Vulnerabilities > Siemens > Simatic S7 Plcsim Advanced Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-12	CVE-2023-46156	Use After Free vulnerability in Siemens products Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. network low complexity siemens CWE-416	7.5
2023-09-12	CVE-2023-28831	Integer Overflow or Wraparound vulnerability in Siemens products The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. network low complexity siemens CWE-190	7.5
2022-12-13	CVE-2021-40365	Improper Input Validation vulnerability in Siemens products Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. network low complexity siemens CWE-20	7.5
2022-10-11	CVE-2022-38465	Insufficiently Protected Credentials vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. local low complexity siemens CWE-522	7.8
2022-02-09	CVE-2021-37185	Operation on a Resource after Expiration or Release vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. network low complexity siemens CWE-672	7.5
2022-02-09	CVE-2021-37204	Operation on a Resource after Expiration or Release vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. network low complexity siemens CWE-672	7.5
2022-02-09	CVE-2021-37205	Memory Leak vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. network low complexity siemens CWE-401	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.