Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11478)

Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. A remote attacker could cause a denial of service condition by sending specially crafted TCP Selective Acknowledgment SACK sequences to affected products. This plugin only works with Tenable.ot...

Siemens SIMATIC NET CP Modules Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2021-33737)

A vulnerability has been identified in SIMATIC CP 343-1 incl. SIPLUS variants All versions, SIMATIC CP 343-1 Advanced incl. SIPLUS variants All versions, SIMATIC CP 343-1 ERPC All versions, SIMATIC CP 343-1 Lean incl. SIPLUS variants All versions, SIMATIC CP 443-1 All versions V3.3, SIMATIC CP...

Siemens SIMATIC NET CP 443-1 OPC UA Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2017-6458)

Multiple buffer overflows in the ctlput functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. ...

CVE-2022-27640

A vulnerability has been identified in SIMATIC CP 442-1 RNA All versions V1.5.18, SIMATIC CP 443-1 RNA All versions V1.5.18. The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC CP 442-1 RNA All versions V1.5.18, SIMATIC CP 443-1 RNA All versions V1.5.18. The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming...

CVE-2022-27640

The CVE-2022-27640 vulnerability affects Siemens SIMATIC CP 442-1 RNA and CP 443-1 RNA (all versions before v1.5.18). It arises from improper handling of excessive ARP broadcast requests, enabling an attacker to induce a denial-of-service condition via ARP storming that can reboot the device. Sie...

Siemens SIMATIC CP 44x-1 RNA

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CP 442-1 RNA, 443-1 RNA Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...

Siemens SIMATIC CP 343-1/CP 443-1 Modules and SIMATIC S7-300/S7-400 CPUs (CVE-2016-8673)

A vulnerability has been identified in SIMATIC CP 343-1 Advanced incl. SIPLUS NET variant All versions V3.0.53, SIMATIC CP 443-1 Advanced incl. SIPLUS NET variant All versions V3.2.17, SIMATIC S7-300 PN/DP CPU family incl. SIPLUS variants All versions, SIMATIC S7-400 PN/DP CPU family incl. SIPLUS...

Siemens SIMATIC CP 343-1/CP 443-1 Modules and SIMATIC S7-300/S7-400 CPUs (CVE-2016-8672)

A vulnerability has been identified in SIMATIC CP 343-1 Advanced incl. SIPLUS NET variant All versions V3.0.53, SIMATIC CP 443-1 Advanced incl. SIPLUS NET variant All versions V3.2.17, SIMATIC S7-300 PN/DP CPU family incl. SIPLUS variants All versions, SIMATIC S7-400 PN/DP CPU family incl. SIPLUS...

CVE-2021-33737

A vulnerability has been identified in SIMATIC CP 343-1 incl. SIPLUS variants All versions, SIMATIC CP 343-1 Advanced incl. SIPLUS variants All versions, SIMATIC CP 343-1 ERPC All versions, SIMATIC CP 343-1 Lean incl. SIPLUS variants All versions, SIMATIC CP 443-1 All versions V3.3, SIMATIC CP...

CVE-2021-33737

CVE-2021-33737 affects Siemens SIMATIC NET CP Modules: CP 343-1 (incl. SIPLUS), CP 343-1 Advanced/ERPC/Lean, CP 443-1 and SIPLUS NET CP 443-1 (all versions before V3.3). A crafted packet to port 102/TCP can cause a denial-of-service requiring a restart. CVSS v3.1 base score 7.5 (Network, low comp...

PT-2021-20312 · Siemens · Simatic Cp 343-1 +6

Name of the Vulnerable Software and Affected Versions: SIMATIC CP 343-1 incl. SIPLUS variants All versions SIMATIC CP 343-1 Advanced incl. SIPLUS variants All versions SIMATIC CP 343-1 ERPC All versions SIMATIC CP 343-1 Lean incl. SIPLUS variants All versions SIMATIC CP 443-1 versions prior to V3...

Siemens SIMATIC NET CP 443-1 OPC UA

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC NET CP 443-1 OPC UA Vulnerabilities: Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer, Incorrect Calculation, Classic Buffer...

Siemens SIMATIC Communication Processor Vulnerability (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Communication Processor Vulnerability: Authentication Bypass Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-15-335-03...

ICSA-19-253-03_Siemens Industrial Products (Update P)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Excessive Data Query Operations in a Large Data Table, Integer Overflow or Wraparound, Uncontrolled Resource Consumption 2. UPDATE INFORMATION...

Siemens CP-443-1 Advanced Communications Adapter Detection

Binary data 763938.prm...

Siemens SIMATIC CP 343-1 Advanced < 3.0.53 / CP 443-1 Advanced < 3.2.17 Multiple Vulnerabilities (ICSA-16-327-02)

Binary data 138.prm...

Siemens CP 443-1 OPC UA Communications Adapter Detection

Binary data 750290.prm...

Siemens Multiple Devices Profinet DCP Denial of Service

Binary data 720111.prm...

Siemens CP-443-1 RNA Communications Adapter Detection

Binary data 750289.prm...