CVE-2020-27632
- EPSS 0.38%
- Published 10.03.2021 18:15:12
- Last modified 21.11.2024 05:21:32
In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions.
CVE-2019-13946
- EPSS 0.55%
- Published 11.02.2020 16:15:15
- Last modified 21.11.2024 04:25:45
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of ...
CVE-2019-10925
- EPSS 0.89%
- Published 12.06.2019 14:29:04
- Last modified 21.11.2024 04:20:09
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by...
CVE-2019-10926
- EPSS 0.36%
- Published 12.06.2019 14:29:04
- Last modified 21.11.2024 04:20:10
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The...