CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2020-15783
https://notcve.org/view.php?id=CVE-2020-15783
12 Nov 2020 — A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service. Se ha identificado una vulnerabilidad en la familia de CPUs SIMATIC S7-300 (incluidas las CPUs ET200 relacionadas y las variantes SIPLUS) (Todas las ver... • https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 28EXPL: 0CVE-2020-15791
https://notcve.org/view.php?id=CVE-2020-15791
09 Sep 2020 — A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials. ... • https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf • CWE-522: Insufficiently Protected Credentials •