Vulnerabilities > Siemens > Simatic CP 343 1 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-14 CVE-2021-33737 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 343-1 (incl.
network
low complexity
siemens CWE-119
7.5
2020-02-11 CVE-2019-13946 Resource Exhaustion vulnerability in Siemens products
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device.
network
low complexity
siemens CWE-400
7.5
2016-11-23 CVE-2016-8673 Cross-Site Request Forgery (CSRF) vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl.
network
low complexity
siemens CWE-352
8.8