Siemens Simatic Et 200Sp Cpu 1510Sp F-1 Pn vulnerabilities

CVE-2025-40943 [CRITICAL] CWE-95 CVE-2025-40943: Affected devices do not properly sanitize contents of trace files. This could allow an attacker t Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file. The malicious trace file is insufficiently sanitized and malicious code could be executed in the clie

CVE-2025-40820 [HIGH] CWE-940 CVE-2025-40820: Affected products do not properly enforce TCP sequence number validation in specific scenarios but a Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addres

CVE-2024-23814 [MEDIUM] CWE-400 CVE-2024-23814: The integrated ICMP service of the network stack of affected devices can be forced to exhaust its a The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication service

CVE-2023-37482 [MEDIUM] CWE-203 CVE-2023-37482: The login functionality of the web server in affected devices does not normalize the response times The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames.

CVE-2024-46886 [MEDIUM] CWE-601 CVE-2024-46886: The web server of affected devices does not properly validate input that is used for a user redirect The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.

CVE-2024-46887 [MEDIUM] CWE-288 CVE-2024-46887: The web server of affected devices do not properly authenticate user request to the '/ClientArea/Run The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load.

CVE-2023-28831 [HIGH] CWE-190 CVE-2023-28831: The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnera The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.