Siemens Simatic S7-1200 Cpu 1215 Fc Firmware vulnerabilities

8 known vulnerabilities affecting siemens/simatic_s7-1200_cpu_1215_fc_firmware.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH6MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2021-44694HIGHCVSS 7.5fixed in 4.6.02022-12-13
CVE-2021-44694 [HIGH] CWE-1287 CVE-2021-44694: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
nvd
CVE-2021-44695HIGHCVSS 7.5fixed in 4.6.02022-12-13
CVE-2021-44695 [HIGH] CWE-1286 CVE-2021-44695: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
nvd
CVE-2021-40365HIGHCVSS 7.5fixed in 4.6.02022-12-13
CVE-2021-40365 [HIGH] CWE-20 CVE-2021-40365: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
nvd
CVE-2021-44693HIGHCVSS 7.5fixed in 4.6.02022-12-13
CVE-2021-44693 [HIGH] CWE-1284 CVE-2021-44693: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
nvd
CVE-2013-2780HIGHCVSS 7.8fixed in 4.02013-04-22
CVE-2013-2780 [HIGH] CVE-2013-2780: Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port).
nvd
CVE-2013-0700HIGHCVSS 7.8fixed in 4.02013-04-22
CVE-2013-0700 [HIGH] CVE-2013-0700: Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port).
nvd
CVE-2012-3040MEDIUMCVSS 4.3≥ 2.0.0, < 3.0.22012-10-10
CVE-2012-3040 [MEDIUM] CWE-79 CVE-2012-3040: Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x throu Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.
nvd
CVE-2012-3037MEDIUMCVSS 4.3≥ 2.0.0, < 3.0.02012-09-25
CVE-2012-3037 [MEDIUM] CWE-295 CVE-2012-3037: The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROL The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.
nvd