2017-05-11
|
CVE-2017-2680
|
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
|
Dk_standard_ethernet_controller_firmware, Ek\-Ertec_200_pn_io_firmware, Ek\-Ertec_200p_pn_io_firmware, Extension_unit_12_profinet_firmware, Extension_unit_15_profinet_firmware, Extension_unit_19_profinet_firmware, Extension_unit_22_profinet_firmware, Ie\/as\-I_link_pn_io_firmware, Ie\/pb\-Link_firmware, Pn\/pn_coupler_firmware, Scalance_m\-800_firmware, Scalance_s615_firmware, Scalance_w700_firmware, Scalance_x200_firmware, Scalance_x200_irt_firmware, Scalance_x300_firmware, Scalance_x408_firmware, Scalance_x414_firmware, Scalance_xm400_firmware, Scalance_xr500_firmware, Simatic_cm_1542\-1_firmware, Simatic_cp_1242\-7_gprs_firmware, Simatic_cp_1243\-1_dnp3_firmware, Simatic_cp_1243\-1_firmware, Simatic_cp_1243\-1_iec_firmware, Simatic_cp_1243\-1_irc_firmware, Simatic_cp_1243\-7_lte\/us_firmware, Simatic_cp_1243\-8_firmware, Simatic_cp_1542sp\-1_firmware, Simatic_cp_1542sp\-1_irc_firmware, Simatic_cp_1543\-1_firmware, Simatic_cp_1543sp\-1_firmware, Simatic_cp_1604_firmware, Simatic_cp_1616_firmware, Simatic_cp_1626_firmware, Simatic_cp_343\-1_adv_firmware, Simatic_cp_343\-1_lean_firmware, Simatic_cp_343\-1_std_firmware, Simatic_cp_443\-1_adv_firmware, Simatic_cp_443\-1_opc\-Ua_firmware, Simatic_cp_443\-1_std_firmware, Simatic_dk\-1604_pn_io_firmware, Simatic_dk\-1616_pn_io_firmware, Simatic_et_200al_firmware, Simatic_et_200ecopn_firmware, Simatic_et_200m_firmware, Simatic_et_200mp_firmware, Simatic_et_200pro_firmware, Simatic_et_200s_firmware, Simatic_et_200sp_firmware, Simatic_hmi_comfort_panels, Simatic_hmi_mobile_panels, Simatic_hmi_multi_panels, Simatic_rf650r_firmware, Simatic_rf680r_firmware, Simatic_rf685r_firmware, Simatic_s7\-1200_firmware, Simatic_s7\-1500_firmware, Simatic_s7\-1500_software_controller_firmware, Simatic_s7\-200_smart_firmware, Simatic_s7\-300_firmware, Simatic_s7\-400_firmware, Simatic_tdc_cp51m1_firmware, Simatic_tdc_cpu555_firmware, Simatic_teleservice_adapter_ie_advanced_firmware, Simatic_teleservice_adapter_ie_basic_firmware, Simatic_teleservice_adapter_ie_standard_firmware, Simatic_winac_rtx_firmware, Simocode_pro_v_profinet_firmware, Simotion_firmware, Sinamics__s110_pn_firmware, Sinamics_dcm_firmware, Sinamics_dcp_firmware, Sinamics_g110m_firmware, Sinamics_g120\(C\/p\/d\)_w\._pn_firmware, Sinamics_g130_firmware, Sinamics_g150_firmware, Sinamics_gh150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_s120_firmware, Sinamics_s150_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinamics_v90_pn_firmware, Sinumerik_828d_firmware, Sinumerik_840d_sl_firmware, Sirius_act_3su1_firmware, Sirius_motor_starter_m200d_profinet_firmware, Sirius_soft_starter_3rw44_pn_firmware, Sitop_psu8600_firmware, Softnet_profinet_io_firmware, Ups1600_profinet_firmware
|
6.5
|
|
|
2019-10-10
|
CVE-2019-10923
|
An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.
|
Cp1604_firmware, Cp1616_firmware, Dk_standard_ethernet_controller_firmware, Ek\-Ertec_200_firmware, Ek\-Ertec_200p_firmware, Scalance_x\-200irt_firmware, Simatic_et_200ecopn_firmware, Simatic_et_200m_firmware, Simatic_et_200s_firmware, Simatic_pn\/pn_coupler_6es7158\-3ad01\-0xa0_firmware, Simatic_s7\-300_cpu_312_ifm_firmware, Simatic_s7\-300_cpu_313_firmware, Simatic_s7\-300_cpu_314_firmware, Simatic_s7\-300_cpu_314_ifm_firmware, Simatic_s7\-300_cpu_315\-2_dp_firmware, Simatic_s7\-300_cpu_315_firmware, Simatic_s7\-300_cpu_316\-2_dp_firmware, Simatic_s7\-300_cpu_318\-2_firmware, Simatic_s7\-300_cpu_firmware, Simatic_s7\-400_dp_v7_firmware, Simatic_s7\-400_pn_v7_firmware, Simatic_s7\-400_v6_firmware, Simatic_winac_rtx_\(F\)_firmware, Simotion_firmware, Sinamics_dcm_firmware, Sinamics_dcp_firmware, Sinamics_g110m_firmware, Sinamics_g120_firmware, Sinamics_g130_firmware, Sinamics_g150_firmware, Sinamics_gh150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_s110_firmware, Sinamics_s120_firmware, Sinamics_s150_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinumerik_828d, Sinumerik_840d_sl
|
7.5
|
|
|
2019-10-10
|
CVE-2019-10936
|
Affected devices improperly handle large amounts of specially crafted UDP packets.
This could allow an unauthenticated remote attacker to trigger a denial of service condition.
|
Dk_standard_ethernet_controller_firmware, Ek\-Ertec_200_firmware, Ek\-Ertec_200p_firmware, Simatic_cfu_pa_firmware, Simatic_et_200al_firmware, Simatic_et_200ecopn_firmware, Simatic_et_200m_firmware, Simatic_et_200mp_im_155\-5_pn_ba_firmware, Simatic_et_200mp_im_155\-5_pn_hf_firmware, Simatic_et_200mp_im_155\-5_pn_st_firmware, Simatic_et_200pro_firmware, Simatic_et_200s_firmware, Simatic_et_200sp_im_155\-6_pn\/2_hf_firmware, Simatic_et_200sp_im_155\-6_pn\/3_hf_firmware, Simatic_et_200sp_im_155\-6_pn_ba_firmware, Simatic_et_200sp_im_155\-6_pn_ha_firmware, Simatic_et_200sp_im_155\-6_pn_hf_firmware, Simatic_et_200sp_im_155\-6_pn_hs_firmware, Simatic_et_200sp_im_155\-6_pn_st_firmware, Simatic_hmi_comfort_outdoor_panels_15\"_firmware, Simatic_hmi_comfort_outdoor_panels_7\"_firmware, Simatic_hmi_comfort_panels_22\"_firmware, Simatic_hmi_comfort_panels_4\"_firmware, Simatic_hmi_ktp_mobile_panels_firmware, Simatic_pn\/pn_coupler_firmware, Simatic_profinet_driver_firmware, Simatic_s7\-1200_cpu_1211c_firmware, Simatic_s7\-1200_cpu_1212c_firmware, Simatic_s7\-1200_cpu_1214c_firmware, Simatic_s7\-1200_cpu_firmware, Simatic_s7\-1500_cpu_1511c_firmware, Simatic_s7\-1500_cpu_1512c_firmware, Simatic_s7\-1500_cpu_1518_firmware, Simatic_s7\-1500_cpu_firmware, Simatic_s7\-1500s_cpu_firmware, Simatic_s7\-1500t_cpu_firmware, Simatic_s7\-300_cpu_312_ifm_firmware, Simatic_s7\-300_cpu_313_firmware, Simatic_s7\-300_cpu_314_firmware, Simatic_s7\-300_cpu_314_ifm_firmware, Simatic_s7\-300_cpu_315\-2_dp_firmware, Simatic_s7\-300_cpu_315_firmware, Simatic_s7\-300_cpu_316\-2_dp_firmware, Simatic_s7\-300_cpu_318\-2_firmware, Simatic_s7\-300_cpu_firmware, Simatic_s7\-400_dp_v7_firmware, Simatic_s7\-400_pn_v7_firmware, Simatic_s7\-400_v6_firmware, Simatic_s7\-400h_v6_firmware, Simatic_s7\-410_v8_firmware, Simatic_winac_rtx_\(F\)_firmware, Sinamics_dcm_firmware, Sinamics_dcp_firmware, Sinamics_g110m_firmware, Sinamics_g120_firmware, Sinamics_g130_firmware, Sinamics_g150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_s110_firmware, Sinamics_s120_firmware, Sinamics_s150_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinumerik_828d, Sinumerik_840d_sl
|
7.5
|
|
|
2019-04-17
|
CVE-2019-6568
|
The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise availability of the device.
|
Cp1604_firmware, Cp1616_firmware, Simatic_cp343\-1_advanced_firmware, Simatic_cp443\-1_advanced_firmware, Simatic_cp443\-1_firmware, Simatic_cp443\-1_opc_ua, Simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware, Simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware, Simatic_hmi_comfort_outdoor_panels_firmware, Simatic_hmi_comfort_panels_firmware, Simatic_hmi_ktp_mobile_panels_ktp400f_firmware, Simatic_hmi_ktp_mobile_panels_ktp700_firmware, Simatic_hmi_ktp_mobile_panels_ktp700f_firmware, Simatic_hmi_ktp_mobile_panels_ktp900_firmware, Simatic_hmi_ktp_mobile_panels_ktp900f_firmware, Simatic_ipc_diagmonitor, Simatic_rf181\-Eip_firmware, Simatic_rf182c_firmware, Simatic_rf185c_firmware, Simatic_rf186c_firmware, Simatic_rf188c_firmware, Simatic_rf600r_firmware, Simatic_s7\-1500_firmware, Simatic_s7\-1500_software_controller, Simatic_s7\-1500f_firmware, Simatic_s7\-1500s_firmware, Simatic_s7\-1500t_firmware, Simatic_s7\-300_firmware, Simatic_s7\-400_pn\/dp_firmware, Simatic_s7\-400_pn_firmware, Simatic_s7\-Plcsim_advanced, Simatic_teleservice_adapter_ie_advanced_firmware, Simatic_teleservice_adapter_ie_basic_firmware, Simatic_teleservice_adapter_ie_standard_firmware, Simatic_winac_rtx_firmware, Simatic_wincc_runtime_advanced, Simocode_pro_v_eip_firmware, Simocode_pro_v_pn_firmware, Sinamics_g130_firmware, Sinamics_g150_firmware, Sinamics_gh150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_s120_firmware, Sinamics_s150_firmware, Sinamics_s210_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinamics_sm150_firmware, Sitop_manager, Sitop_psu8600_firmware, Sitop_ups1600_firmware, Tim_1531_irc_firmware
|
7.5
|
|
|
2021-05-12
|
CVE-2021-27385
|
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F,...
