CVSS: 6.5EPSS: 0%CPEs: 28EXPL: 0CVE-2020-15791
https://notcve.org/view.php?id=CVE-2020-15791
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials. Se ha identificado una vulnerabilidad en la familia de SIMATIC S7-300 CPU (incluyendo las CPU ET200 relacionadas y las variantes SIPLUS) (Todas las versiones), familia SIMATIC S7-400 CPU (incluyendo las variantes SIPLUS) (Todas las versiones), SIMATIC WinAC RTX (F) 2010 (Todas las versiones), SINUMERIK 840D sl (Todas las versiones). • https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.9EPSS: 0%CPEs: 21EXPL: 0CVE-2016-9159
https://notcve.org/view.php?id=CVE-2016-9159
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 V6 and earlier CPU family (All versions), SIMATIC S7-400 V7 CPU family (All versions), SIMATIC S7-410 V8 CPU family (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions). An attacker with network access to port 102/tcp (ISO-TSAP) or via Profibus could obtain credentials from the PLC if protection-level 2 is configured on the affected devices. • http://www.securityfocus.com/bid/94820 http://www.securitytracker.com/id/1037434 https://cert-portal.siemens.com/productcert/pdf/ssa-731239.pdf https://ics-cert.us-cert.gov/advisories/ICSA-16-348-05 https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-731239.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2016-9158
https://notcve.org/view.php?id=CVE-2016-9158
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 V6 and earlier CPU family (All versions), SIMATIC S7-400 V7 CPU family (All versions). Specially crafted packets sent to port 80/tcp could cause the affected devices to go into defect mode. A cold restart is required to recover the system. • http://www.securityfocus.com/bid/94820 http://www.securitytracker.com/id/1037434 https://cert-portal.siemens.com/productcert/pdf/ssa-731239.pdf https://ics-cert.us-cert.gov/advisories/ICSA-16-348-05 https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-731239.pdf • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2012-3016
https://notcve.org/view.php?id=CVE-2012-3016
Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 6.0.3 allow remote attackers to cause a denial of service (defect-mode transition and service outage) via crafted ICMP packets. Dispositivos Siemens SIMATIC S7-400 PN CPU con el firmware v6 anterior a v6.0.3 permite a atacantes remotos causar una denegación de servicio (interrupción del servicio) a través de paquetes ICMP especialmente diseñados. • http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-589272.pdf http://www.us-cert.gov/control_systems/pdf/ICSA-12-212-02.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-589272.pdf •