CVSS: 6.9EPSS: 0%CPEs: 82EXPL: 0CVE-2024-46887
https://notcve.org/view.php?id=CVE-2024-46887
The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load. • https://cert-portal.siemens.com/productcert/html/ssa-054046.html • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 5.1EPSS: 0%CPEs: 141EXPL: 0CVE-2024-46886
https://notcve.org/view.php?id=CVE-2024-46886
The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted link. • https://cert-portal.siemens.com/productcert/html/ssa-876787.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 0%CPEs: 152EXPL: 0CVE-2023-46156
https://notcve.org/view.php?id=CVE-2023-46156
Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations. Los dispositivos afectados manejan incorrectamente paquetes especialmente manipulados enviados al puerto 102/tcp. Esto podría permitir que un atacante cree una condición de denegación de servicio. Es necesario reiniciar para restaurar las operaciones normales. • https://cert-portal.siemens.com/productcert/html/ssa-280603.html https://cert-portal.siemens.com/productcert/html/ssa-592380.html https://cert-portal.siemens.com/productcert/pdf/ssa-280603.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-592380.pdf • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 96EXPL: 0CVE-2021-37205
https://notcve.org/view.php?id=CVE-2021-37205
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. • https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 96EXPL: 0CVE-2021-37204
https://notcve.org/view.php?id=CVE-2021-37204
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1200 CPU family (incl. • https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf • CWE-672: Operation on a Resource after Expiration or Release •