Vulnerabilities > Siemens > Simatic CP 343 1 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-14 | CVE-2021-33737 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Siemens products A vulnerability has been identified in SIMATIC CP 343-1 (incl. | 7.8 |
| 2020-02-11 | CVE-2019-13946 | Resource Exhaustion vulnerability in Siemens products Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. | 7.8 |
| 2018-03-20 | CVE-2018-4843 | Improper Input Validation vulnerability in Siemens products A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. | 6.5 |
| 2016-11-23 | CVE-2016-8673 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens products A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. | 6.8 |
| 2016-11-23 | CVE-2016-8672 | Information Exposure vulnerability in Siemens products A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. | 5.0 |
| 2015-11-27 | CVE-2015-8214 | Permissions, Privileges, and Access Controls vulnerability in Siemens products Siemens SIMATIC CP 343-1 Advanced devices before 3.0.44, CP 343-1 Lean devices, CP 343-1 devices, TIM 3V-IE devices, TIM 3V-IE Advanced devices, TIM 3V-IE DNP3 devices, TIM 4R-IE devices, TIM 4R-IE DNP3 devices, CP 443-1 devices, and CP 443-1 Advanced devices might allow remote attackers to obtain administrative access via a session on TCP port 102. | 9.7 |