Vulnerabilities > Siemens > Simatic S7 1500 CPU Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-12 | CVE-2022-25622 | Resource Exhaustion vulnerability in Siemens products A vulnerability has been identified in SIMATIC CFU DIQ, SIMATIC CFU PA, SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET200AL IM157-1 PN, SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L, SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L, SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L, SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L, SIMATIC ET200ecoPN, DI 16x24VDC, M12-L, SIMATIC ET200ecoPN, DI 8x24VDC, M12-L, SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L, SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L, SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L, SIMATIC ET200MP IM155-5 PN HF (incl. | 7.5 |
2019-10-10 | CVE-2019-10936 | Resource Exhaustion vulnerability in Siemens products A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SIMATIC CFU PA, SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. | 7.5 |
2016-02-08 | CVE-2016-2201 | Improper Input Validation vulnerability in Siemens Simatic S7-1500 CPU Firmware 1.8.2 Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to bypass a replay protection mechanism via packets on TCP port 102. | 5.0 |
2016-02-08 | CVE-2016-2200 | Improper Input Validation vulnerability in Siemens Simatic S7-1500 CPU Firmware 1.5.1/1.6/1.8.2 Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to cause a denial of service (STOP mode transition) via crafted packets on TCP port 102. | 7.8 |
2014-08-17 | CVE-2014-5074 | Denial of Service vulnerability in Siemens SIMATIC S7-1500 Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow remote attackers to cause a denial of service (device restart and STOP transition) via crafted TCP packets. network siemens | 7.1 |
2014-03-16 | CVE-2014-2259 | Denial of Service vulnerability in Siemens SIMATIC S7-1500 Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets. | 7.8 |
2014-03-16 | CVE-2014-2257 | Denial of Service vulnerability in Siemens SIMATIC S7-1500 Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted ISO-TSAP packets. | 7.8 |
2014-03-16 | CVE-2014-2255 | Denial of Service vulnerability in Siemens SIMATIC S7-1500 Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets. | 7.8 |
2014-03-16 | CVE-2014-2253 | Denial of Service vulnerability in Siemens SIMATIC S7-1500 Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted Profinet packets. low complexity siemens | 6.1 |
2014-03-16 | CVE-2014-2251 | Insufficient Entropy vulnerability in Siemens SIMATIC S7-1500 The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors. network siemens | 8.3 |