Vulnerabilities > Siemens > Simatic S7 1500 CPU 1518 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2021-40365 Improper Input Validation vulnerability in Siemens products
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
network
low complexity
siemens CWE-20
7.5
2022-12-13 CVE-2021-44693 Improper Validation of Specified Quantity in Input vulnerability in Siemens products
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
network
low complexity
siemens CWE-1284
4.9
2022-12-13 CVE-2021-44694 Improper Validation of Specified Type of Input vulnerability in Siemens products
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
network
low complexity
siemens CWE-1287
5.5
2022-12-13 CVE-2021-44695 Improper Validation of Syntactic Correctness of Input vulnerability in Siemens products
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.
network
low complexity
siemens CWE-1286
4.9
2022-11-08 CVE-2022-30694 Cross-Site Request Forgery (CSRF) vulnerability in Siemens products
The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
network
low complexity
siemens CWE-352
6.5
2019-10-10 CVE-2019-10936 Resource Exhaustion vulnerability in Siemens products
Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.
network
low complexity
siemens CWE-400
7.5
2019-08-13 CVE-2019-10943 Missing Support for Integrity Check vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
network
low complexity
siemens CWE-353
7.5
2019-08-13 CVE-2019-10929 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
network
high complexity
siemens CWE-327
5.9