Siemens Simatic Et 200Mp Im 155-5 Pn St vulnerabilities
7 known vulnerabilities affecting siemens/simatic_et_200mp_im_155-5_pn_st.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH6MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-23814MEDIUMCVSS 6.9fixed in *2025-02-11
CVE-2024-23814 [MEDIUM] CWE-400 CVE-2024-23814: The integrated ICMP service of the network stack of affected devices can be forced to exhaust its a
The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication service
cvelistv5nvd
CVE-2019-13946HIGHCVSS 7.5fixed in V4.1.02020-02-11
CVE-2019-13946 [HIGH] CWE-400 CVE-2019-13946: Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit
internal resource allocation wh
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit
internal resource allocation when multiple legitimate diagnostic package
requests are sent to the DCE-RPC interface.
This could lead to a denial of service condition due to lack of memory
for devices that include a vulnerable version of the stack.
The security vulnerability could be
cvelistv5nvd
CVE-2019-10936HIGHCVSS 7.5fixed in *2019-10-10
CVE-2019-10936 [HIGH] CWE-400 CVE-2019-10936: Affected devices improperly handle large amounts of specially crafted UDP packets.
This could all
Affected devices improperly handle large amounts of specially crafted UDP packets.
This could allow an unauthenticated remote attacker to trigger a denial of service condition.
cvelistv5nvd
CVE-2019-10923HIGHCVSS 7.5fixed in V4.1.02019-10-10
CVE-2019-10923 [HIGH] CWE-400 CVE-2019-10923: An attacker with network access to an affected product may cause a denial of service condition by br
An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.
cvelistv5nvd
CVE-2017-12741HIGHCVSS 8.7fixed in V4.1.02017-12-26
CVE-2017-12741 [HIGH] CWE-400 CVE-2017-12741: Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affect
Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.
cvelistv5nvd
CVE-2017-2681HIGHCVSS 7.1fixed in V4.1.02017-05-11
CVE-2017-2681 [HIGH] CWE-400 CVE-2017-2681: Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected pro
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.
cvelistv5nvd
CVE-2017-2680HIGHCVSS 7.1fixed in V4.1.02017-05-11
CVE-2017-2680 [HIGH] CWE-400 CVE-2017-2680: Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affect
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
cvelistv5nvd