Siemens Simatic S7-1500 Cpu 1510Sp F-1 Pn vulnerabilities

7 known vulnerabilities affecting siemens/simatic_s7-1500_cpu_1510sp_f-1_pn.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH5MEDIUM1LOW1

Vulnerabilities

Page 1 of 1
CVE-2023-46156HIGHCVSS 7.5fixed in *fixed in V3.1.02023-12-12
CVE-2023-46156 [HIGH] CWE-416 CVE-2023-46156: Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations.
cvelistv5nvd
CVE-2022-38773MEDIUMCVSS 6.8fixed in *2023-01-10
CVE-2022-38773 [MEDIUM] CWE-1326 CVE-2022-38773: Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of t Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code.
cvelistv5nvd
CVE-2021-44694HIGHCVSS 7.5vAll versions < V2.9.72022-12-13
CVE-2021-44694 [HIGH] CWE-1287 CVE-2021-44694: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
cvelistv5nvd
CVE-2021-44695HIGHCVSS 7.5vAll versions < V2.9.72022-12-13
CVE-2021-44695 [HIGH] CWE-1286 CVE-2021-44695: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
cvelistv5nvd
CVE-2021-44693HIGHCVSS 7.5vAll versions < V2.9.72022-12-13
CVE-2021-44693 [HIGH] CWE-1284 CVE-2021-44693: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
cvelistv5nvd
CVE-2021-40365HIGHCVSS 7.5vAll versions < V2.9.72022-12-13
CVE-2021-40365 [HIGH] CWE-20 CVE-2021-40365: Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
cvelistv5nvd
CVE-2022-30694LOWCVSS 3.5vAll versionsvAll versions < V2.9.72022-11-08
CVE-2022-30694 [LOW] CWE-352 CVE-2022-30694: The login endpoint /FormLogin in affected web services does not apply proper origin checking. Thi The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
cvelistv5nvd