Page 5 of 24 results (0.039 seconds)

CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0

A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). • https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0

A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). • https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial of service (defect-mode transition) via crafted (1) ISO-TSAP or (2) Profibus packets. CPU de dispositivos Siemens SIMATIC S7-300 con Profinet habilitada con firmware en versiones anteriores a 3.3.12 y CPU de dispositivos SIMATIC S7-300 con Profinet inhabilitada con firmware en versiones anteriores a 3.3.12 permiten atacantes remotos provocar una denegación de servicio (transición a modo por defecto) a través de paquetes (1) ISO-TSAP o (2) Profibus manipulados. • http://www.securitytracker.com/id/1036089 http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-818183.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-818183.pdf https://ics-cert.us-cert.gov/advisories/ICSA-16-161-01 • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 26%CPEs: 2EXPL: 1

Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus. Los dispositivos Siemens SIMATIC S7-300 CPU permiten a atacantes remotos causar una denegación de servicio (transición a modo de defecto) a través de paquetes manipulados en (1) puerto TCP 102 o (2) Profibus. Siemens SIMATIC S7-300 CPU suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/44802 http://www.securityfocus.com/bid/72973 http://www.securitytracker.com/id/1032040 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-987029.pdf https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04 • CWE-20: Improper Input Validation •