CVSS: 8.7EPSS: 1%CPEs: 157EXPL: 0CVE-2020-28400
https://notcve.org/view.php?id=CVE-2020-28400
13 Jul 2021 — Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. Los dispositivos afectados contienen una vulnerabilidad que permite a un atacante no autentificado desencadenar una condición de denegación de servicio. La vulnerabilidad puede activarse si se envía una gran cantidad de paquetes de restablecimiento de DCP al dispositivo Affected devices con... • https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 2%CPEs: 147EXPL: 0CVE-2019-10936
https://notcve.org/view.php?id=CVE-2019-10936
10 Oct 2019 — Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition. Se ha identificado una vulnerabilidad en Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Kits de desarrollo/evaluación para PROFINET IO: EK-ERTEC 200P, SIMATIC CFU PA, SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. variantes SIPLUS), SIMAT... • https://cert-portal.siemens.com/productcert/html/ssa-473245.html • CWE-400: Uncontrolled Resource Consumption •