Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Simatic_cp_343\-1_firmware
(Siemens)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 7 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-02-13 | CVE-2023-51440 | A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) (All versions). Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets. | Simatic_cp_343\-1_firmware, Simatic_cp_343\-1_lean_firmware, Siplus_net_cp_343\-1_firmware, Siplus_net_cp_343\-1_lean_firmware | 7.5 | ||
2021-09-14 | CVE-2021-33737 | A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a... | Simatic_cp_343\-1_advanced_firmware, Simatic_cp_343\-1_erpc_firmware, Simatic_cp_343\-1_firmware, Simatic_cp_343\-1_lean_firmware, Simatic_cp_443\-1_advanced_firmware, Simatic_cp_443\-1_firmware | N/A | ||
2020-02-11 | CVE-2019-13946 | Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user... | Dk_standard_ethernet_controller, Ek\-Ertec_200_firmware, Ek\-Ertec_200p_firmware, Im_154\-3_pn_hf_firmware, Im_154\-4_pn_hf_firmware, Profinet_driver, Ruggedcom_rm1224_firmware, Scalance_m\-800_firmware, Scalance_s615_firmware, Scalance_w700_ieee_802\.11n_firmware, Scalance_x\-200irt_firmware, Scalance_x\-300_firmware, Scalance_x\-400_firmware, Scalance_xb\-200_firmware, Scalance_xc\-200_firmware, Scalance_xf\-200_firmware, Scalance_xf\-200ba_firmware, Scalance_xm\-400_firmware, Scalance_xp\-200_firmware, Scalance_xr524_firmware, Scalance_xr526_firmware, Scalance_xr528_firmware, Scalance_xr552_firmware, Scalance_xr\-300wg_firmware, Simatic_cp_1604_firmware, Simatic_cp_1616_firmware, Simatic_cp_343\-1_advanced_firmware, Simatic_cp_343\-1_erpc_firmware, Simatic_cp_343\-1_firmware, Simatic_cp_343\-1_lean_firmware, Simatic_cp_443\-1_advanced_firmware, Simatic_cp_443\-1_firmware, Simatic_cp_443\-1_opc_ua_firmware, Simatic_et200al_im_157\-1_pn_firmware, Simatic_et200ecopn_firmware, Simatic_et200m_im153\-4_pn_io_hf_firmware, Simatic_et200m_im153\-4_pn_io_st_firmware, Simatic_et200mp_im155\-5_pn_hf_firmware, Simatic_et200mp_im155\-5_pn_st_firmware, Simatic_et200pro_firmware, Simatic_et200s_firmware, Simatic_et200sp_im155\-6_pn_basic_firmware, Simatic_et200sp_im155\-6_pn_hf_firmware, Simatic_et200sp_im155\-6_pn_st_firmware, Simatic_ipc_support, Simatic_mv420_firmware, Simatic_mv440_firmware, Simatic_pn\/pn_coupler_firmware, Simatic_rf180c_firmware, Simatic_rf182c_firmware, Simatic_rf600_firmware, Sinamics_dcp_firmware | 7.5 | ||
2018-03-20 | CVE-2018-4843 | A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP... | Simatic_cp_343\-1_firmware, Simatic_cp_443\-1_firmware, Simatic_s7\-1500_firmware, Simatic_s7\-300_firmware, Simatic_s7\-400_h_v6_firmware, Simatic_s7\-400_pn\/dp_v6_firmware, Simatic_s7\-400_pn\/dp_v7_firmware, Simatic_s7\-410_firmware, Simatic_winac_rtx_2010_firmware, Sinumerik_828d_firmware, Softnet_pn\-Io_linux_firmware | 6.5 | ||
2015-11-27 | CVE-2015-8214 | A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions < V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions < V3.2.9),... | Simatic_cp_343\-1_firmware, Simatic_cp_443\-1_firmware, Simatic_tim_3v\-Ie_firmware, Simatic_tim_4r\-Ie_firmware | N/A | ||
2016-11-23 | CVE-2016-8673 | A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an... | Simatic_cp_343\-1_firmware, Simatic_cp_443\-1_firmware, Simatic_s7_300_cpu_firmware, Simatic_s7_400_cpu_firmware | 8.8 | ||
2016-11-23 | CVE-2016-8672 | A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the "secure" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case... | Simatic_cp_343\-1_firmware, Simatic_cp_443\-1_firmware, Simatic_s7_300_cpu_firmware, Simatic_s7_400_cpu_firmware | 5.3 |