Vulnerabilities > Siemens > Simatic Drive Controller CPU 1504D TF Firmware > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-10	CVE-2022-38773	Unspecified vulnerability in Siemens products Affected devices do not contain an Immutable Root of Trust in Hardware. low complexity siemens	6.8
2022-11-08	CVE-2022-30694	Cross-Site Request Forgery (CSRF) vulnerability in Siemens products The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack. network low complexity siemens CWE-352	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.