Siemens

Simatic S7-1500 Cpu Firmware

14 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-25622

  • EPSS 0.12%
  • Veröffentlicht 12.04.2022 09:15:14
  • Zuletzt bearbeitet 21.11.2024 06:52:27

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service cond...

5

CVE-2019-10936

  • EPSS 1.99%
  • Veröffentlicht 10.10.2019 14:15:14
  • Zuletzt bearbeitet 21.11.2024 04:20:11

Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.

5.3

CVE-2016-2201

  • EPSS 1.61%
  • Veröffentlicht 08.02.2016 16:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to bypass a replay protection mechanism via packets on TCP port 102.

7.8

CVE-2016-2200

  • EPSS 9.24%
  • Veröffentlicht 08.02.2016 16:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to cause a denial of service (STOP mode transition) via crafted packets on TCP port 102.

7.1

CVE-2014-5074

  • EPSS 13.71%
  • Veröffentlicht 17.08.2014 23:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow remote attackers to cause a denial of service (device restart and STOP transition) via crafted TCP packets.

4.3

CVE-2014-2246

  • EPSS 0.51%
  • Veröffentlicht 16.03.2014 14:06:45
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5.8

CVE-2014-2247

  • EPSS 0.68%
  • Veröffentlicht 16.03.2014 14:06:45
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject headers via unspecified vectors.

4.3

CVE-2014-2248

  • EPSS 0.69%
  • Veröffentlicht 16.03.2014 14:06:45
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

5.8

CVE-2014-2249

  • EPSS 0.18%
  • Veröffentlicht 16.03.2014 14:06:45
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 and SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allows remote attackers to hijack the authentication of unspecified vic...

8.3

CVE-2014-2251

  • EPSS 0.9%
  • Veröffentlicht 16.03.2014 14:06:45
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspe...