Siemens Simatic S7-1200 Cpu 1217C Firmware vulnerabilities

CVE-2021-44694 [MEDIUM] CWE-1287 CVE-2021-44694: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

CVE-2021-44695 [MEDIUM] CWE-1286 CVE-2021-44695: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

CVE-2021-40365 [HIGH] CWE-20 CVE-2021-40365: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

CVE-2021-44693 [MEDIUM] CWE-1284 CVE-2021-44693: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

CVE-2021-37205 [HIGH] CWE-401 CVE-2021-37205: A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2. A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets ov

CVE-2021-37204 [HIGH] CWE-672 CVE-2021-37204: A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMA A vulnerability has been identified in SIMATIC Drive Controller family (All versions = V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over

CVE-2021-37185 [HIGH] CWE-672 CVE-2021-37185: A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2. A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 = V21.9 = V4.5.0 = V2.9.2 = V21.9 = V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets ov

CVE-2019-10943 [HIGH] CWE-353 CVE-2019-10943: A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 20 A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions = V20.8), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions = V4.4.0), SIMATIC

CVE-2019-10929 [MEDIUM] CWE-327 CVE-2019-10929: A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Control A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versio

CVE-2013-2780 [HIGH] CVE-2013-2780: Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port).

CVE-2013-0700 [HIGH] CVE-2013-0700: Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port).

CVE-2012-3040 [MEDIUM] CWE-79 CVE-2012-3040: Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x throu Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

CVE-2012-3037 [MEDIUM] CWE-295 CVE-2012-3037: The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROL The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.