Siemens Sinamics S120 Firmware vulnerabilities
7 known vulnerabilities affecting siemens/sinamics_s120_firmware.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH7
Vulnerabilities
Page 1 of 1
CVE-2022-47375HIGHCVSS 7.5v4.7v4.8+4 more2023-12-12
CVE-2022-47375 [HIGH] CWE-805 CVE-2022-47375: A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 41
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPL
nvd
CVE-2022-47374HIGHCVSS 7.5v4.7v4.8+4 more2023-12-12
CVE-2022-47374 [HIGH] CWE-674 CVE-2022-47374: A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 41
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPL
nvd
CVE-2019-10936HIGHCVSS 7.5fixed in 5.2v5.22019-10-10
CVE-2019-10936 [HIGH] CWE-400 CVE-2019-10936: Affected devices improperly handle large amounts of specially crafted UDP packets.
This could all
Affected devices improperly handle large amounts of specially crafted UDP packets.
This could allow an unauthenticated remote attacker to trigger a denial of service condition.
nvd
CVE-2019-10923HIGHCVSS 7.5fixed in 4.7v4.72019-10-10
CVE-2019-10923 [HIGH] CWE-400 CVE-2019-10923: An attacker with network access to an affected product may cause a denial of service condition by br
An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.
nvd
CVE-2019-6568HIGHCVSS 7.5fixed in 5.22019-04-17
CVE-2019-6568 [HIGH] CWE-125 CVE-2019-6568: The webserver of the affected devices contains a vulnerability that may lead to
a denial of service
The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploita
nvd
CVE-2017-2681HIGHCVSS 7.1fixed in 4.7v4.72017-05-11
CVE-2017-2681 [HIGH] CWE-400 CVE-2017-2681: Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected pro
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.
nvd
CVE-2017-2680HIGHCVSS 7.1fixed in 4.7v4.72017-05-11
CVE-2017-2680 [HIGH] CWE-400 CVE-2017-2680: Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affect
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
nvd