Skip to main content

Simatic S7 1500 Software Controller Firmware

4 CVEs product

Monthly

CVE-2023-46156 HIGH This Week

Affected devices improperly handle specially crafted packets sent to port 102/tcp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Simatic Drive Controller Cpu 1504D Tf Firmware Simatic Drive Controller Cpu 1507D Tf Firmware +71
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-28831 HIGH This Week

The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Simatic Cloud Connect 7 Cc712 Firmware Simatic Cloud Connect 7 Cc716 Firmware Simatic Drive Controller Cpu 1504D Tf Firmware +75
NVD
CVSS 4.0
8.7
EPSS
0.8%
CVE-2020-15796 HIGH This Week

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Simatic Et 200Sp Open Controller Firmware Simatic S7 1500 Software Controller Firmware
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2017-2680 HIGH This Week

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Cp 343 1 Std Firmware Simatic Cp 343 1 Lean Firmware Simatic Cp 343 1 Adv Firmware Simatic Cp 443 1 Std Firmware +89
NVD
CVSS 4.0
7.1
EPSS
2.3%
EPSS 1% CVSS 7.5
HIGH This Week

Affected devices improperly handle specially crafted packets sent to port 102/tcp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption +73
NVD
EPSS 1% CVSS 8.7
HIGH This Week

The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Simatic Cloud Connect 7 Cc712 Firmware +77
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Simatic Et 200Sp Open Controller Firmware Simatic S7 1500 Software Controller Firmware
NVD
EPSS 2% CVSS 7.1
HIGH This Week

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Cp 343 1 Std Firmware Simatic Cp 343 1 Lean Firmware +91
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy