Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87982)

SIMATIC Drive Controllers for the automation of production machines combine the functionality of SIMATIC S7-1500 CPUs with that of SINAMICS S120 drive controls.SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller. Includes optional visualization features and...

PT-2022-12205 · Siemens · Simatic S7-1500 Software Controller +10

Name of the Vulnerable Software and Affected Versions: SIMATIC Drive Controller family versions affected versions not specified SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants versions affected versions not specified SIMATIC S7-1200 CPU family incl. SIPLUS variants versions...

CVE-2022-23974

In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...

Apache Pinot 安全漏洞

Apache Pinot is a real-time distributed OLAP data store from the Apache Foundation, Inc. Designed to provide ultra-low latency analysis, Apache Pinot 0.9.3 and earlier versions contain a denial-of-service vulnerability that could be exploited by an attacker to cause a Pinot service outage via a...

Siemens SIMATIC Industrial Products Operation On a Resource After Expiration or Release (CVE-2021-37185)

A vulnerability has been identified in SIMATIC Drive Controller family All versions = V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 V4.0 SP1, SIPLUS TIM 1531 IRC All versions V2.3.6, TIM 1531 IRC All versions V2.3.6. An unauthenticated attacker could cause a denial- of-service condition in a PL...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC Drive Controller family All versions = V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 V4.0 SP1, SIPLUS TIM 1531 IRC All versions V2.3.6, TIM 1531 IRC All versions V2.3.6. An unauthenticated attacker could cause a denial-of-service condition in a PLC...

CVE-2021-37205

CVE-2021-37205 affects Siemens SIMATIC Drive Controller family and related devices (Drive Controller, ET 200SP Open Controller CPU 1515SP PC2, S7-1200/1500 families, S7-PLCSIM Advanced, TIM 1531 IRC). The issue is a memory-management flaw (MISSING RELEASE OF MEMORY AFTER EFFECTIVE LIFETIME) that ...

CVE-2021-37185

CVE-2021-37185 affects Siemens SIMATIC Drive Controller family and multiple SIMATIC controllers (S7-1200, S7-1500, ET 200SP Open Controller CPU 1515SP PC2, S7-PLCSIM Advanced, TIM 1531 IRC). An unauthenticated attacker can cause a denial-of-service in a PLC by sending specially crafted packets to...

CVE-2020-15782

A vulnerability has been identified in SIMATIC Drive Controller family All versions V2.9.2, SIMATIC ET 200SP Open Controller CPU 1515SP PC incl. SIPLUS variants All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions V21.9, SIMATIC S7-1200 CPU family incl...

CVE-2020-15782

CVE-2020-15782 covers Siemens SIMATIC S7-1200/1500 CPUs and related devices (including ET 200SP Open Controller, S7-PLCSIM Advanced, SINAMICS GH180, SINUMERIK MC/ONE, and S7-1500 Software Controller) with a memory protection bypass via a specific operation. A remote, unauthenticated attacker can ...

CVE-2020-15796

A vulnerability has been identified in SIMATIC ET 200SP Open Controller incl. SIPLUS variants V20.8, SIMATIC S7-1500 Software Controller V20.8. The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC ET 200SP Open Controller incl. SIPLUS variants V20.8, SIMATIC S7-1500 Software Controller V20.8. The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a...

Siemens Simatic Uncontrolled Resource Consumption

A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions = V2.5 and = V2.5 and = V2.5 and V20.8. Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a Denial-of-Service condition. The...

CVE-2019-19300

A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0, SIMATIC ET 200eco PN, ...

CVE-2019-19281

A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions = V2.5 and = V2.5 and = V2.5 and V20.8. Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a Denial-of-Service condition. The...

CVE-2019-19281

CVE-2019-19281 affects Siemens SIMATIC S7-1500 family and ET 200SP Open Controller CPU 1515SP PC2 variants (incl. SIPLUS): all affected versions are >= V2.5 and < V20.8 (ET 200SP) or < V2.8 (S7-1500 ET200 variants) or

Race condition

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFIN...

Siemens CPU 1505SP and WinCC Runtime PLC Detection

Binary data 750318.prm...

PT-2019-2034 · Siemens · Simatic Hmi Comfort Outdoor Panels 7" & 15" +16

Name of the Vulnerable Software and Affected Versions: SIMATIC CP 443-1 OPC UA versions prior to the fixed version SIMATIC ET 200SP Open Controller CPU 1515SP PC2 versions prior to V2.7 SIMATIC HMI Comfort Outdoor Panels 7" & 15" versions prior to V15.1 Upd 4 SIMATIC HMI Comfort Panels 4" - 22"...