CVE-2026-22925
- EPSS 0.32%
- Veröffentlicht 12.05.2026 08:20:56
- Zuletzt bearbeitet 29.06.2026 14:05:43
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application is susceptible to resource exhaustion when subjected to high volume of TCP SYN packets This could allow an attacker to render the service unavaila...
CVE-2026-22924
- EPSS 0.3%
- Veröffentlicht 12.05.2026 08:20:55
- Zuletzt bearbeitet 29.06.2026 14:06:00
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions. This could allow an attacker to disru...
CVE-2026-2673
- EPSS 0.44%
- Veröffentlicht 13.03.2026 13:23:00
- Zuletzt bearbeitet 05.06.2026 19:48:51
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may...
CVE-2025-40941
- EPSS 0.25%
- Veröffentlicht 09.12.2025 10:44:40
- Zuletzt bearbeitet 10.12.2025 21:32:01
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood ...
CVE-2025-40940
- EPSS 0.32%
- Veröffentlicht 09.12.2025 10:44:39
- Zuletzt bearbeitet 10.12.2025 21:34:59
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected application exhibits inconsistent SNMP behavior, such as unexpected service availability and unreliable configuration handling across protocol versions. This...
CVE-2025-40939
- EPSS 0.19%
- Veröffentlicht 09.12.2025 10:44:37
- Zuletzt bearbeitet 16.12.2025 17:30:28
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected device contains a USB port which allows unauthenticated connections. This could allow an attacker with physical access to the device to trigger reboot that c...
CVE-2025-40938
- EPSS 0.33%
- Veröffentlicht 09.12.2025 10:44:36
- Zuletzt bearbeitet 10.12.2025 21:36:44
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s c...
CVE-2025-40937
- EPSS 0.51%
- Veröffentlicht 09.12.2025 10:44:35
- Zuletzt bearbeitet 10.12.2025 21:37:50
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected application do not properly validate input parameters in its REST API, resulting in improper handling of unexpected arguments. This could allow an authentic...
CVE-2025-38502
- EPSS 0.15%
- Veröffentlicht 16.08.2025 09:34:25
- Zuletzt bearbeitet 01.06.2026 12:24:50
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two programs each utilizing a ...
CVE-2025-40593
- EPSS 0.32%
- Veröffentlicht 08.07.2025 10:34:51
- Zuletzt bearbeitet 16.12.2025 19:33:11
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0). The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service...