Vulnerabilities > Siemens > En100 Ethernet Module With Firmware Variant Dnp3 TCP > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-12 CVE-2019-13944 Path Traversal vulnerability in Siemens products
A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions).
network
low complexity
siemens CWE-22
5.3
2019-12-12 CVE-2019-13943 Cross-site Scripting vulnerability in Siemens products
A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions).
network
low complexity
siemens CWE-79
6.1
2019-03-21 CVE-2018-16563 Unspecified vulnerability in Siemens products
A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.35), Firmware variant MODBUS TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions), Firmware variant Profinet IO for EN100 Ethernet module (All versions), SIPROTEC 5 relays with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.82), SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.58).
network
high complexity
siemens
5.9