287 matches found
CVE-2023-32735
A vulnerability has been identified in SIMATIC STEP 7 Safety V16 All versions V16 Update 7, SIMATIC STEP 7 Safety V17 All versions V17 Update 7, SIMATIC STEP 7 Safety V18 All versions V18 Update 2, SIMATIC STEP 7 V16 All versions V16 Update 7, SIMATIC STEP 7 V17 All versions V17 Update 7, SIMATIC...
Siemens SIMATIC and SIPLUS Products Buffer Access with Incorrect Length Value (CVE-2022-47375)
A vulnerability has been identified in SIMATIC PC-Station Plus All versions, SIMATIC S7-400 CPU 412-2 PN V7 All versions, SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416F-3 PN/D...
The vulnerability of the web server of the microprogramming software for communication modules of SIMATIC CP, SIPLUS NET CP 1543-1, and the servo drive system SINAMICS S210 allows a intruder to cause service interruptions.
The vulnerability of the web server of the microprogramming software for communication modules of SIMATIC CP, SIPLUS NET CP 1543-1, and the servo drive system SINAMICS S210 is related to the lack of a mechanism for releasing memory. Exploiting this vulnerability could allow an attacker, operating...
CVE-2023-38380
A vulnerability has been identified in SIMATIC CP 1242-7 V2 incl. SIPLUS variants All versions = V6.1 V6.1 HF2, SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL 6AG2542-6VX00-4XE0 All versions V2.3, SIPLUS ET 200SP CP 1543SP-1 ISEC 6AG1543-6WX00-7XE0 All versions V2.3, SIPLUS ET 200SP CP 1543SP-1 ISEC TX...
CVE-2022-47374
A vulnerability has been identified in SIMATIC PC-Station Plus All versions, SIMATIC S7-400 CPU 412-2 PN V7 All versions, SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416F-3 PN/D...
CVE-2022-47375
A vulnerability has been identified in SIMATIC PC-Station Plus All versions, SIMATIC S7-400 CPU 412-2 PN V7 All versions, SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416F-3 PN/D...
CVE-2022-47374
A vulnerability has been identified in SIMATIC PC-Station Plus All versions, SIMATIC S7-400 CPU 412-2 PN V7 All versions, SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416F-3 PN/D...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC CP 1242-7 V2 incl. SIPLUS variants All versions = V6.1 V6.1 HF2, SIPLUS NET CP 1543-1 6AG1543-1AX00-2XE0 All versions V3.0.37. The webserver implementation of the affected products does not correctly release allocated memory after it has been used. A...
Buffer overflow
A vulnerability has been identified in SIMATIC PC-Station Plus All versions, SIMATIC S7-400 CPU 412-2 PN V7 All versions, SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416F-3 PN/D...
CVE-2023-38380
A vulnerability has been identified in SIMATIC CP 1242-7 V2 incl. SIPLUS variants All versions = V6.1 V6.1 HF2, SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL 6AG2542-6VX00-4XE0 All versions V2.3, SIPLUS ET 200SP CP 1543SP-1 ISEC 6AG1543-6WX00-7XE0 All versions V2.3, SIPLUS ET 200SP CP 1543SP-1 ISEC TX...
CVE-2022-47375
CVE-2022-47375 applies to Siemens SIMATIC/SIPLUS line, notably SIMATIC PC-Station Plus and S7-400 CPU variants, plus SINAMICS S120 (and SIPLUS) prior to SP3 HF15. The vulnerability is caused by improper handling of long file names in the web server, enabling a buffer overflow that can lead to a d...
CVE-2022-47374
A vulnerability has been identified in SIMATIC PC-Station Plus All versions, SIMATIC S7-400 CPU 412-2 PN V7 All versions, SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416F-3 PN/D...
CVE-2022-47374
A vulnerability has been identified in SIMATIC PC-Station Plus All versions, SIMATIC S7-400 CPU 412-2 PN V7 All versions, SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416F-3 PN/D...
CVE-2022-47374
CVE-2022-47374 affects Siemens SIMATIC PC-Station Plus and multiple S7-400/SIPLUS variants, plus SINAMICS S120. The issue is an HTTP(S) web server handling flaw (uncontrolled recursion) that can exhaust resources and cause a denial of service. Affected products include PC-Station Plus; S7-400 CPU...
PT-2023-15289 · Siemens · Sinamics Sm120 +6
Name of the Vulnerable Software and Affected Versions: SIMATIC PC-Station Plus All versions SIMATIC S7-400 CPU 412-2 PN V7 All versions SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions SIMATIC S7-400 CPU...
PT-2023-15290 · Siemens · Sinamics Sm120 +6
Name of the Vulnerable Software and Affected Versions: SIMATIC PC-Station Plus versions All SIMATIC S7-400 CPU 412-2 PN V7 versions All SIMATIC S7-400 CPU 414-3 PN/DP V7 versions All SIMATIC S7-400 CPU 414F-3 PN/DP V7 versions All SIMATIC S7-400 CPU 416-3 PN/DP V7 versions All SIMATIC S7-400 CPU...
The vulnerability of microprogramming software in Siemens SIMATIC and SINAMICS products, related to a memory release error, allows attackers to trigger malfunctions during maintenance operations.
The vulnerability of microprogrammed software in Siemens SIMATIC and SINAMICS products is related to a memory release error. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...
CISA Releases Fourteen Industrial Control Systems Advisories
CISA released fourteen Industrial Control Systems ICS advisories on June 15, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-166-01 SUBNET PowerSYSTEM Center ICSA-23-166-02 Advantech WebAccessSCADA...
Siemens SINAMICS Medium Voltage Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...
Unspecified Vulnerability in Siemens S7-1500 CPU devices
SIMATIC drive controllers are designed for the automation of production machines, combining the functionality of the SIMATIC S7-1500 CPU and the SINAMICS S120 drive control.The SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global...