Vulnerabilities > Siemens > Simatic CFU PA Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-04-12 CVE-2022-25622 Resource Exhaustion vulnerability in Siemens products
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.
network
low complexity
siemens CWE-400
7.5
2021-07-13 CVE-2020-28400 Allocation of Resources Without Limits or Throttling vulnerability in Siemens products
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition.
network
low complexity
siemens CWE-770
7.5
2019-10-10 CVE-2019-10936 Resource Exhaustion vulnerability in Siemens products
Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.
network
low complexity
siemens CWE-400
7.5