Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET

The PSIRT received a report about a vulnerability in the Gateway Flexi Soft and microScan3 PROFINET. The vulnerability is classified as a denial-of-service vulnerability and results form a mishandling of Read Implicit Request services...

Siemens PROFINET Stack Integrated on Interniche Stack Uncontrolled Resource Consumption (CVE-2022-25622)

A vulnerability has been identified in SIMATIC CFU DIQ All versions, SIMATIC CFU PA All versions, SIMATIC S7-1500 CPU family incl. related ET200 CPUs and SIPLUS variants All versions V2.0.0, SIMATIC S7-300 CPU family incl. related ET200 CPUs and SIPLUS variants All versions, SIMATIC S7-400 H V6 C...

Siemens TIA Administrator Denial of Service Vulnerability

SIMATIC PCS neo is a distributed control system DCS.TIA Administrator is a web-based framework.Siemens Network Planner SINETPLAN supports you as a planner of PROFINET-based automation systems.TIA Portal is a PC A denial of service vulnerability exists in Siemens TIA Administrator, which can be...

Siemens PROFINET Stack Integrated on Interniche Stack Denial of Service Vulnerability

The SIMATIC S7-400 CPU series is designed for process control in industrial environments.The SIMATIC S7-300 CPU series is designed for discrete and continuous control in industrial environments.The SIMATIC S7-1500 CPU series is designed for discrete and continuous control in industrial...

CVE-2022-25622

The PROFINET PNIO stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by...

CVE-2022-25622

The PROFINET PNIO stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC CFU DIQ, SIMATIC CFU PA, SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET200AL IM157-1 PN, SIMATIC...

CVE-2022-25622

The PROFINET PNIO stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by...

PT-2022-3546 · Profinet · Profinet

Name of the Vulnerable Software and Affected Versions: PROFINET PNIO stack versions affected versions not specified Description: The issue is related to the improper handling of internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an...

Siemens SIMATIC 资源管理错误漏洞

The SIMATIC S7-400 CPU series is designed for process control in industrial environments.The SIMATIC S7-300 CPU series is designed for discrete and continuous control in industrial environments.The SIMATIC S7-1500 CPU series is designed for discrete and continuous control in industrial...

Siemens PROFINET Stack Integrated on Interniche Stack

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...

VulnCheck KEV: CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...

Profinet Code Issues Vulnerabilities

Profinet is an open industrial Ethernet communication protocol proposed by the PROFIBUS & PROFINET International Association. A code issue vulnerability exists in Profinet that stems from a null pointer dereference in Codesys Profinet, which allows denial of service DoS attacks via SNMP on...

Mitsubishi Electric MELSEC iQ-R Improper Neutralization of Argument Delimiters in a Command (CVE-2020-5657)

Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Modul...

Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays Improper Input Validation (CVE-2018-16563)

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.35, Firmware variant MODBUS TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet module All versions, Firmware variant IEC104 for EN100 Ethernet module A...

Siemens SIPROTEC Information Disclosure (CVE-2016-4785)

A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions V1.03; Firmware variant IEC 104...

Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller over Profinet Uncontrolled Resource Consumption (CVE-2019-18336)

A vulnerability has been identified in SIMATIC S7-300 CPU family incl. related ET200 CPUs and SIPLUS variants All versions V3.X.17, SIMATIC TDC CP51M1 All versions V1.1.8, SIMATIC TDC CPU555 All versions V1.1.1, SINUMERIK 840D sl All versions V4.8.6, SINUMERIK 840D sl All versions V4.94. Speciall...

Siemens Industrial Real-Time Devices Improper Input Validation (CVE-2019-10923)

A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SCALANCE X-200IRT switch family incl. SIPLUS NET variants,...

Siemens SIMATIC S7-1200 Improper Input Validation (CVE-2014-2252)

Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service defect-mode transition via crafted PROFINET packets, a different vulnerability than CVE-2014-2253. This plugin only works with Tenable.ot. Please visit...