NotCVE - vendor:"Siemens" product:"Simatic Net Cp 1242-7"

9 results (0.040 seconds)

CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0

CVE-2022-43768

https://notcve.org/view.php?id=CVE-2022-43768

11 Apr 2023 — A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMAT... • https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0

CVE-2022-43767

https://notcve.org/view.php?id=CVE-2022-43767

CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0

CVE-2022-43716

https://notcve.org/view.php?id=CVE-2022-43716

CVSS: 9.8EPSS: 0%CPEs: 30EXPL: 0

CVE-2022-34820

https://notcve.org/view.php?id=CVE-2022-34820

12 Jul 2022 — A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SI... • https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-116: Improper Encoding or Escaping of Output •

CVSS: 10.0EPSS: 0%CPEs: 30EXPL: 0

CVE-2022-34819

https://notcve.org/view.php?id=CVE-2022-34819

12 Jul 2022 — A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SI... • https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 30EXPL: 0

CVE-2022-34821

https://notcve.org/view.php?id=CVE-2022-34821

12 Jul 2022 — A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2), SCALANCE M804PB (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.2), SCALANCE M874-2 (All versions < V7.... • https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 2%CPEs: 50EXPL: 0

CVE-2021-41991 – Gentoo Linux Security Advisory 202405-08

https://notcve.org/view.php?id=CVE-2021-41991

18 Oct 2021 — The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility. La caché de certificados en memoria en strongSwan versiones anteriores a 5.9.4, presenta un desbordamiento de ente... • https://cert-portal.siemens.com/productcert/pdf/ssa-539476.pdf • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.9EPSS: 13%CPEs: 205EXPL: 1

CVE-2021-3449 – NULL pointer deref in signature_algorithms processing

https://notcve.org/view.php?id=CVE-2021-3449

25 Mar 2021 — An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS c... • https://github.com/riptl/cve-2021-3449 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 1%CPEs: 152EXPL: 0

CVE-2018-5391 – The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets

https://notcve.org/view.php?id=CVE-2018-5391

14 Aug 2018 — The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. El kernel de Linux en versio... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •