Vulnerabilities > Siemens > Simatic Drive Controller CPU 1504D TF Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-46156 | Use After Free vulnerability in Siemens products Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. | 7.5 |
| 2023-09-12 | CVE-2023-28831 | Integer Overflow or Wraparound vulnerability in Siemens products The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. | 7.5 |
| 2023-01-10 | CVE-2022-38773 | Unspecified vulnerability in Siemens products Affected devices do not contain an Immutable Root of Trust in Hardware. low complexity siemens | 6.8 |
| 2022-11-08 | CVE-2022-30694 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens products The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack. | 6.5 |
| 2022-10-11 | CVE-2022-38465 | Insufficiently Protected Credentials vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. | 7.8 |
| 2022-02-09 | CVE-2021-37185 | Operation on a Resource after Expiration or Release vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. | 7.5 |
| 2022-02-09 | CVE-2021-37204 | Operation on a Resource after Expiration or Release vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. | 7.5 |
| 2022-02-09 | CVE-2021-37205 | Memory Leak vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. | 7.5 |