Skip to main content

Sinumerik 840D Sl

4 CVEs product

Monthly

CVE-2025-40833 HIGH CISA Act Now

Denial of service in Siemens industrial networking equipment allows remote unauthenticated attackers to crash affected devices via specially crafted IPv4 packets, requiring manual restart for recovery. This vulnerability affects over 200 Siemens industrial automation products including SCALANCE switches/routers, SIMATIC PLCs, SINAMICS drives, and RUGGEDCOM devices. CVSS 4.0 score of 8.7 reflects high availability impact (VA:H) with network-accessible attack vector requiring low complexity and no privileges (AV:N/AC:L/PR:N). No public exploit code or CISA KEV listing identified at time of analysis, though the straightforward network-based attack and widespread product exposure warrant priority patching for operational technology environments where uptime is critical.

Denial Of Service Null Pointer Dereference Ie Pb Link Ha Ie Pb Link Pn Io Ruggedcom Rm1224 Lte 4G Eu +240
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2019-18336 HIGH This Week

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic S7 300 Cpu Firmware Simatic S7 300 Cpu 312 Ifm Firmware Simatic S7 300 Cpu 313 Firmware Simatic S7 300 Cpu 314 Firmware +8
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2019-10936 HIGH This Week

Affected devices improperly handle large amounts of specially crafted UDP packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dk Standard Ethernet Controller Firmware Ek Ertec 200 Firmware Ek Ertec 200P Firmware Simatic Cfu Pa Firmware +62
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2019-10923 HIGH This Week

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cp1604 Firmware Cp1616 Firmware Dk Standard Ethernet Controller Firmware Ek Ertec 200 Firmware +36
NVD
CVSS 3.1
7.5
EPSS
1.4%
EPSS 0% CVSS 8.7
HIGH Act Now

Denial of service in Siemens industrial networking equipment allows remote unauthenticated attackers to crash affected devices via specially crafted IPv4 packets, requiring manual restart for recovery. This vulnerability affects over 200 Siemens industrial automation products including SCALANCE switches/routers, SIMATIC PLCs, SINAMICS drives, and RUGGEDCOM devices. CVSS 4.0 score of 8.7 reflects high availability impact (VA:H) with network-accessible attack vector requiring low complexity and no privileges (AV:N/AC:L/PR:N). No public exploit code or CISA KEV listing identified at time of analysis, though the straightforward network-based attack and widespread product exposure warrant priority patching for operational technology environments where uptime is critical.

Denial Of Service Null Pointer Dereference Ie Pb Link Ha +242
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic S7 300 Cpu Firmware Simatic S7 300 Cpu 312 Ifm Firmware +10
NVD VulDB
EPSS 2% CVSS 7.5
HIGH This Week

Affected devices improperly handle large amounts of specially crafted UDP packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dk Standard Ethernet Controller Firmware Ek Ertec 200 Firmware +64
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cp1604 Firmware Cp1616 Firmware +38
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy