18 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service. Se ha identificado una vulnerabilidad en la familia de CPUs SIMATIC S7-300 (incluidas las CPUs ET200 relacionadas y las variantes SIPLUS) (Todas las versiones), SIMATIC TDC CPU555 (Todas las versiones), SINUMERIK 840D sl (Todas las versiones). El envío de múltiples paquetes especialmente diseñados a los dispositivos afectados podría causar una denegación de servicio en el puerto 102. • https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.8EPSS: 0%CPEs: 49EXPL: 0

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Una administración de flujo de control insuficiente en el subsistema para Intel® CSME versiones anteriores a 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 y 14.5.25, Intel® TXE versiones anteriores a 3.1.80 y 4.0.30, pueden habilitar a un usuario no autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso físico • https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf https://security.netapp.com/advisory/ntap-20201113-0002 https://security.netapp.com/advisory/ntap-20201113-0005 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391 •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. • https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: 98EXPL: 0

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SCALANCE X-200IRT switch family (incl. SIPLUS NET variants), SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200pro, SIMATIC ET200S (incl. SIPLUS variants), SIMATIC NET CP 1604, SIMATIC NET CP 1616, SIMATIC PN/PN Coupler (incl. SIPLUS NET variants), SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-400 CPU 412-2 PN V7, SIMATIC S7-400 PN/DP V6 and below CPU family (incl. • https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf https://cert-portal.siemens.com/productcert/html/ssa-349422.html • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: 147EXPL: 0

Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition. Se ha identificado una vulnerabilidad en Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Kits de desarrollo/evaluación para PROFINET IO: EK-ERTEC 200P, SIMATIC CFU PA, SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. variantes SIPLUS), SIMATIC ET200AL, SIMATIC ET200M (incl. variantes SIPLUS), SIMATIC ET200MP IM155-5 PN BA (incl. variantes SIPLUS), SIMATIC ET200MP IM155-5 PN HF (incl. variantes SIPLUS), SIMATIC ET200MP IM155-5 PN ST (incl. variantes SIPLUS) SIPLUS), SIMATIC ET200S (incl. variantes SIPLUS), SIMATIC ET200SP IM155-6 PN BA (incl. variantes SIPLUS), SIMATIC ET200SP IM155-6 PN HA (incl. variantes SIPLUS), SIMATIC ET200SP IM155-6 PN HF (incl. variantes SIPLUS), SIMATIC ET200SP IM155-6 PN HS (incl. variantes SIPLUS), SIMATIC ET200SP IM155-6 PN ST (incl. variantes SIPLUS). SIPLUS), SIMATIC ET200SP IM155-6 PN/2 HF (incl. variantes SIPLUS), SIMATIC ET200SP IM155-6 PN/3 HF (incl. variantes SIPLUS) variantes SIPLUS), SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200pro, paneles exteriores SIMATIC HMI Comfort de 7" y 15" (incl. variantes SIPLUS), paneles SIMATIC HMI Comfort de 4" a 22" (incl. variantes SIPLUS), paneles móviles SIMATIC HMI KTP, acoplador SIMATIC PN/PN (incl. variantes SIPLUS NET), driver SIMATIC PROFINET, familia de CPUs SIMATIC S7-1200 (incl. variantes SIPLUS), familia de CPUs SIMATIC S7-1500 (incl. variantes SIPLUS). CPUs ET200 y variantes SIPLUS), SIMATIC S7-1500 Software Controller, familia de CPUs SIMATIC S7-300 (incl. CPUs ET200 y variantes SIPLUS), familia de CPUs SIMATIC S7-400 H V6 (incl. variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V6 e inferiores (incl. variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V7 (incl. variantes SIPLUS), SIMATIC S7-400 PN/DP V7 (incl. variantes SIPLUS). • https://cert-portal.siemens.com/productcert/html/ssa-473245.html https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf • CWE-400: Uncontrolled Resource Consumption •