Vulnerabilities > Siemens > Simatic S7 1200 CPU 1214C Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2021-44693 Improper Validation of Specified Quantity in Input vulnerability in Siemens products
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
network
low complexity
siemens CWE-1284
4.9
2022-12-13 CVE-2021-44694 Improper Validation of Specified Type of Input vulnerability in Siemens products
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
network
low complexity
siemens CWE-1287
5.5
2022-12-13 CVE-2021-44695 Improper Validation of Syntactic Correctness of Input vulnerability in Siemens products
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
network
low complexity
siemens CWE-1286
4.9
2021-03-25 CVE-2021-3449 NULL Pointer Dereference vulnerability in multiple products
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client.
5.9
2019-08-13 CVE-2019-10943 Missing Support for Integrity Check vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
network
low complexity
siemens CWE-353
5.0
2019-08-13 CVE-2019-10929 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
network
siemens CWE-327
4.3
2012-10-10 CVE-2012-3040 Cross-site Scripting vulnerability in Siemens products
Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.
network
siemens CWE-79
4.3
2012-09-25 CVE-2012-3037 Improper Certificate Validation vulnerability in Siemens products
The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.
network
siemens CWE-295
4.3