Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2026-25789
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-Not Assigned
Published-12 May, 2026 | 08:21
Updated-12 May, 2026 | 10:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting the modified firmware file to be uploaded. This would result in malitcious JavaScript execution in the context of the authenticated user's session without requiring the file to be uploaded, potentially leading to session hijacking or credential theft.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC S7-1500 CPU 1513F-1 PNSIPLUS ET 200SP CPU 1512SP-1 PNSIPLUS S7-1500 CPU 1515F-2 PN RAILSIMATIC S7-1500 CPU S7-1518-4 PN/DP ODKSIMATIC S7-1500 CPU 1511TF-1 PNSIMATIC S7-1500 Software Controller CPU 1507S V2SIMATIC S7-1500 CPU 1518-3 PNSIMATIC S7-1500 CPU 1518TF-4 PN/DPSIMATIC S7-1500 Software Controller CPU 1508S F V2SIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIPLUS S7-1500 CPU 1511-1 PN TX RAILSIMATIC S7-1500 CPU 1517-3 PN/DPSIMATIC S7-1500 CPU 1512C-1 PNSIMATIC S7-1500 CPU 1517F-3 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUsSIMATIC S7-1500 CPU 1518T-3 PNSIPLUS ET 200SP CPU 1512SP-1 PN RAILSIMATIC S7-1500 Software Controller CPU 1508S F V4SIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 Software Controller CPU 1507S V3SIMATIC S7-1500 CPU 1511-1 PNSIPLUS S7-1500 CPU 1513-1 PNSIMATIC S7-1500 CPU 1516TF-3 PNSIPLUS S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 CPU 1515T-2 PNSIMATIC S7-1500 Software Controller CPU 1508S TF V3SIMATIC ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 Software Controller CPU 1507S V4SIMATIC S7-1500 Software Controller CPU 1508S F V3SIMATIC ET 200SP CPU 1510SP-1 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)SIPLUS ET 200SP CPU 1510SP-1 PN RAILSIPLUS S7-1500 CPU 1515F-2 PN T2 RAILSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-PLCSIM AdvancedSIPLUS S7-1500 CPU 1516F-3 PN/DPSIMATIC S7-1500 CPU 1517-3 PNSIMATIC S7-1500 CPU 1513-1 PNSIMATIC ET 200SP CPU 1514SP-2 PNSIMATIC S7-1500 CPU 1517T-3 PNSIMATIC ET 200SP CPU 1514SPT-2 PNSIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNSIPLUS ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODKSIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PNSIMATIC S7-1500 CPU 1518TF-3 PNSIMATIC S7-1500 Software Controller CPU 1507S F V3SIMATIC ET 200SP CPU 1514SPT F-2 PNSIMATIC S7-1500 CPU 1518F-4 PN/DPSIPLUS ET 200SP CPU 1510SP F-1 PN RAILSIMATIC S7-1500 Software Controller CPU 1507S F V2SIMATIC S7-1500 CPU 1517TF-3 PN/DPSIMATIC S7-1500 CPU 1516F-3 PN/DPSIPLUS S7-1500 CPU 1511-1 PNSIMATIC S7-1500 Software Controller CPU 1508S V3SIMATIC Drive Controller CPU 1504D TFSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC ET 200SP CPU 1514SP F-2 PNSIMATIC S7-1500 CPU 1516TF-3 PN/DPSIPLUS S7-1500 CPU 1516-3 PN/DP RAILSIMATIC S7-1500 CPU 1511T-1 PNSIMATIC S7-1500 Software Controller CPU 1508S T V3SIMATIC S7-1500 CPU 1516pro F-2 PNSIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PNSIMATIC S7-1500 CPU 1515TF-2 PNSIMATIC S7-1500 CPU 1518T-4 PN/DPSIPLUS S7-1500 CPU 1515F-2 PNSIPLUS S7-1500 CPU 1516-3 PN/DPSIPLUS ET 200SP CPU 1510SP F-1 PNSIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILSIMATIC S7-1500 Software Controller CPU 1508S V4SIMATIC