333 matches found
Siemens (CVE-2022-34820) (deprecated)
A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions, SIMATIC CP 1243-1 All versions, SIMATIC CP 1243-7 LTE EU All versions, SIMATIC CP 1243-7 LTE US All versions, SIMATIC CP 1243-8 IRC All versions, SIMATIC CP 1542SP-1 IRC All versions = V2.0, SIMATIC CP 1543-1 All versions =...
Siemens (CVE-2022-34819) (deprecated)
A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions, SIMATIC CP 1243-1 All versions, SIMATIC CP 1243-7 LTE EU All versions, SIMATIC CP 1243-7 LTE US All versions, SIMATIC CP 1243-8 IRC All versions, SIMATIC CP 1542SP-1 IRC All versions = V2.0, SIMATIC CP 1543-1 All versions =...
Siemens SIMATIC CP SRCS VPN Feature Buffer Overflow Vulnerability
The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect SIMATIC S7-1200 controllers to a wide area network WAN. They provide integrated security features such as firewalls, virtual private networks VPNs, and support for other protocols with data encryption.The SIMATIC CP 1243-8 I...
Siemens SIMATIC CP SRCS VPN Feature Command Injection Vulnerability
The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect SIMATIC S7-1200 controllers to a wide area network WAN. They provide integrated security features such as firewalls, virtual private networks VPNs, and support for other protocols with data encryption.The SIMATIC CP 1243-8 I...
Siemens SIMATIC CP SRCS VPN Feature Code Injection Vulnerability
The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect SIMATIC S7-1200 controllers to a wide area network WAN. They provide integrated security features such as firewalls, virtual private networks VPNs, and support for other protocols with data encryption.The SIMATIC CP 1243-8 I...
The vulnerability of the embedded web-server microprogramming software in industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, SCALANCE XR324-12M, and SIPLUS NET SCALANCE X308-2 allows a perpetrator to increase their privileges.
The vulnerability of the embedded web-server microprogramming software in industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and...
The vulnerabilities of the microprogrammed software of industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, SCALANCE XR324-12M, and SIPLUS NET SCALANCE X308-2 are related to errors in handling HTTP headers. These vulnerabilities allow attackers to trigger service interruptions.
The vulnerability of the microprogrammed software of industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and SCALANCE XR324-12M, as...
The vulnerability of microprogrammed software in industrial switches such as SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and SCALANCE XR324-12M lies in buffer overflows in the stack. This allows attackers to execute arbitrary code.
The vulnerability of the microprogrammed software of industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and SCALANCE XR324-12M, SIPL...
The vulnerability of microprogrammed software in industrial switches such as SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and SCALANCE XR324-12M lies in the copying of buffers without checking the size of the input data. This allows a intruder to trigger a service failure.
The vulnerability of the microprogrammed software in industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and SCALANCE XR324-12M, SIPL...
CVE-2022-34820
A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...
CVE-2022-34820
A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...
Authentication flaw
A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...
Code injection
A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 V3.0, SCALANCE SC646-2C All versions V2.3, SCALANCE SC646-2C...
Heap overflow
A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...
CVE-2022-34820
CVE-2022-34820 is an authentication input handling vulnerability in Siemens SIMATIC CP devices (e.g., CP 1242-7/1243-1/1243-7 LTE EU/US/8 IRC, CP 1542SP-1/1543-1/1543SP-1, SIPLUS variants) where certain user-provided fields are not correctly escaped during authentication, allowing an attacker to ...
CVE-2022-34820
A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...
CVE-2022-34819
A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...
CVE-2022-34821
The CVE-2022-34821 vulnerability affects Siemens RUGGEDCOM RM1224 LTE and various SCALANCE devices. The root cause is code injection by injecting code into specific OpenVPN configuration options, allowing arbitrary code execution with elevated privileges on affected devices. Relevant impacts incl...
PT-2022-22373 · Siemens · Scalance Sc646-2C +37
Name of the Vulnerable Software and Affected Versions: SIMATIC CP 1242-7 V2 All versions SIMATIC CP 1243-1 All versions SIMATIC CP 1243-7 LTE EU All versions SIMATIC CP 1243-7 LTE US All versions SIMATIC CP 1243-8 IRC All versions SIMATIC CP 1542SP-1 IRC All versions = V2.0 SIMATIC CP 1543-1 All...
The vulnerability of microprogrammed software in communication modules of SIMATIC CP 1543-1 and SIPLUS NET CP arises from insufficient validation of input data. This allows attackers to trigger service failures.
The vulnerability of microprogrammed communication module software for SIMATIC CP 1543-1 and SIPLUS NET CP is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures by sending specially crafted packets to port 161/udp...