Vulnerabilities > Siemens > Sinamics Sl150 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-28 | CVE-2021-31337 | Missing Authentication for Critical Function vulnerability in Siemens products The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. | 9.8 |
| 2021-06-15 | CVE-2021-27388 | Improper Input Validation vulnerability in Siemens products SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control commands on the SINAMICS Medium Voltage Products, Remote Access (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions). | 9.8 |
| 2021-05-12 | CVE-2021-27383 | Allocation of Resources Without Limits or Throttling vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. | 7.5 |
| 2021-05-12 | CVE-2021-27384 | Access of Memory Location After End of Buffer vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. | 9.8 |
| 2021-05-12 | CVE-2021-27385 | Infinite Loop vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. | 7.5 |
| 2021-05-12 | CVE-2021-27386 | Memory Leak vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. | 7.5 |
| 2021-02-09 | CVE-2020-15798 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. | 9.8 |
| 2019-10-10 | CVE-2019-10936 | Resource Exhaustion vulnerability in Siemens products Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition. | 7.5 |
| 2019-10-10 | CVE-2019-10923 | Resource Exhaustion vulnerability in Siemens products An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation. | 7.5 |
| 2019-04-17 | CVE-2019-6568 | Out-of-bounds Read vulnerability in Siemens products The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. | 7.5 |