S7-1500 CPU 1517F-3 PN/DPSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 Software Controller Linux V3SIMATIC S7-1500 CPU 1518F-3 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC3 V4 CPUsSIMATIC S7-1500 CPU 1515F-2 PNSIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNSIMATIC S7-1500 CPU 1516pro-2 PNSIMATIC S7-1500 CPU 1518-4 PN/DPSIMATIC S7-1500 CPU 1517T-3 PN/DPSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUsSIMATIC S7-1500 CPU 1516T-3 PN/DPSIMATIC ET 200SP CPU 1510SP F-1 PNSIPLUS S7-1500 CPU 1518-4 PN/DPSIPLUS ET 200SP CPU 1510SP-1 PNSIMATIC S7-1500 Software Controller Linux V2SIMATIC Drive Controller CPU 1507D TFSIMATIC S7-1500 CPU 1513pro-2 PNSIMATIC S7-1500 CPU 1516-3 PN/DPSIPLUS S7-1500 CPU 1518F-4 PN/DPSIMATIC S7-1500 CPU 1516T-3 PNSIMATIC S7-1500 CPU 1515-2 PNSIMATIC S7-1500 Software Controller CPU 1508S V2SIPLUS S7-1500 CPU 1516F-3 PN/DP RAILSIMATIC S7-1500 Software Controller CPU 1507S F V4SIPLUS S7-1500 CPU 1511-1 PN T1 RAILSIMATIC S7-1500 CPU 1511C-1 PNSIPLUS ET 200SP CPU 1512SP F-1 PN RAILSIMATIC S7-1500 CPU 1517TF-3 PNSIMATIC S7-1500 CPU 1513pro F-2 PNSIMATIC ET 200SP CPU 1512SP-1 PN
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-25787
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-Not Assigned
Published-12 May, 2026 | 08:21
Updated-12 May, 2026 | 10:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a benign user with appropriate rights accesses the "Motion Control Diagnostics" parameters page, the malicious code would be executed in the scope of their web session.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC S7-1500 CPU 1513F-1 PNSIPLUS ET 200SP CPU 1512SP-1 PNSIPLUS S7-1500 CPU 1515F-2 PN RAILSIMATIC S7-1500 CPU S7-1518-4 PN/DP ODKSIMATIC S7-1500 CPU 1511TF-1 PNSIMATIC S7-1500 Software Controller CPU 1507S V2SIMATIC S7-1500 CPU 1518-3 PNSIMATIC S7-1500 CPU 1518TF-4 PN/DPSIMATIC S7-1500 Software Controller CPU 1508S F V2SIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIPLUS S7-1500 CPU 1511-1 PN TX RAILSIMATIC S7-1500 CPU 1517-3 PN/DPSIMATIC S7-1500 CPU 1512C-1 PNSIMATIC S7-1500 CPU 1517F-3 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUsSIMATIC S7-1500 CPU 1518T-3 PNSIPLUS ET 200SP CPU 1512SP-1 PN RAILSIMATIC S7-1500 Software Controller CPU 1508S F V4SIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 Software Controller CPU 1507S V3SIMATIC S7-1500 CPU 1511-1 PNSIPLUS S7-1500 CPU 1513-1 PNSIMATIC S7-1500 CPU 1516TF-3 PNSIPLUS S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 CPU 1515T-2 PNSIMATIC S7-1500 Software Controller CPU 1508S TF V3SIMATIC ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 Software Controller CPU 1507S V4SIMATIC S7-1500 Software Controller CPU 1508S F V3SIMATIC ET 200SP CPU 1510SP-1 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)SIPLUS ET 200SP CPU 1510SP-1 PN RAILSIPLUS S7-1500 CPU 1515F-2 PN T2 RAILSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-PLCSIM AdvancedSIPLUS S7-1500 CPU 1516F-3 PN/DPSIMATIC S7-1500 CPU 1517-3 PNSIMATIC S7-1500 CPU 1513-1 PNSIMATIC ET 200SP CPU 1514SP-2 PNSIMATIC S7-1500 CPU 1517T-3 PNSIMATIC ET 200SP CPU 1514SPT-2 PNSIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNSIPLUS ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODKSIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PNSIMATIC