_firmware6gk5206-2bb00-2ac26ag1206-2bs00-7ac2_firmware6gk5208-0ga00-2ac2_firmware6gk5204-0ba00-2gf2_firmware6gk5208-0ha00-2ts6_firmware6ag1216-4bs00-7ac26gk5324-0ba00-3ar36gk5205-3bf00-2tb2_firmware6gk5208-0ba00-2tb2_firmware6gk5216-3rs00-2ac26gk5208-0ga00-2ac26gk5213-3bb00-2tb2_firmware6gk5206-2rs00-5ac26gk5224-4gs00-2ac26gk5328-4fs00-3rr3_firmware6gk5216-0ha00-2es6_firmware6gk5204-0ba00-2gf26gk5326-2qs00-3rr3_firmware6gk5328-4fs00-2ar3_firmware6gk5216-0ha00-2ts6_firmware6gk5328-4fs00-3ar36gk5206-2rs00-2ac2_firmware6gk5213-3bd00-2ab2_firmware6gk5205-3bb00-2ab26gk5208-0ga00-2tc2_firmware6gk5213-3bd00-2tb26gk5204-0ba00-2yf2_firmware6gk5206-2rs00-5ac2_firmware6gk5206-2gs00-2fc2_firmware6gk5224-0ba00-2ac2_firmware6gk5216-0ba00-2ac2_firmware6gk5205-3bb00-2tb26gk5324-0ba00-2ar3_firmware6gk5216-4gs00-2fc2_firmware6gk5208-0ua00-5es66ag1208-0ba00-7ac26gk5224-4gs00-2fc2_firmware6gk5328-4fs00-2ar36gk5213-3bf00-2tb2_firmware6gk5205-3bb00-2tb2_firmware6gk5208-0ra00-2ac2_firmware6gk5224-4gs00-2tc26gk5216-0ba00-2ac26gk5324-0ba00-3ar3_firmware6gk5216-4bs00-2ac26gk5224-4gs00-2ac2_firmware6gk5326-2qs00-3ar3_firmware6gk5324-0ba00-2ar36gk5208-0ga00-2tc26gk5213-3bf00-2ab26gk5216-0ha00-2as66gk5216-0ha00-2es66gk5216-4gs00-2tc26gk5206-2bd00-2ac26gk5224-0ba00-2ac26gk5328-4fs00-2rr3_firmware6gk5206-2rs00-5fc26gk5206-2gs00-2tc2_firmware6gk5208-0ua00-5es6_firmware6gk5206-2gs00-2tc26gk5216-0ua00-5es66gk5213-3bf00-2ab2_firmware6gk5205-3bf00-2ab26ag1206-2bb00-7ac2_firmware6gk5208-0ga00-2fc26gk5213-3bd00-2tb2_firmware6gk5208-0ga00-2fc2_firmware6gk5213-3bf00-2tb26gk5328-4fs00-2rr36gk5213-3bb00-2tb26gk5216-0ba00-2ab26gk5216-0ba00-2fc2_firmware6gk5204-2aa00-2yf26gk5213-3bd00-2ab26gk5206-2gs00-2fc26gk5206-2gs00-2ac26gk5205-3bb00-2ab2_firmware6gk5208-0ba00-2fc2_firmware6gk5208-0ba00-2ab26gk5204-2aa00-2gf26gk5208-0ba00-2ac2_firmware6gk5216-0ba00-2fc26gk5328-4ss00-3ar36gk5216-3rs00-5ac26gk5208-0ba00-2tb26gk5206-2rs00-5fc2_firmware6gk5206-2bs00-2ac26gk5328-4fs00-3rr36gk5205-3bd00-2ab26gk5224-4gs00-2tc2_firmware6gk5224-4gs00-2fc26gk5208-0ba00-2ac26gk5206-2bs00-2fc26gk5208-0ha00-2as6_firmware6gk5206-2bs00-2ac2_firmware6gk5208-0ra00-2ac26gk5205-3bf00-2tb26gk5216-0ua00-5es6_firmware6gk5216-4gs00-2ac26gk5208-0ha00-2as66gk5205-3bd00-2tb26ag1206-2bs00-7ac26gk5204-0ba00-2yf26gk5208-0ha00-2ts66gk5208-0ra00-5ac26gk5213-3bb00-2ab26gk5216-0ba00-2ab2_firmware6gk5216-0ha00-2ts66gk5208-0ba00-2fc26gk5216-0ba00-2tb2_firmware6gk5206-2gs00-2ac2_firmware6gk5326-2qs00-3rr36gk5216-4bs00-2ac2_firmware6gk5216-4gs00-2ac2_firmware6gk5206-2bs00-2fc2_firmware6gk5205-3bd00-2ab2_firmware6gk5328-4ss00-2ar36ag1216-4bs00-7ac2_firmware6gk5208-0ha00-2es6_firmware6gk5205-3bf00-2ab2_firmware6gk5216-3rs00-2ac2_firmware6ag1206-2bb00-7ac26gk5204-2aa00-2gf2_firmware6gk5208-0ra00-5ac2_firmware6gk5216-4gs00-2tc2_firmware6gk5208-0ha00-2es66gk5328-4ss00-3ar3_firmware6gk5216-3rs00-5ac2_firmware6gk5204-2aa00-2yf2_firmware6gk5216-0ha00-2as6_firmware6gk5216-4gs00-2fc26gk5206-2bd00-2ac2_firmware6gk5328-4fs00-3ar3_firmware6gk5208-0ba00-2ab2_firmware6gk5205-3bd00-2tb2_firmware6ag1208-0ba00-7ac2_firmware6gk5326-2qs00-3ar36gk5206-2rs00-2ac26gk5206-2bb00-2ac2_firmware6gk5213-3bb00-2ab2_firmware6gk5216-0ba00-2tb2SCALANCE XC208SCALANCE XB213-3 (ST, E/IP)SCALANCE M876-3SCALANCE XR326-2C PoE WGSCALANCE MUM853-1 (EU)SCALANCE XB205-3 (ST, PN)SCALANCE XC216-4C G EECSCALANCE M812-1 ADSL-Router familySCALANCE XB208 (E/IP)SCALANCE XP208SCALANCE XP208GSCALANCE S615 LAN-RouterSCALANCE XP216G EECSCALANCE MUM853-1 (B1)SCALANCE XP216EEC (V2)SCALANCE M804PBSCALANCE XP208G PoE EECSIPLUS NET SCALANCE XC208SCALANCE XB205-3LD (SC, E/IP)SCALANCE XP216SCALANCE XC206-2G PoE (54 V DC)SCALANCE S615 EEC LAN-RouterSCALANCE XP208PoE EECSCALANCE M876-4SCALANCE XB213-3LD (SC, PN)SCALANCE MUM856-1 (EU)SCALANCE MUM856-1 (RoW)SCALANCE XB213-3 (ST, PN)SCALANCE M816-1 ADSL-Router familySCALANCE XF204-2BASCALANCE XC216-4C G (EIP Def.)SIPLUS NET SCALANCE XC206-2SCALANCE XC208G PoE (54 V DC)SCALANCE M874-2SCALANCE XB206-2 STSIPLUS NET SCALANCE XC206-2SFPSCALANCE XP216GSCALANCE XC206-2G PoE EEC (54 V DC)SCALANCE XC206-2G PoESCALANCE XC216SCALANCE XB213-3 (SC, PN)SCALANCE XC216-3G PoE (54 V DC)SCALANCE XF204GSCALANCE XB206-2 (ST/BFOC)SCALANCE MUM856-1 (A1)SCALANCE XC206-2 (ST/BFOC)SCALANCE XC224SCALANCE M874-3 3G-Router (CN)SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE XC206-2SFP EECSCALANCE XP208EECSCALANCE XP216G PoE EECSCALANCE MUM856-1 (CN)SCALANCE XC216EECSCALANCE XF204-2BA DNASCALANCE XC206-2 (SC)SCALANCE M826-2 SHDSL-RouterSCALANCE XC216-4C GSCALANCE XC216-3G PoESCALANCE M874-3SCALANCE XP216PoE EEC (V2)SCALANCE XB206-2LDSCALANCE XC224-4C G EECSCALANCE XC208EECSCALANCE XC208GSCALANCE XB208 (PN)SCALANCE XB216 (E/IP)SCALANCE XC206-2SFP G EECSCALANCE XF204SCALANCE XP208G EECSCALANCE XP216 (Ethernet/IP)SCALANCE XC206-2SFP GSCALANCE XC206-2SFP G (EIP DEF.)SCALANCE MUM856-1 (B1)SCALANCE XB205-3 (ST, E/IP)SCALANCE XR324WG (24 X FE, DC 24V)SCALANCE XR328-4C WG (28xGE, DC 24V)SCALANCE XB206-2 SCSIPLUS NET SCALANCE XC216-4CSCALANCE XC208G PoESCALANCE XR324WG (24 x FE, AC 230V)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE MUM853-1 (A1)SCALANCE XC224-4C G (EIP Def.)SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SCALANCE XC216-4CSCALANCE XB216 (PN)SCALANCE XP216EECSCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE XR328-4C WG (28xGE, AC 230V)SCALANCE XC224-4C GSCALANCE M876-4 (EU)SCALANCE XP208G PPSCALANCE XB213-3LD (SC, E/IP)SCALANCE XB213-3 (SC, E/IP)SCALANCE XB205-3LD (SC, PN)SCALANCE M876-3 (ROK)SCALANCE XB205-3 (SC, PN)SCALANCE XC208G EECSCALANCE XP216POE EECSCALANCE XR326-2C PoE WG (without UL)SCALANCE M876-4 (NAM)SCALANCE XP216 (V2)SCALANCE XB206-2 (SC)SCALANCE XP208 (Ethernet/IP)SCALANCE XC206-2SFPSCALANCE XB206-2 LDSCALANCE XC208G (EIP def.)SCALANCE XF204 DNA
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-27827
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.81%
||
7 Day CHG~0.00%
Published-18 Mar, 2021 | 00:00
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-openvswitchlldpd_projectn/aSiemens AGRed Hat, Inc.Fedora Project
Product-simatic_net_cp_1543-1virtualizationlldpdopenvswitchopenshift_container_platformsimatic_net_cp_1542sp-1_firmwareopenstackenterprise_linuxsimatic_hmi_unified_comfort_panelssimatic_net_cp_1542sp-1_ircsinumerik_onesimatic_net_cp_1543sp-1_firmwaresimatic_net_cp_1542sp-1tim_1531_ircsinumerik_one_firmwaresimatic_net_cp_1543-1_firmwaretim_1531_irc_firmwaresimatic_net_cp_1545-1simatic_net_cp_1243-1fedorasimatic_hmi_unified_comfort_panels_firmwaresimatic_net_cp_1243-1_firmwaresimatic_net_cp_1545-1_firmwaresimatic_net_cp_1243-8_ircsimatic_net_cp_1543sp-1simatic_net_cp_1243-8_irc_firmwaresimatic_net_cp_1542sp-1_irc_firmwarelldp/openvswitch
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-25242
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.79%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions). Specially crafted packets sent to TCP port 102 could cause a Denial-of-Service condition on the affected devices. A cold restart might be necessary in order to recover.

Action-Not Available
Vendor-Siemens AG
Product-simatic_net_cp_343-1_standard_firmwaresimatic_net_cp_343-1_advancedsimatic_net_cp_343-1_standardsimatic_net_cp_343-1_leansimatic_net_cp_343-1_advanced_firmwaresimatic_net_cp_343-1_lean_firmwareSIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants)SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-44228
Matching Score-6
Assigner-Apache Software Foundation
ShareView Details
Matching Score-6
Assigner-Apache Software Foundation
CVSS Score-10||CRITICAL
EPSS-94.36% / 99.96%
||
7 Day CHG~0.00%
Published-10 Dec, 2021 | 00:00
Updated-08 Aug, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-12-24||For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

Action-Not Available
Vendor-percussionsnowsoftwareApple Inc.The Apache Software FoundationFedora ProjectCisco Systems, Inc.Siemens AGIntel CorporationNetApp, Inc.Bentley Systems, IncorporatedSonicWall Inc.Debian GNU/Linux
Product-common_services_platform_collectorsolidfire_enterprise_sdsoncommand_insightdatacenter_manageractive_iq_unified_manageroperation_schedulerconnected_analytics_for_network_deploymentindustrial_edge_management_hubsnapcenterintegrated_management_controller_supervisorfirepower_1150iot_operations_dashboardwan_automation_enginefirepower_2140system_studiovirtualized_voice_browserfirepower_2110dna_centersolid_edge_cam_pro6bk1602-0aa42-0tp0energyipcomossecure_device_onboardfirepower_4120sppa-t3000_ses3000_firmwaresiveillance_viewpointfirepower_1120genomics_kernel_librarycontact_center_domain_managercrosswork_data_gatewayxpedition_package_integratornetwork_dashboard_fabric_controller6bk1602-0aa22-0tp0_firmwarecloud_secure_agentnexus_insights6bk1602-0aa22-0tp0firepower_10106bk1602-0aa32-0tp0email_securityunified_contact_center_management_portalopcenter_intelligencexcodedna_spaces_connectorfinessesolidfire_\&_hci_storage_nodepackaged_contact_center_enterpriseunified_sip_proxycloudcenter_suiteucs_directorenergy_engagefxoscustomer_experience_cloud_agentpaging_serverlogo\!_soft_comfortfirepower_2130siveillance_control_prospectrum_power_7cloud_managernetwork_insights_for_data_centersynchro_4d6bk1602-0aa52-0tp0solid_edge_harness_designfog_directornetwork_assurance_enginefirepower_4115nexus_dashboardsmart_phybusiness_process_automation6bk1602-0aa42-0tp0_firmwarebroadworksfirepower_4140emergency_responderucs_centralcomputer_vision_annotation_toolvideo_surveillance_managerconnected_mobile_experiencessynchrohead-end_system_universal_device_integration_systemsentron_powermanagerfedoracloudcenter_cost_optimizer6bk1602-0aa12-0tp0_firmwarespectrum_power_4cloudcentervm_access_proxycloudcenter_suite_adminoneapi_sample_browser6bk1602-0aa52-0tp0_firmwarefirepower_4150virtual_topology_systemfirepower_9300prime_service_catalogbrocade_san_navigatorenterprise_chat_and_emailcloud_connectfirepower_4145teamcenterunified_customer_voice_portalcloud_insightsrhythmyxfirepower_1140sipass_integratedsiveillance_vantageintersight_virtual_appliancesd-wan_vmanageucs_central_softwarecontact_center_management_portalwebex_meetings_serverunified_intelligence_centerunified_workforce_optimizationenergyip_prepaycrosswork_zero_touch_provisioningcx_cloud_agent6bk1602-0aa12-0tp0unity_connectioncloudcenter_workload_manageroptical_network_controllervirtualized_infrastructure_managervideo_surveillance_operations_manager6bk1602-0aa32-0tp0_firmwareunified_communications_manageradvanced_malware_protection_virtual_private_cloud_applianceidentity_services_enginesnow_commandercyber_vision_sensor_management_extensionfirepower_4112unified_contact_center_enterprisedebian_linuxunified_computing_systemunified_contact_center_expressxpedition_enterpriselog4jdesigo_cc_advanced_reportsontap_toolsunified_communications_manager_im_and_presence_servicefirepower_2120mobility_services_enginecrosswork_network_automationdna_spacesvesysautomated_subsea_tuningcyber_visionsiveillance_commandevolved_programmable_network_managerdna_spaces\firepower_4110mendixfirepower_4125sppa-t3000_ses3000unified_communications_manager_im_\&_presence_servicee-car_operation_centernxindustrial_edge_managementworkload_optimization_managerfirepower_threat_defensenavigatorcapitalcrosswork_platform_infrastructurenetwork_services_orchestratordata_center_network_managercrosswork_optimization_enginemindspheresiguard_dsagma-managerdesigo_cc_info_centercrosswork_network_controllersiveillance_identityApache Log4j2Log4j2
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2023-35920
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.73% / 71.83%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-12 Nov, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). Affected devices cannot properly process specially crafted IP packets sent to the devices. This could allow an unauthenticated remote attacker to cause a denial of service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-simatic_mv540_s_firmwaresimatic_mv540_ssimatic_mv560_x_firmwaresimatic_mv560_usimatic_mv560_u_firmwaresimatic_mv550_s_firmwaresimatic_mv540_hsimatic_mv550_h_firmwaresimatic_mv550_ssimatic_mv560_xsimatic_mv550_hsimatic_mv540_h_firmwareSIMATIC MV560 USIMATIC MV540 SSIMATIC MV540 HSIMATIC MV550 HSIMATIC MV550 SSIMATIC MV560 Xsimatic_mv540_ssimatic_mv560_usimatic_mv540_hsimatic_mv550_ssimatic_mv560_xsimatic_mv550_h
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2002-20001
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-11.63% / 93.39%
||
7 Day CHG~0.00%
Published-11 Nov, 2021 | 00:00
Updated-22 Aug, 2025 | 10:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

Action-Not Available
Vendor-balasysstormshieldn/aHewlett Packard Enterprise (HPE)SUSEF5, Inc.Siemens AG
Product-aruba_cx_8400big-ip_ddos_hybrid_defenderbig-iq_centralized_managementbig-ip_webacceleratoraruba_cx_4100ibig-ip_application_visibility_and_reportingaruba_cx_6300mbig-ip_access_policy_managerf5os-aaruba_cx_6200faruba_cx_6410big-ip_global_traffic_managerbig-ip_local_traffic_managerarubaos-cxaruba_cx_8360-12cbig-ip_domain_name_systembig-ip_carrier-grade_nataruba_cx_6200mbig-ip_application_acceleration_managerscalance_w1750d_firmwarearuba_cx_8360-32y4caruba_cx_8325-48y8cbig-ip_websafearuba_cx_8360-16y2cstormshield_management_centeraruba_cx_8325-32caruba_cx_6405dheateraruba_cx_6300fbig-ip_ssl_orchestratoraruba_cx_8360-48y6cbig-ip_analyticsbig-ip_fraud_protection_servicebig-ip_service_proxyscalance_w1750dbig-ip_advanced_web_application_firewallaruba_cx_6100linux_enterprise_serverbig-ip_advanced_firewall_managerbig-ip_application_security_managerbig-ip_edge_gatewayaruba_cx_8360-24xf2caruba_cx_8320traffix_signaling_delivery_controllerbig-ip_policy_enforcement_managerf5os-caruba_cx_8360-48xt4cstormshield_network_securitybig-ip_link_controllern/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-6578
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.49%
||
7 Day CHG~0.00%
Published-14 May, 2019 | 19:54
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G28), SINAMICS PERFECT HARMONY GH180 with NXG II control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G28). A denial of service vulnerability exists in the affected products. The vulnerability could be exploited by an attacker with network access to the device. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr3sinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr3sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr3_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr2_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr4sinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr4_firmwaresinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr4_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr3_firmwaresinamics_perfect_harmony_gh180_with_nxg_ii_control_mlfb_6sr2sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr4sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr2sinamics_perfect_harmony_gh180_with_nxg_i_control_mlfb_6sr2_firmwareSINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...-SINAMICS PERFECT HARMONY GH180 with NXG II control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...-
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-19281
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.63% / 69.33%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:16
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V2.5 and < V20.8), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 and < V2.8), SIMATIC S7-1500 Software Controller (All versions >= V2.5 and < V20.8). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a Denial-of-Service condition. The vulnerability can be triggered if specially crafted UDP packets are sent to the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the device availability.

Action-Not Available
Vendor-Siemens AG
Product-simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmwaresimatic_s7-1500_cpu_1507ssimatic_s7-1500_cpu_1516-3_dp_firmwaresimatic_s7-1500_cpu_1517-3_dp_firmwaresimatic_s7-1500_cpu_1508s_firmwaresimatic_s7-1500_cpu_1518-4_pn_firmwaresimatic_s7-1500_cpu_1518-4_dp_firmwaresimatic_s7-1500_cpu_1508s_f_firmwaresimatic_s7-1500_cpu_1507s_f_firmwaresimatic_s7-1500_cpu_1507s_fsimatic_s7-1500_cpu_1513-1_pn_firmwaresimatic_s7-1500_cpu_1516-3_pn_firmwaresimatic_s7-1500_cpu_1518-4_pnsimatic_s7-1500_cpu_1511-1_pn_firmwaresimatic_s7-1500_cpu_1515-2_pnsimatic_s7-1500_cpu_1517-3_pnsimatic_s7-1500_cpu_1508s_fsimatic_s7-1500_cpu_1515-2_pn_firmwaresimatic_s7-1500_cpu_1516-3_pnsimatic_s7-1500_cpu_1517-3_pn_firmwaresimatic_s7-1500_cpu_1516-3_dpsimatic_s7-1500_cpu_1508ssimatic_s7-1500_cpu_1507s_firmwaresimatic_s7-1500_cpu_1518-4_dpsimatic_s7-1500_cpu_1517-3_dpsimatic_s7-1500_cpu_1513-1_pnsimatic_s7-1500_cpu_1511-1_pnsimatic_et_200sp_open_controller_cpu_1515sp_pc2SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SIMATIC S7-1500 Software Controller
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-19301
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.54% / 66.60%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 19:50
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALANCE X204IRT PRO, SCALANCE X206-1, SCALANCE X206-1LD, SCALANCE X208, SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204-2, SCALANCE XF204-2BA IRT, SCALANCE XF204IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIMATIC CP 343-1 Advanced, SIMATIC CP 442-1 RNA, SIMATIC CP 443-1, SIMATIC CP 443-1, SIMATIC CP 443-1 Advanced, SIMATIC CP 443-1 RNA, SIMATIC RF180C, SIMATIC RF182C, SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SIPLUS NET SCALANCE X308-2. The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf182csimatic_rf182c_firmwarescalance_xp-200_firmwarescalance_x-200irt_pro_firmwaresimatic_cp_443-1_advanced_firmwarescalance_xc-200_firmwaresimatic_cp_443-1_firmwarescalance_xb-200scalance_xr-300wg_firmwarescalance_xr-300wgscalance_xp-200simatic_rf180cscalance_x-200irt_firmwarescalance_xr-300scalance_x-300scalance_x-200irtscalance_x-200irt_prosimatic_cp_443-1scalance_xb-200_firmwarescalance_xf-200_firmwarescalance_xf-200scalance_xr-300_firmwarescalance_x-300_firmwaresimatic_rf180c_firmwarescalance_xc-200simatic_cp_443-1_advancedSCALANCE XF208SCALANCE XR324-12M TS (24V)SCALANCE XR324-4M EEC (24V, ports on front)SCALANCE X204IRTSCALANCE XR324-12M (230V, ports on rear)SCALANCE X307-2 EEC (2x 24V, coated)SCALANCE XF204-2BA IRTSCALANCE X204-2FMSCALANCE X204-2TSSCALANCE X307-3SCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SCALANCE X204-2LD TSSCALANCE X302-7 EEC (24V, coated)SCALANCE X307-2 EEC (230V, coated)SIMATIC CP 443-1 AdvancedSIMATIC RF180CSCALANCE X224SIPLUS NET SCALANCE X308-2SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SCALANCE X202-2P IRTSCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SIMATIC CP 443-1SCALANCE X206-1LDSCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SIMATIC CP 343-1 AdvancedSCALANCE X208SCALANCE X304-2FESCALANCE X307-2 EEC (230V)SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SCALANCE X302-7 EEC (2x 24V)SCALANCE XF204IRTSCALANCE X307-2 EEC (2x 230V)SCALANCE X208PROSCALANCE X212-2LDSCALANCE X204IRT PROSCALANCE X302-7 EEC (24V)SCALANCE X204-2SCALANCE XF206-1SIMATIC RF182CSCALANCE XR324-4M EEC (2x 24V, ports on rear)SIPLUS NET CP 443-1SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SCALANCE X204-2LDSCALANCE X201-3P IRTSCALANCE X308-2MSCALANCE X308-2M PoESCALANCE X310FESCALANCE X308-2LH+SCALANCE X206-1SCALANCE XF204SIPLUS NET CP 343-1 AdvancedSCALANCE X307-3LDSCALANCE X202-2IRTSCALANCE X308-2LHSCALANCE XF204-2SCALANCE XR324-4M EEC (24V, ports on rear)SIMATIC CP 442-1 RNASCALANCE XR324-4M PoE (24V, ports on front)SIPLUS NET CP 443-1 AdvancedSCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SCALANCE XF201-3P IRTSCALANCE XF202-2P IRTSCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE X202-2P IRT PROSCALANCE X310SCALANCE X307-2 EEC (2x 24V)SCALANCE XR324-12M (24V, ports on front)SCALANCE X212-2SCALANCE X320-1 FESCALANCE X306-1LD FESIMATIC CP 443-1 RNASCALANCE X308-2M TSSCALANCE XR324-4M PoE (230V, ports on front)SCALANCE X216SCALANCE X302-7 EEC (230V, coated)SCALANCE X201-3P IRT PROSCALANCE X302-7 EEC (2x 230V, coated)SCALANCE X200-4P IRTSCALANCE X320-1-2LD FESCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE XR324-12M (230V, ports on front)SCALANCE XR324-4M EEC (2x 24V, ports on front)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-41546
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.55% / 67.00%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 09:49
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1), RUGGEDCOM ROX RX1511 (All versions < V2.14.1), RUGGEDCOM ROX RX1512 (All versions < V2.14.1), RUGGEDCOM ROX RX1524 (All versions < V2.14.1), RUGGEDCOM ROX RX1536 (All versions < V2.14.1), RUGGEDCOM ROX RX5000 (All versions < V2.14.1). Affected devices write crashdumps without checking if enough space is available on the filesystem. Once the crashdump fills the entire root filesystem, affected devices fail to boot successfully. An attacker can leverage this vulnerability to cause a permanent Denial-of-Service.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_rx1511ruggedcom_rox_rx1512ruggedcom_rox_mx5000_firmwareruggedcom_rox_rx5000_firmwareruggedcom_rox_rx1511_firmwareruggedcom_rox_rx1510ruggedcom_rox_rx1400_firmwareruggedcom_rox_rx1500_firmwareruggedcom_rox_rx1400ruggedcom_rox_rx1510_firmwareruggedcom_rox_rx1500ruggedcom_rox_rx1524_firmwareruggedcom_rox_rx5000ruggedcom_rox_rx1501ruggedcom_rox_rx1536ruggedcom_rox_mx5000ruggedcom_rox_rx1524ruggedcom_rox_rx1536_firmwareruggedcom_rox_rx1501_firmwareruggedcom_rox_rx1512_firmwareRUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1536RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1500RUGGEDCOM ROX RX1501RUGGEDCOM ROX RX5000RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1512
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2017-12741
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-3.94% / 87.87%
||
7 Day CHG~0.00%
Published-26 Dec, 2017 | 04:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-sinamics_g150simotion_p_firmwaresinamics_dcm_firmwaresimatic_et_200m_firmwareek-ertec_200p_firmwaresimatic_winac_rtx_f_2010sinamics_g150_firmwaresimotion_dsinamics_v90pnsimatic_winac_rtx_f_2010_firmwaresimatic_s7-200simotion_csimatic_s7-300sinamics_g110m\/g120pndk_standard_ethernet_controllersimotion_psinamics_s150_v4.8sinamics_g130simatic_et_200alsimatic_et_200mp_firmwaresinumerik_840d_sl_firmwaresimatic_et_200ssimatic_s7-1500_firmwaresinamics_s150_v4.7_firmwaredk_standard_ethernet_controller_firmwaresinamics_s110pnsimatic_compact_field_unit_firmwaresimatic_s7-400h_v6_firmwaresinamics_dcpsirius_soft_starter_3rw44pnsimocode_pro_v_profinetsimatic_s7-1200_firmwaresinamics_s110pn_firmwaresimocode_pro_v_profinet_firmwareek-ertec_200psirius_soft_starter_3rw44pn_firmwaresimatic_et_200ecopnsinamics_dcmsimatic_s7-1200simotion_d_firmwaresinamics_s150_v4.7ek-ertec_200pn_iosinumerik_840d_slsimatic_s7-410_v8simatic_et_200ecopn_firmwaresimatic_pn\/pn_couplersimatic_s7-400h_v6simatic_s7-1500_controllersimatic_et_200sp_firmwaresimatic_s7-410_v8_firmwaresimatic_s7-1500simatic_et_200pro_firmwaresimatic_s7-1500_controller_firmwaresinamics_s150_v4.8_firmwaresinamics_s120simatic_et_200s_firmwaresimatic_s7-400pn_v6sinamics_s120_firmwaresimatic_s7-300_firmwaresinamics_g130_firmwaresimatic_et_200mpsimotion_c_firmwaresimatic_s7-400pn\/dp_v7simatic_et_200spsimatic_pn\/pn_coupler_firmwaresimatic_s7-200_firmwaresimatic_s7-400pn_v6_firmwaresimatic_et_200msimatic_et_200al_firmwaresimatic_compact_field_unitsinamics_g110m\/g120pn_firmwaresimatic_et_200prosinamics_v90pn_firmwaresinamics_dcp_firmwareek-ertec_200pn_io_firmwaresimatic_s7-400pn\/dp_v7_firmwareSIMOTION DSINAMICS GL150 V4.7 w. PROFINETSINAMICS S110 w. PNSINUMERIK 840D slSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMOTION P V5SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SINAMICS SL150 V4.7.5 w. PROFINETSIMATIC ET200ecoPN, 4AO U/I 4xM12SIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC ET 200SP IM 155-6 PN HFSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 PN STSINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC ET200ecoPN: IO-Link MasterSINAMICS SL150 V4.7.4 w. PROFINETSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIPLUS ET 200SP IM 155-6 PN ST TX RAILSINAMICS SL150 V4.7.0 w. PROFINETSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSIMATIC ET 200MP IM 155-5 PN HFSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1500 Software ControllerSIMATIC ET 200MP IM 155-5 PN STSIMATIC TDC CPU555SIMATIC ET200S (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMOTION CSIMATIC TDC CP51M1SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SIMATIC ET 200MP IM 155-5 PN BASIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SINAMICS V90 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SINAMICS DCM w. PNSINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SINAMICS DCP w. PNSINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SINAMICS GM150 V4.7 w. PROFINETSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMOTION P V4.4 and V4.5SINAMICS S150 V4.8 w. PNSIMATIC ET 200M (incl. SIPLUS variants)SIMATIC Compact Field UnitSIMATIC S7-400 H V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-200 SMARTSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SINAMICS S150 V4.7 w. PNSINAMICS SM120 V4.7 w. PROFINETSIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200SP IM 155-6 PN STSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIPLUS ET 200MP IM 155-5 PN HFSINAMICS GH150 V4.7 w. PROFINETSINAMICS G150 V4.8 w. PN
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-31340
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.16%
||
7 Day CHG~0.00%
Published-08 Jun, 2021 | 19:47
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.

Action-Not Available
Vendor-Siemens AG
Product-simatic_reader_rf650r_fcc_firmwaresimatic_reader_rf650r_cmiit_firmwaresimatic_reader_rf680r_cmiitsimatic_reader_rf685r_fccsimatic_reader_rf610r_etsi_firmwaresimatic_reader_rf615r_etsi_firmwaresimatic_rf360rsimatic_reader_rf650r_aribsimatic_reader_rf610r_fccsimatic_reader_rf680r_fccsimatic_reader_rf685r_arib_firmwaresimatic_rf186c_firmwaresimatic_reader_rf615r_cmiitsimatic_rf188c_firmwaresimatic_reader_rf685r_fcc_firmwaresimatic_rf185csimatic_reader_rf680r_cmiit_firmwaresimatic_reader_rf685r_etsisimatic_rf360r_firmwaresimatic_rf186cisimatic_rf188csimatic_reader_rf610r_cmiit_firmwaresimatic_reader_rf610r_fcc_firmwaresimatic_rf185c_firmwaresimatic_reader_rf615r_fccsimatic_reader_rf615r_fcc_firmwaresimatic_reader_rf680r_etsisimatic_reader_rf680r_fcc_firmwaresimatic_reader_rf610r_etsisimatic_reader_rf680r_arib_firmwaresimatic_reader_rf685r_cmiit_firmwaresimatic_rf186ci_firmwaresimatic_rf166c_firmwaresimatic_rf188ci_firmwaresimatic_reader_rf650r_cmiitsimatic_reader_rf650r_fccsimatic_rf166csimatic_reader_rf685r_cmiitsimatic_reader_rf680r_aribsimatic_reader_rf650r_etsisimatic_reader_rf610r_cmiitsimatic_reader_rf650r_arib_firmwaresimatic_reader_rf680r_etsi_firmwaresimatic_reader_rf615r_etsisimatic_rf186csimatic_reader_rf650r_etsi_firmwaresimatic_reader_rf685r_aribsimatic_reader_rf615r_cmiit_firmwaresimatic_reader_rf685r_etsi_firmwaresimatic_rf188ciSIMATIC Reader RF650R ARIBSIMATIC Reader RF650R ETSISIMATIC Reader RF680R CMIITSIMATIC Reader RF615R ETSISIMATIC RF166CSIMATIC Reader RF685R CMIITSIMATIC RF185CSIMATIC Reader RF610R CMIITSIMATIC Reader RF685R ETSISIMATIC Reader RF615R CMIITSIMATIC RF188CISIMATIC Reader RF610R ETSISIMATIC Reader RF685R FCCSIMATIC Reader RF615R FCCSIMATIC RF186CSIMATIC RF360RSIMATIC Reader RF680R ARIBSIMATIC Reader RF685R ARIBSIMATIC RF188CSIMATIC Reader RF680R ETSISIMATIC Reader RF610R FCCSIMATIC Reader RF650R CMIITSIMATIC RF186CISIMATIC Reader RF680R FCCSIMATIC Reader RF650R FCC
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-27385
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.32%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_hmi_ktp_mobile_panels_ktp400fsinamics_gm150simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresinamics_sm150isinamics_gl150_firmwaresinamics_gl150simatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_comfort_panels_4\"_firmwaresinamics_gm150_firmwaresinamics_sm150simatic_hmi_comfort_outdoor_panels_7\"_firmwaresinamics_gh150simatic_hmi_ktp_mobile_panels_ktp700_firmwaresinamics_gh150_firmwaresinamics_sl150simatic_hmi_comfort_panels_22\"simatic_hmi_ktp_mobile_panels_ktp700fsinamics_sh150sinamics_sm150_firmwaresimatic_hmi_ktp_mobile_panels_ktp900fsinamics_sh150_firmwaresimatic_hmi_comfort_outdoor_panels_7\"sinamics_sm120simatic_hmi_ktp_mobile_panels_ktp700simatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_hmi_comfort_panels_4\"sinamics_sl150_firmwaresinamics_sm150i_firmwaresimatic_hmi_ktp_mobile_panels_ktp900simatic_hmi_comfort_outdoor_panels_15\"simatic_hmi_comfort_panels_22\"_firmwaresimatic_wincc_runtime_advancedsinamics_sm120_firmwareSIMATIC WinCC Runtime Advanced V16SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) SINAMICS SM150iSIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)SINAMICS GH150SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSINAMICS GM150 (with option X30)SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F SINAMICS GL150 (with option X30)SINAMICS SH150SIMATIC WinCC Runtime Advanced V15SINAMICS SL150SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) SINAMICS SM120SINAMICS SM150
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2024-33498
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.53% / 66.16%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:03
Updated-02 Aug, 2024 | 02:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected applications do not properly release memory that is allocated when handling specifically crafted incoming packets. This could allow an unauthenticated remote attacker to cause a denial of service condition by crashing the service when it runs out of memory. The service is restarted automatically after a short time.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC RTLS Locating Managersimatic_rtls_locating_manager
CWE ID-CWE-400
Uncontrolled Resource Consumption
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found