Skip to main content

Simatic S7 1500 Firmware

10 CVEs product

Monthly

CVE-2020-8744 HIGH PATCH This Week

Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Converged Security And Management Engine Server Platform Services Trusted Execution Engine +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-6575 HIGH This Week

A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Cp443 1 Opc Ua Firmware Simatic Et 200 Open Controller Cpu 1515Sp Pc2 Firmware Simatic Ipc Diagmonitor Firmware Simatic Net Pc Software Firmware +23
NVD VulDB
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-6568 HIGH This Week

The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure Cp1604 Firmware Cp1616 Firmware +51
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2018-13815 HIGH This Week

A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Simatic S7 1200 Firmware Simatic S7 1500 Firmware
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2018-13805 HIGH This Week

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Et 200Sp Firmware Simatic S7 1500 Firmware Simatic S7 1500F Firmware
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2018-3639 MEDIUM POC PATCH THREAT This Month

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 46.0%.

Authentication Bypass Atom C Atom E Atom X5 E3930 Atom X5 E3940 +278
NVD Exploit-DB VulDB
CVSS 3.1
5.5
EPSS
46.0%
Threat
4.0
CVE-2018-4843 MEDIUM This Month

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Simatic Cp 343 1 Firmware Simatic Cp 443 1 Firmware Simatic S7 1500 Firmware +8
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2017-12741 HIGH This Week

Specially crafted packets sent to port 161/udp could cause a denial of service condition. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic S7 200 Firmware Simatic S7 400Pn V6 Firmware Simatic S7 400H V6 Firmware Simatic S7 400Pn Dp V7 Firmware +34
NVD
CVSS 4.0
8.7
EPSS
5.3%
CVE-2017-2681 HIGH This Week

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Cp 343 1 Std Firmware Simatic Cp 343 1 Lean Firmware Simatic Cp 343 1 Adv Firmware Simatic Cp 443 1 Std Firmware +75
NVD
CVSS 4.0
7.1
EPSS
0.4%
CVE-2017-2680 HIGH This Week

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Cp 343 1 Std Firmware Simatic Cp 343 1 Lean Firmware Simatic Cp 343 1 Adv Firmware Simatic Cp 443 1 Std Firmware +89
NVD
CVSS 4.0
7.1
EPSS
2.3%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Converged Security And Management Engine +5
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Cp443 1 Opc Ua Firmware Simatic Et 200 Open Controller Cpu 1515Sp Pc2 Firmware +25
NVD VulDB
EPSS 1% CVSS 7.5
HIGH This Week

The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure +53
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Simatic S7 1200 Firmware Simatic S7 1500 Firmware
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Et 200Sp Firmware Simatic S7 1500 Firmware +1
NVD
EPSS 46% 4.0 CVSS 5.5
MEDIUM POC PATCH THREAT This Month

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 46.0%.

Authentication Bypass Atom C Atom E +280
NVD Exploit-DB VulDB
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Simatic Cp 343 1 Firmware +10
NVD
EPSS 5% CVSS 8.7
HIGH This Week

Specially crafted packets sent to port 161/udp could cause a denial of service condition. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic S7 200 Firmware Simatic S7 400Pn V6 Firmware +36
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Cp 343 1 Std Firmware Simatic Cp 343 1 Lean Firmware +77
NVD
EPSS 2% CVSS 7.1
HIGH This Week

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Cp 343 1 Std Firmware Simatic Cp 343 1 Lean Firmware +91
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy