Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSiemensCVELIST:CVE-2016-9159
HistoryDec 17, 2016 - 3:34 a.m.

CVE-2016-9159

2016-12-1703:34:00
CWE-200
siemens
www.cve.org
4

AI Score

6.4

Confidence

High

EPSS

0.002

Percentile

57.7%

JSON

A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 V6 and earlier CPU family (All versions), SIMATIC S7-400 V7 CPU family (All versions), SIMATIC S7-410 V8 CPU family (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions). An attacker with network access to port 102/tcp (ISO-TSAP) or via Profibus could obtain credentials from the PLC if protection-level 2 is configured on the affected devices.

CNA Affected

[
  {
    "product": "SIMATIC S7-300 CPU family",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC S7-400 V6 and earlier CPU family",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC S7-400 V7 CPU family",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC S7-410 V8 CPU family",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  }
]

Related

prion 1
nvd 1
nessus 3
cve 1
openvas 1
ics 1
prion
prion
Design/Logic Flaw
2016-12-17 03:59:00
nvd
nvd
CVE-2016-9159
2016-12-17 03:59:00
nessus
nessus
Siemens Simatic Exposure of Sensitive Information to an Unauthorized Actor
2019-11-08 00:00:00
Siemens S7-300/400 PLC (CVE-2016-9159)
2022-02-07 00:00:00
Siemens S7-300/400 PLC (CVE-2016-9158)
2022-02-07 00:00:00
cve
cve
CVE-2016-9159
2016-12-17 03:59:00
openvas
openvas
Siemens SIMATIC S7-300/400 PLC Multiple Vulnerabilities (SSA-731239)
2016-12-15 00:00:00
ics
ics
Siemens S7-300/400 PLC Vulnerabilities (Update E)
2020-03-10 12:00:00

AI Score

6.4

Confidence

High

EPSS

0.002

Percentile

57.7%

JSON
Related for CVELIST:CVE-2016-9159
prion1nvd1nessus3cve1openvas1ics1