Vulnerabilities > Siemens > Simatic S7 1500 Software Controller

DATE CVE VULNERABILITY TITLE RISK
2022-11-08 CVE-2022-30694 Cross-Site Request Forgery (CSRF) vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIMATIC PC Station (All versions >= V2.1), SIMATIC S7-1200 CPU family (incl.
network
low complexity
siemens CWE-352
3.5
3.5
2022-10-11 CVE-2022-38465 Insufficiently Protected Credentials vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
local
low complexity
siemens CWE-522
7.8
7.8
2022-02-09 CVE-2021-37185 Unspecified vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl.
network
siemens
7.1
7.1
2022-02-09 CVE-2021-37204 Unspecified vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
network
siemens
7.1
7.1
2022-02-09 CVE-2021-37205 Memory Leak vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl.
network
siemens CWE-401
7.1
7.1
2021-08-10 CVE-2020-28397 Incorrect Authorization vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl.
network
low complexity
siemens CWE-863
5.0
5.0
2021-05-28 CVE-2020-15782 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
network
low complexity
siemens CWE-119
7.5
7.5
2019-08-13 CVE-2019-10943 Missing Support for Integrity Check vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl.
network
low complexity
siemens CWE-353
5.0
5.0
2019-04-17 CVE-2019-6575 Uncaught Exception vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl.
network
low complexity
siemens CWE-248
7.5
7.5
2019-04-17 CVE-2019-6568 Out-of-bounds Read vulnerability in Siemens products
The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition.
network
low complexity
siemens CWE-125
7.5
7.5