Siemens SIMATIC Devices Use After Free (CVE-2025-21858)

geneve: Fix use-after-free in genevefinddev This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503396; scriptversion"1.2";...

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-26920)

In the Linux kernel, the following vulnerability has been resolved: tracing/trigger: Fix to return error if failed to alloc snapshot This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Out-of-bounds Write (CVE-2024-36916)

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where sometimes iocg-delay is shifted right by a number that is too large, resulting in undefined behavior on some architectures. 186.556576...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-38635)

soundwire: cadence: invalid PDI offset. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503406; scriptversion"1.2";...

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-42283)

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthopgrp contains two reserved fields that are not initialized by nlaputnhgroup, and carry garbage. This can be observed e.g. with strace edited for clarity: ip...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-42304)

In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc...

Siemens SIMATIC Devices Use After Free (CVE-2024-36899)

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

Siemens SIMATIC Devices Out-of-bounds Read (CVE-2025-21647)

In the Linux kernel, the following vulnerability has been resolved: sched: schcake: add bounds checks to host bulk flow fairness counts This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Out-of-bounds Read (CVE-2024-26982)

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21826)

netfilter: nftables: reject mismatching sum of fieldlen with set key length. The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the pipapo rule width from pipapoinit. The set key length provides the...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21762)

In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arpxmit arpxmit can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21653)

netsched: clsflow: validate TCAFLOWRSHIFT attribute This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503380; scriptversion"1.2";...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21678)

gtp: Destroy device along with udp socket's netns dismantle This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503383; scriptversion"1.2";...

CVE-2011-20001

A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family incl. SIPLUS variants All versions V2.0.3, SIMATIC S7-1200 CPU V2 family incl. SIPLUS variants All versions V2.0.3. The web server interface of affected devices improperly processes incoming malformed HTTP traffic at high rate...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as SIMATIC, SINEC, SIPLUS and Solid Edge. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Circumvention o...

CVE-2011-20001

A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family incl. SIPLUS variants All versions V2.0.3, SIMATIC S7-1200 CPU V2 family incl. SIPLUS variants All versions V2.0.3. The web server interface of affected devices improperly processes incoming malformed HTTP traffic at high rate...

CVE-2025-40771

A vulnerability has been identified in SIMATIC CP 1542SP-1 6GK7542-6UX00-0XE0 All versions V2.4.24, SIMATIC CP 1542SP-1 IRC 6GK7542-6VX00-0XE0 All versions V2.4.24, SIMATIC CP 1543SP-1 6GK7543-6WX00-0XE0 All versions V2.4.24, SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL 6AG2542-6VX00-4XE0 All versions...

CVE-2025-40771

A vulnerability has been identified in SIMATIC CP 1542SP-1 6GK7542-6UX00-0XE0 All versions V2.4.24, SIMATIC CP 1542SP-1 IRC 6GK7542-6VX00-0XE0 All versions V2.4.24, SIMATIC CP 1543SP-1 6GK7543-6WX00-0XE0 All versions V2.4.24, SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL 6AG2542-6VX00-4XE0 All versions...

CVE-2025-40771

CVE-2025-40771 affects Siemens SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, CP 1543SP-1 and SIPLUS ET 200SP variants (and related CPs) with versions older than 2.4.24. The root cause is improper authentication of configuration connections, allowing an unauthenticated remote attacker to access configurat...

EUVD-2025-34160

A vulnerability has been identified in SIMATIC CP 1542SP-1 6GK7542-6UX00-0XE0 All versions V2.4.24, SIMATIC CP 1542SP-1 IRC 6GK7542-6VX00-0XE0 All versions V2.4.24, SIMATIC CP 1543SP-1 6GK7543-6WX00-0XE0 All versions V2.4.24, SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL 6AG2542-6VX00-4XE0 All versions...