Vulnerabilities > Siemens > Simatic S7 1200 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-13 | CVE-2020-28400 | Allocation of Resources Without Limits or Throttling vulnerability in Siemens products Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. | 5.0 |
| 2019-12-12 | CVE-2019-13945 | Unspecified vulnerability in Siemens products A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. | 4.6 |
| 2018-12-13 | CVE-2018-13815 | Resource Exhaustion vulnerability in Siemens Simatic S7-1200 Firmware and Simatic S7-1500 Firmware A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). | 5.0 |
| 2017-12-26 | CVE-2017-12741 | Resource Exhaustion vulnerability in Siemens products A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SIMATIC Compact Field Unit, SIMATIC ET200AL, SIMATIC ET200M (incl. | 7.8 |
| 2017-05-11 | CVE-2017-2681 | Resource Exhaustion vulnerability in Siemens products Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. | 6.1 |
| 2017-05-11 | CVE-2017-2680 | Resource Exhaustion vulnerability in Siemens products Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). | 6.1 |
| 2013-04-22 | CVE-2013-2780 | Unspecified vulnerability in Siemens products Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port). | 7.8 |
| 2013-04-22 | CVE-2013-0700 | Unspecified vulnerability in Siemens products Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port). | 7.8 |
| 2012-10-10 | CVE-2012-3040 | Cross-site Scripting vulnerability in Siemens products Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. | 4.3 |
| 2012-09-25 | CVE-2012-3037 | Improper Certificate Validation vulnerability in Siemens products The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate. | 4.3 |