Simatic S7-plcsim Advanced Security Vulnerabilities
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) ...
5.9CVSS
5.5AI Score
0.001EPSS
The webserver of the affected devices contains a vulnerability that may lead toa denial of service condition. An attacker may cause a denial of servicesituation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with networ...
7.5CVSS
7.3AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-120...
9.8CVSS
9.5AI Score
0.005EPSS
The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
6.5CVSS
4.6AI Score
0.001EPSS