CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

siemens

simatic_s7-1200_cpu_firmware

3 known vulnerabilities · sorted by CVSS score

CVE-2021-37172

HIGH7.5

A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device.

siemens / simatic_s7-1200_cpu_firmware+1

Network

Published Aug 10, 2021

CVE-2023-28831

HIGH7.5

The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.

siemens / simatic_cloud_connect_7_cc712_firmware+78

Network

Published Sep 12, 2023

CVE-2019-10936

HIGH7.5

Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.

siemens / dk_standard_ethernet_controller_firmware+82

Network

Published Oct 10, 2019