S7-1500 CPU 1518TF-3 PNSIMATIC S7-1500 Software Controller CPU 1507S F V3SIMATIC ET 200SP CPU 1514SPT F-2 PNSIMATIC S7-1500 CPU 1518F-4 PN/DPSIPLUS ET 200SP CPU 1510SP F-1 PN RAILSIMATIC S7-1500 Software Controller CPU 1507S F V2SIMATIC S7-1500 CPU 1517TF-3 PN/DPSIMATIC S7-1500 CPU 1516F-3 PN/DPSIPLUS S7-1500 CPU 1511-1 PNSIMATIC S7-1500 Software Controller CPU 1508S V3SIMATIC Drive Controller CPU 1504D TFSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC ET 200SP CPU 1514SP F-2 PNSIMATIC S7-1500 CPU 1516TF-3 PN/DPSIPLUS S7-1500 CPU 1516-3 PN/DP RAILSIMATIC S7-1500 CPU 1511T-1 PNSIMATIC S7-1500 Software Controller CPU 1508S T V3SIMATIC S7-1500 CPU 1516pro F-2 PNSIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PNSIMATIC S7-1500 CPU 1515TF-2 PNSIMATIC S7-1500 CPU 1518T-4 PN/DPSIPLUS S7-1500 CPU 1515F-2 PNSIPLUS S7-1500 CPU 1516-3 PN/DPSIPLUS ET 200SP CPU 1510SP F-1 PNSIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILSIMATIC S7-1500 Software Controller CPU 1508S V4SIMATIC S7-1500 CPU 1517F-3 PN/DPSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 Software Controller Linux V3SIMATIC S7-1500 CPU 1518F-3 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC3 V4 CPUsSIMATIC S7-1500 CPU 1515F-2 PNSIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNSIMATIC S7-1500 CPU 1516pro-2 PNSIMATIC S7-1500 CPU 1518-4 PN/DPSIMATIC S7-1500 CPU 1517T-3 PN/DPSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUsSIMATIC S7-1500 CPU 1516T-3 PN/DPSIMATIC ET 200SP CPU 1510SP F-1 PNSIPLUS S7-1500 CPU 1518-4 PN/DPSIPLUS ET 200SP CPU 1510SP-1 PNSIMATIC S7-1500 Software Controller Linux V2SIMATIC Drive Controller CPU 1507D TFSIMATIC S7-1500 CPU 1513pro-2 PNSIMATIC S7-1500 CPU 1516-3 PN/DPSIPLUS S7-1500 CPU 1518F-4 PN/DPSIMATIC S7-1500 CPU 1516T-3 PNSIMATIC S7-1500 CPU 1515-2 PNSIMATIC S7-1500 Software Controller CPU 1508S V2SIPLUS S7-1500 CPU 1516F-3 PN/DP RAILSIMATIC S7-1500 Software Controller CPU 1507S F V4SIPLUS S7-1500 CPU 1511-1 PN T1 RAILSIMATIC S7-1500 CPU 1511C-1 PNSIPLUS ET 200SP CPU 1512SP F-1 PN RAILSIMATIC S7-1500 CPU 1517TF-3 PNSIMATIC S7-1500 CPU 1513pro F-2 PNSIMATIC ET 200SP CPU 1512SP-1 PN
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-25786
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-Not Assigned
Published-12 May, 2026 | 08:20
Updated-12 May, 2026 | 10:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a benign user with appropriate rights accesses the "communication" parameters page, the malicious code would be executed in the scope of their web session.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC S7-1500 CPU 1513F-1 PNSIPLUS ET 200SP CPU 1512SP-1 PNSIPLUS S7-1500 CPU 1515F-2 PN RAILSIMATIC S7-1500 CPU S7-1518-4 PN/DP ODKSIMATIC S7-1500 CPU 1511TF-1 PNSIMATIC S7-1500 Software Controller CPU 1507S V2SIMATIC S7-1500 CPU 1518-3 PNSIMATIC S7-1500 CPU 1518TF-4 PN/DPSIMATIC S7-1500 Software Controller CPU 1508S F V2SIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIPLUS S7-1500 CPU 1511-1 PN TX RAILSIMATIC S7-1500 CPU 1517-3 PN/DPSIMATIC S7-1500 CPU 1512C-1 PNSIMATIC S7-1500 CPU 1517F-3 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUsSIMATIC S7-1500 CPU 1518T-3 PNSIPLUS ET 200SP CPU 1512SP-1 PN RAILSIMATIC S7-1500 