|
Simatic_hmi_comfort_outdoor_panels_15\"_firmware, Simatic_hmi_comfort_outdoor_panels_7\"_firmware, Simatic_hmi_comfort_panels_22\"_firmware, Simatic_hmi_comfort_panels_4\"_firmware, Simatic_hmi_ktp_mobile_panels_ktp400f_firmware, Simatic_hmi_ktp_mobile_panels_ktp700_firmware, Simatic_hmi_ktp_mobile_panels_ktp700f_firmware, Simatic_hmi_ktp_mobile_panels_ktp900_firmware, Simatic_hmi_ktp_mobile_panels_ktp900f_firmware, Simatic_wincc_runtime_advanced, Sinamics_gh150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_sh150_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinamics_sm150_firmware, Sinamics_sm150i_firmware
|
7.5
|
|
|
2021-02-09
|
CVE-2020-15798
|
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with...
|
Simatic_hmi_comfort_panels_firmware, Simatic_hmi_ktp_mobile_panels_firmware, Sinamics_gh150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_sh150_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinamics_sm150_firmware, Sinamics_sm150i_firmware
|
9.8
|
|
|
2021-05-12
|
CVE-2021-27386
|
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F,...
|
Simatic_hmi_comfort_outdoor_panels_15\"_firmware, Simatic_hmi_comfort_outdoor_panels_7\"_firmware, Simatic_hmi_comfort_panels_22\"_firmware, Simatic_hmi_comfort_panels_4\"_firmware, Simatic_hmi_ktp_mobile_panels_ktp400f_firmware, Simatic_hmi_ktp_mobile_panels_ktp700_firmware, Simatic_hmi_ktp_mobile_panels_ktp700f_firmware, Simatic_hmi_ktp_mobile_panels_ktp900_firmware, Simatic_hmi_ktp_mobile_panels_ktp900f_firmware, Simatic_wincc_runtime_advanced, Sinamics_gh150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_sh150_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinamics_sm150_firmware, Sinamics_sm150i_firmware
|
7.5
|
|
|
2021-05-12
|
CVE-2021-27384
|
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F,...
|
Simatic_hmi_comfort_outdoor_panels_15\"_firmware, Simatic_hmi_comfort_outdoor_panels_7\"_firmware, Simatic_hmi_comfort_panels_22\"_firmware, Simatic_hmi_comfort_panels_4\"_firmware, Simatic_hmi_ktp_mobile_panels_ktp400f_firmware, Simatic_hmi_ktp_mobile_panels_ktp700_firmware, Simatic_hmi_ktp_mobile_panels_ktp700f_firmware, Simatic_hmi_ktp_mobile_panels_ktp900_firmware, Simatic_hmi_ktp_mobile_panels_ktp900f_firmware, Simatic_wincc_runtime_advanced, Sinamics_gh150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_sh150_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinamics_sm150_firmware, Sinamics_sm150i_firmware
|
9.8
|
|
|
2021-05-12
|
CVE-2021-27383
|
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F,...
|
Simatic_hmi_comfort_outdoor_panels_15\"_firmware, Simatic_hmi_comfort_outdoor_panels_7\"_firmware, Simatic_hmi_comfort_panels_22\"_firmware, Simatic_hmi_comfort_panels_4\"_firmware, Simatic_hmi_ktp_mobile_panels_ktp400f_firmware, Simatic_hmi_ktp_mobile_panels_ktp700_firmware, Simatic_hmi_ktp_mobile_panels_ktp700f_firmware, Simatic_hmi_ktp_mobile_panels_ktp900_firmware, Simatic_hmi_ktp_mobile_panels_ktp900f_firmware, Simatic_wincc_runtime_advanced, Sinamics_gh150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_sh150_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinamics_sm150_firmware, Sinamics_sm150i_firmware
|
7.5
|
|
|
2021-06-28
|
CVE-2021-31337
|
The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).
|
Sinamics_sl150_firmware, Sinamics_sm150_firmware, Sinamics_sm150i_firmware
|
9.8
|
|
|