Siemens Simatic S7-1200 Cpu 1212Fc Firmware vulnerabilities

11 known vulnerabilities affecting siemens/simatic_s7-1200_cpu_1212fc_firmware.

Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH9MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2021-44694HIGHCVSS 7.5fixed in 4.6.02022-12-13
CVE-2021-44694 [MEDIUM] CWE-1287 CVE-2021-44694: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
nvd
CVE-2021-44695HIGHCVSS 7.5fixed in 4.6.02022-12-13
CVE-2021-44695 [MEDIUM] CWE-1286 CVE-2021-44695: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
nvd
CVE-2021-40365HIGHCVSS 7.5fixed in 4.6.02022-12-13
CVE-2021-40365 [HIGH] CWE-20 CVE-2021-40365: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
nvd
CVE-2021-44693HIGHCVSS 7.5fixed in 4.6.02022-12-13
CVE-2021-44693 [MEDIUM] CWE-1284 CVE-2021-44693: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
nvd
CVE-2021-37205HIGHCVSS 7.5≥ 4.5.0, < 4.5.22022-02-09
CVE-2021-37205 [HIGH] CWE-401 CVE-2021-37205: A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2. A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets ov
nvd
CVE-2021-37204HIGHCVSS 7.5≥ 4.5.0, < 4.5.22022-02-09
CVE-2021-37204 [HIGH] CWE-672 CVE-2021-37204: A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMA A vulnerability has been identified in SIMATIC Drive Controller family (All versions = V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over
nvd
CVE-2021-37185HIGHCVSS 7.5≥ 4.5.0, < 4.5.22022-02-09
CVE-2021-37185 [HIGH] CWE-672 CVE-2021-37185: A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2. A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets ov
nvd
CVE-2013-2780HIGHCVSS 7.8fixed in 4.02013-04-22
CVE-2013-2780 [HIGH] CVE-2013-2780: Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port).
nvd
CVE-2013-0700HIGHCVSS 7.8fixed in 4.02013-04-22
CVE-2013-0700 [HIGH] CVE-2013-0700: Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port).
nvd
CVE-2012-3040MEDIUMCVSS 4.3≥ 2.0.0, < 3.0.22012-10-10
CVE-2012-3040 [MEDIUM] CWE-79 CVE-2012-3040: Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x throu Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.
nvd
CVE-2012-3037MEDIUMCVSS 4.3≥ 2.0.0, < 3.0.02012-09-25
CVE-2012-3037 [MEDIUM] CWE-295 CVE-2012-3037: The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROL The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.
nvd
Siemens Simatic S7-1200 Cpu 1212Fc Firmware vulnerabilities | cvebase