CVSS: 7.1EPSS: 0%CPEs: 209EXPL: 0CVE-2017-2680
https://notcve.org/view.php?id=CVE-2017-2680
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. Los paquetes de difusión PROFINET DCP especialmente elaborados podrían causar una condición de denegación de servicio de los productos afectados en un segmento Ethernet local (capa 2). Se requiere la interacción humana para recuperar los sistemas. • http://www.securityfocus.com/bid/98369 http://www.securitytracker.com/id/1038463 https://cert-portal.siemens.com/productcert/html/ssa-284673.html https://cert-portal.siemens.com/productcert/html/ssa-293562.html https://cert-portal.siemens.com/productcert/html/ssa-546832.html https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf https://ics-cert.us- • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2016-8673
https://notcve.org/view.php?id=CVE-2016-8673
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). • https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-8672
https://notcve.org/view.php?id=CVE-2016-8672
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). • https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.7EPSS: 0%CPEs: 13EXPL: 0CVE-2015-8214
https://notcve.org/view.php?id=CVE-2015-8214
A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions < V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. • http://www.securityfocus.com/bid/78345 http://www.securitytracker.com/id/1034279 http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-763427.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf • CWE-264: Permissions, Privileges, and Access Controls •