Siemens Simatic Et 200Sp Open Controller Cpu 1515Sp Pc vulnerabilities

9 known vulnerabilities affecting siemens/simatic_et_200sp_open_controller_cpu_1515sp_pc.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH6MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-40943CRITICALCVSS 9.4fixed in *2026-03-10
CVE-2025-40943 [CRITICAL] CWE-95 CVE-2025-40943: Affected devices do not properly sanitize contents of trace files. This could allow an attacker t Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file. The malicious trace file is insufficiently sanitized and malicious code could be executed in the clie
cvelistv5nvd
CVE-2022-38465HIGHCVSS 7.8vAll versions2022-10-11
CVE-2022-38465 [HIGH] CWE-522 CVE-2022-38465: A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMA A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0)
cvelistv5nvd
CVE-2021-37204HIGHCVSS 7.5vAll versions2022-02-09
CVE-2021-37204 [HIGH] CWE-672 CVE-2021-37204: A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMA A vulnerability has been identified in SIMATIC Drive Controller family (All versions = V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over
cvelistv5nvd
CVE-2020-15782CRITICALCVSS 9.8vAll versions2021-05-28
CVE-2020-15782 [CRITICAL] CWE-119 CVE-2020-15782: A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMA A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.
cvelistv5nvd
CVE-2019-19300HIGHCVSS 7.5fixed in V2.02020-04-14
CVE-2019-19300 [HIGH] CWE-400 CVE-2019-19300: A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, De A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200eco PN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET 20
cvelistv5nvd
CVE-2019-10936HIGHCVSS 7.5fixed in V2.02019-10-10
CVE-2019-10936 [HIGH] CWE-400 CVE-2019-10936: Affected devices improperly handle large amounts of specially crafted UDP packets. This could all Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.
cvelistv5nvd
CVE-2019-10943HIGHCVSS 7.5vAll versions2019-08-13
CVE-2019-10943 [HIGH] CWE-353 CVE-2019-10943: A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 20 A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions = V20.8), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions = V4.4.0), SIMATIC
cvelistv5nvd
CVE-2019-10929MEDIUMCVSS 5.9vAll versions2019-08-13
CVE-2019-10929 [MEDIUM] CWE-327 CVE-2019-10929: A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Control A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versio
cvelistv5nvd
CVE-2019-6568HIGHCVSS 7.5vAll versions < V2.1.62019-04-17
CVE-2019-6568 [HIGH] CWE-125 CVE-2019-6568: The webserver of the affected devices contains a vulnerability that may lead to a denial of service The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploita
cvelistv5nvd