CVE-2016-8673
https://notcve.org/view.php?id=CVE-2016-8673
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). • https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2016-8672
https://notcve.org/view.php?id=CVE-2016-8672
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). • https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-2177 – Siemens SIMATIC S7-300 CPU - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2015-2177
Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus. Los dispositivos Siemens SIMATIC S7-300 CPU permiten a atacantes remotos causar una denegación de servicio (transición a modo de defecto) a través de paquetes manipulados en (1) puerto TCP 102 o (2) Profibus. Siemens SIMATIC S7-300 CPU suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/44802 http://www.securityfocus.com/bid/72973 http://www.securitytracker.com/id/1032040 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-987029.pdf https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04 • CWE-20: Improper Input Validation •