Vulnerabilities > Siemens > Simatic S7 Plcsim Advanced
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-08 | CVE-2022-30694 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens products The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack. | 6.5 |
| 2021-05-28 | CVE-2020-15782 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. | 9.8 |
| 2019-08-13 | CVE-2019-10943 | Missing Support for Integrity Check vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. | 7.5 |
| 2019-08-13 | CVE-2019-10929 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Siemens products A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. | 5.9 |
| 2019-04-17 | CVE-2019-6568 | Out-of-bounds Read vulnerability in Siemens products The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. | 7.5 |