Siemens Simatic Cp 1626 vulnerabilities

5 known vulnerabilities affecting siemens/simatic_cp_1626.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2023-37194MEDIUMCVSS 6.7vAll versions2023-10-10
CVE-2023-37194 [MEDIUM] CWE-284 CVE-2023-37194: A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). The kernel memory of affected devices is exposed to user-mode via direct memory access (DMA) which could allow a local attacker with administrative priv
cvelistv5nvd
CVE-2023-37195MEDIUMCVSS 4.4vAll versions2023-10-10
CVE-2023-37195 [MEDIUM] CWE-400 CVE-2023-37195: A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests. This could allow local attackers with administrative
cvelistv5nvd
CVE-2020-28400HIGHCVSS 8.7vAll versions2021-07-13
CVE-2020-28400 [HIGH] CWE-770 CVE-2020-28400: Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
cvelistv5nvd
CVE-2019-10929MEDIUMCVSS 5.9vAll versions2019-08-13
CVE-2019-10929 [MEDIUM] CWE-327 CVE-2019-10929: A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Control A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versio
cvelistv5nvd
CVE-2017-2680HIGHCVSS 7.1vAll versions < V1.12017-05-11
CVE-2017-2680 [HIGH] CWE-400 CVE-2017-2680: Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affect Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
cvelistv5nvd