Siemens Simatic Drive Controller Cpu 1504D Tf Firmware vulnerabilities
6 known vulnerabilities affecting siemens/simatic_drive_controller_cpu_1504d_tf_firmware.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH6
Vulnerabilities
Page 1 of 1
CVE-2023-46156HIGHCVSS 7.5fixed in 3.1.02023-12-12
CVE-2023-46156 [HIGH] CWE-416 CVE-2023-46156: Affected devices improperly handle specially crafted packets sent to port 102/tcp.
This could allow
Affected devices improperly handle specially crafted packets sent to port 102/tcp.
This could allow an attacker to create a denial of service condition. A restart is needed to restore
normal operations.
nvd
CVE-2023-28831HIGHCVSS 8.7fixed in 2.22023-09-12
CVE-2023-28831 [HIGH] CWE-190 CVE-2023-28831: The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnera
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.
This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.
nvd
CVE-2022-38465HIGHCVSS 7.8fixed in 2.9.22022-10-11
CVE-2022-38465 [CRITICAL] CWE-522 CVE-2022-38465: A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMA
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.
nvd
CVE-2021-37205HIGHCVSS 7.5fixed in 2.9.42022-02-09
CVE-2021-37205 [HIGH] CWE-401 CVE-2021-37205: A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets ov
nvd
CVE-2021-37204HIGHCVSS 7.5fixed in 2.9.42022-02-09
CVE-2021-37204 [HIGH] CWE-672 CVE-2021-37204: A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMA
A vulnerability has been identified in SIMATIC Drive Controller family (All versions = V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over
nvd
CVE-2021-37185HIGHCVSS 7.5fixed in 2.9.42022-02-09
CVE-2021-37185 [HIGH] CWE-672 CVE-2021-37185: A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets ov
nvd