Siemens Simatic S7-400 Firmware vulnerabilities
5 known vulnerabilities affecting siemens/simatic_s7-400_firmware.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH5
Vulnerabilities
Page 1 of 1
CVE-2018-16557HIGHCVSS 7.5≤ v6.02018-12-13
CVE-2018-16557 [HIGH] CWE-347 CVE-2018-16557: A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-4
A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC
nvd
CVE-2018-16556HIGHCVSS 7.5≤ v6.02018-12-13
CVE-2018-16556 [HIGH] CWE-20 CVE-2018-16556: A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-4
A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC
nvd
CVE-2018-4850HIGHCVSS 7.5≤ 4.0fixed in 5.22018-05-16
CVE-2018-4850 [HIGH] CWE-20 CVE-2018-4850: A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (
A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions < V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of
nvd
CVE-2017-2681HIGHCVSS 7.1fixed in 6.0.62017-05-11
CVE-2017-2681 [HIGH] CWE-400 CVE-2017-2681: Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected pro
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.
nvd
CVE-2017-2680HIGHCVSS 7.1fixed in 6.0.62017-05-11
CVE-2017-2680 [HIGH] CWE-400 CVE-2017-2680: Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affect
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
nvd