62 matches found
CVE-2011-20002
A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family incl. SIPLUS variants All versions V2.0.2, SIMATIC S7-1200 CPU V2 family incl. SIPLUS variants All versions V2.0.2. Affected controllers are vulnerable to capture-replay in the communication with the engineering software. This...
CVE-2011-20001
A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family incl. SIPLUS variants All versions V2.0.3, SIMATIC S7-1200 CPU V2 family incl. SIPLUS variants All versions V2.0.3. The web server interface of affected devices improperly processes incoming malformed HTTP traffic at high rate...
PT-2025-41863
A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family incl. SIPLUS variants All versions V2.0.2, SIMATIC S7-1200 CPU V2 family incl. SIPLUS variants All versions V2.0.2. Affected controllers are vulnerable to capture-replay in the communication with the engineering software. This...
EUVD-2020-17921
Malware in sbrugna...
EUVD-2017-4274
Malware in sbrugna...
CVE-2023-30756
A vulnerability has been identified in SIMATIC CP 1242-7 V2 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 IEC incl. SIPLUS variants All versions V3.5.20...
CVE-2022-47374
A vulnerability has been identified in SIMATIC PC-Station Plus All versions, SIMATIC S7-400 CPU 412-2 PN V7 All versions, SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416F-3 PN/D...
PT-2023-15289 · Siemens · Sinamics Sm120 +6
Name of the Vulnerable Software and Affected Versions: SIMATIC PC-Station Plus All versions SIMATIC S7-400 CPU 412-2 PN V7 All versions SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions SIMATIC S7-400 CPU...
PT-2023-15290 · Siemens · Sinamics Sm120 +6
Name of the Vulnerable Software and Affected Versions: SIMATIC PC-Station Plus versions All SIMATIC S7-400 CPU 412-2 PN V7 versions All SIMATIC S7-400 CPU 414-3 PN/DP V7 versions All SIMATIC S7-400 CPU 414F-3 PN/DP V7 versions All SIMATIC S7-400 CPU 416-3 PN/DP V7 versions All SIMATIC S7-400 CPU...
Siemens LOGO! Web Server Buffer Copy Without Checking Size of Input (CVE-2020-7593)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants V1.81.01 - V1.81.03, LOGO! 8 BM incl. SIPLUS variants V1.82.01, LOGO! 8 BM incl. SIPLUS variants V1.82.02. A buffer overflow vulnerability exists in the Web Server functionality of the device. A remote unauthenticated attacke...
Siemens LOGO! 8 BM Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-25230)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device. This plugin only works with Tenable.ot. Please visi...
Siemens SIMATIC NET CP343-1 Uncontrolled Resource Consumption (CVE-2020-25242)
A vulnerability has been identified in SIMATIC NET CP 343-1 Advanced incl. SIPLUS variants All versions, SIMATIC NET CP 343-1 Lean incl. SIPLUS variants All versions, SIMATIC NET CP 343-1 Standard incl. SIPLUS variants All versions. Specially crafted packets sent to TCP port 102 could cause a...
CVE-2022-43767
A vulnerability has been identified in SIMATIC CP 1242-7 V2 6GK7242-7KX31-0XE0 All versions V3.4.29, SIMATIC CP 1243-1 6GK7243-1BX30-0XE0 All versions V3.4.29, SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants All versions V3.4.29, SIMATIC CP 1243-1 IEC incl. SIPLUS variants All versions V3.4.29,...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions, SIMATIC CP 1243-1 All versions, SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants All versions, SIMATIC CP 1243-1 IEC incl. SIPLUS variants All versions, SIMATIC CP 1243-7 LTE EU All versions, SIMATIC CP 1243-7 LTE US All...
Siemens Multiple Denial of Service in Industrial Products (CVE-2021-44694)
A vulnerability has been identified in SIMATIC Drive Controller family All versions V3.0.1, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions, SIMATIC S7-1200 CPU family incl. SIPLUS variants All versions V4.6.0, SIMATIC S7-1500 CPU family incl. related ET200 CPUs...
PT-2022-12205 · Siemens · Simatic S7-1500 Software Controller +10
Name of the Vulnerable Software and Affected Versions: SIMATIC Drive Controller family versions affected versions not specified SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants versions affected versions not specified SIMATIC S7-1200 CPU family incl. SIPLUS variants versions...
Siemens Web Server Login Page of Industrial Controllers
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
CVE-2022-40227
A vulnerability has been identified in SIMATIC HMI Comfort Panels incl. SIPLUS variants All versions V17 Update 4, SIMATIC HMI KTP Mobile Panels All versions V17 Update 4, SIMATIC HMI KTP1200 Basic All versions V17 Update 5, SIMATIC HMI KTP400 Basic All versions V17 Update 5, SIMATIC HMI KTP700...
CVE-2022-36360
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker t...
CVE-2022-36360
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker t...