EUVD-2021-23779

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Vulnerability in various SIMATIC controllers allows denial-of-service via port 102/tcp attack

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2021-37205	9 Feb 202218:13	–	circl
CNNVD	Siemens SIMATIC S7-1500 系列产品输入验证错误漏洞	8 Feb 202200:00	–	cnnvd
CNVD	Denial of Service Vulnerability in Multiple Siemens Industrial Products (CNVD-2022-10002)	8 Feb 202200:00	–	cnvd
CVE	CVE-2021-37205	9 Feb 202215:16	–	cve
Cvelist	CVE-2021-37205	9 Feb 202215:16	–	cvelist
ICS	Siemens SIMATIC Industrial Products (Update A)	8 Feb 202200:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	8 Feb 202200:00	–	ncsc
NVD	CVE-2021-37205	9 Feb 202216:15	–	nvd
OSV	CVE-2021-37205	9 Feb 202216:15	–	osv
Prion	Design/Logic Flaw	9 Feb 202216:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "8853daf8-017a-3545-92fd-582e9c64b8b6",
        "vendor": {
          "name": "Siemens"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1c8f3a88-43ca-3a2b-87e3-618ab86daf1c",
        "product": {
          "name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)"
        },
        "product_version": "All versions  V21.9 < V21.9.4"
      },
      {
        "id": "5b89a9d9-5728-3e66-b14a-3cd50de73213",
        "product": {
          "name": "SIMATIC S7-PLCSIM Advanced"
        },
        "product_version": "All versions  V4.0 < V4.0 SP1"
      },
      {
        "id": "5f37102c-5134-3791-9b1c-912fd98f83b8",
        "product": {
          "name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)"
        },
        "product_version": "All versions  V2.9.2 < V2.9.4"
      },
      {
        "id": "6099ede5-9987-32bd-b979-b692893b4616",
        "product": {
          "name": "TIM 1531 IRC"
        },
        "product_version": "All versions < V2.3.6"
      },
      {
        "id": "6fb45ae9-b6e9-3187-8436-cb15760c4506",
        "product": {
          "name": "SIMATIC Drive Controller family"
        },
        "product_version": "All versions  V2.9.2 < V2.9.4"
      },
      {
        "id": "995a6671-f9c7-3585-b6e4-a527f8e9906a",
        "product": {
          "name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)"
        },
        "product_version": "All versions  V4.5.0 < V4.5.2"
      },
      {
        "id": "bf7f2867-41dc-36ae-8204-3f54058f4d55",
        "product": {
          "name": "SIMATIC S7-1500 Software Controller"
        },
        "product_version": "All versions  V21.9 < V21.9.4"
      },
      {
        "id": "e9343ee4-532c-3bbb-8bf8-6d95bbd18a9a",
        "product": {
          "name": "SIPLUS TIM 1531 IRC"
        },
        "product_version": "All versions < V2.3.6"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.4High risk

Vulners AI Score7.4

CVSS 3.17.5

CVSS 27.1

EPSS0.01386

SSVC

vulnerability simatic controllers denial-of-service attack tcp port