Software Controller CPU 1508S F V4SIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 Software Controller CPU 1507S V3SIMATIC S7-1500 CPU 1511-1 PNSIPLUS S7-1500 CPU 1513-1 PNSIMATIC S7-1500 CPU 1516TF-3 PNSIPLUS S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 CPU 1515T-2 PNSIMATIC S7-1500 Software Controller CPU 1508S TF V3SIMATIC ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 Software Controller CPU 1507S V4SIMATIC S7-1500 Software Controller CPU 1508S F V3SIMATIC ET 200SP CPU 1510SP-1 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)SIPLUS ET 200SP CPU 1510SP-1 PN RAILSIPLUS S7-1500 CPU 1515F-2 PN T2 RAILSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-PLCSIM AdvancedSIPLUS S7-1500 CPU 1516F-3 PN/DPSIMATIC S7-1500 CPU 1517-3 PNSIMATIC S7-1500 CPU 1513-1 PNSIMATIC ET 200SP CPU 1514SP-2 PNSIMATIC S7-1500 CPU 1517T-3 PNSIMATIC ET 200SP CPU 1514SPT-2 PNSIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNSIPLUS ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODKSIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PNSIMATIC S7-1500 CPU 1518TF-3 PNSIMATIC S7-1500 Software Controller CPU 1507S F V3SIMATIC ET 200SP CPU 1514SPT F-2 PNSIMATIC S7-1500 CPU 1518F-4 PN/DPSIPLUS ET 200SP CPU 1510SP F-1 PN RAILSIMATIC S7-1500 Software Controller CPU 1507S F V2SIMATIC S7-1500 CPU 1517TF-3 PN/DPSIMATIC S7-1500 CPU 1516F-3 PN/DPSIPLUS S7-1500 CPU 1511-1 PNSIMATIC S7-1500 Software Controller CPU 1508S V3SIMATIC Drive Controller CPU 1504D TFSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC ET 200SP CPU 1514SP F-2 PNSIMATIC S7-1500 CPU 1516TF-3 PN/DPSIPLUS S7-1500 CPU 1516-3 PN/DP RAILSIMATIC S7-1500 CPU 1511T-1 PNSIMATIC S7-1500 Software Controller CPU 1508S T V3SIMATIC S7-1500 CPU 1516pro F-2 PNSIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PNSIMATIC S7-1500 CPU 1515TF-2 PNSIMATIC S7-1500 CPU 1518T-4 PN/DPSIPLUS S7-1500 CPU 1515F-2 PNSIPLUS S7-1500 CPU 1516-3 PN/DPSIPLUS ET 200SP CPU 1510SP F-1 PNSIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILSIMATIC S7-1500 Software Controller CPU 1508S V4SIMATIC S7-1500 CPU 1517F-3 PN/DPSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 Software Controller Linux V3SIMATIC S7-1500 CPU 1518F-3 PNSIMATIC ET 200SP Open Controller CPU 1515SP PC3 V4 CPUsSIMATIC S7-1500 CPU 1515F-2 PNSIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNSIMATIC S7-1500 CPU 1516pro-2 PNSIMATIC S7-1500 CPU 1518-4 PN/DPSIMATIC S7-1500 CPU 1517T-3 PN/DPSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUsSIMATIC S7-1500 CPU 1516T-3 PN/DPSIMATIC ET 200SP CPU 1510SP F-1 PNSIPLUS S7-1500 CPU 1518-4 PN/DPSIPLUS ET 200SP CPU 1510SP-1 PNSIMATIC S7-1500 Software Controller Linux V2SIMATIC Drive Controller CPU 1507D TFSIMATIC S7-1500 CPU 1513pro-2 PNSIMATIC S7-1500 CPU 1516-3 PN/DPSIPLUS S7-1500 CPU 1518F-4 PN/DPSIMATIC S7-1500 CPU 1516T-3 PNSIMATIC S7-1500 CPU 1515-2 PNSIMATIC S7-1500 Software Controller CPU 1508S V2SIPLUS S7-1500 CPU 1516F-3 PN/DP RAILSIMATIC S7-1500 Software Controller CPU 1507S F V4SIPLUS S7-1500 CPU 1511-1 PN T1 RAILSIMATIC S7-1500 CPU 1511C-1 PNSIPLUS ET 200SP CPU 1512SP F-1 PN RAILSIMATIC S7-1500 CPU 1517TF-3 PNSIMATIC S7-1500 CPU 1513pro F-2 PNSIMATIC ET 200SP CPU 1512SP-1 PN
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')