Page 4 of 18 results (0.003 seconds)

CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0

A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). • https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0

A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). • https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 26%CPEs: 2EXPL: 1

Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus. Los dispositivos Siemens SIMATIC S7-300 CPU permiten a atacantes remotos causar una denegación de servicio (transición a modo de defecto) a través de paquetes manipulados en (1) puerto TCP 102 o (2) Profibus. Siemens SIMATIC S7-300 CPU suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/44802 http://www.securityfocus.com/bid/72973 http://www.securitytracker.com/id/1032040 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-987029.pdf https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04 • CWE-20: Improper Input Validation •