Simatic S7-1500 Firmware Security Vulnerabilities and Issues — Simatic S7-1500 Firmware CVE List

Lucene search

SiemensSimatic S7-1500 Firmware

10 matches found

CVE•added 2014/04/07 10:55 p.m.•3930 views

CVE-2014-0160

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys,...

7.5CVSS7.5AI score0.94443EPSS

CVE•added 2017/05/11 1:29 a.m.•129 views

CVE-2017-2680

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

7.1CVSS6AI score0.02335EPSS

CVE•added 2019/04/17 2:29 p.m.•95 views

CVE-2019-6568

The webserver of the affected devices contains a vulnerability that may lead toa denial of service condition. An attacker may cause a denial of servicesituation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with networ...

7.5CVSS7.3AI score0.00408EPSS

CVE•added 2018/10/10 5:29 p.m.•84 views

CVE-2018-13805

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and = V2.0 and = V2.0 and

7.5CVSS7.1AI score0.00495EPSS

CVE•added 2017/05/11 10:29 a.m.•83 views

CVE-2017-2681

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.

7.1CVSS6.1AI score0.00442EPSS

CVE•added 2020/11/12 6:15 p.m.•79 views

CVE-2020-8744

Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200 may allow a privileged user to potentially enable escalation of privilege via local access.

7.8CVSS7.5AI score0.00172EPSS

CVE•added 2019/04/17 2:29 p.m.•78 views

CVE-2019-6575

A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort P...

7.8CVSS7.4AI score0.01329EPSS

CVE•added 2018/12/13 4:29 p.m.•57 views

CVE-2018-13815

A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions

7.5CVSS7.2AI score0.00451EPSS

CVE•added 2019/04/17 2:29 p.m.•49 views

CVE-2018-16559

A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions

7.8CVSS7.3AI score0.01329EPSS

CVE•added 2019/04/17 2:29 p.m.•35 views

CVE-2018-16558

A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions

7.8CVSS7.3AI score0.01329EPSS