2023-12-12
|
CVE-2023-46156
|
Affected devices improperly handle specially crafted packets sent to port 102/tcp.
This could allow an attacker to create a denial of service condition. A restart is needed to restore
normal operations.
|
Simatic_drive_controller_cpu_1504d_tf_firmware, Simatic_drive_controller_cpu_1507d_tf_firmware, Simatic_et_200sp_open_control_1515sp_pc2_firmware, Simatic_s7\-1500_cpu_1510sp\-1_pn_firmware, Simatic_s7\-1500_cpu_1510sp_f\-1_pn_firmware, Simatic_s7\-1500_cpu_1511\-1_pn_firmware, Simatic_s7\-1500_cpu_1511c\-1_pn_firmware, Simatic_s7\-1500_cpu_1511f\-1_pn_firmware, Simatic_s7\-1500_cpu_1511t\-1_pn_firmware, Simatic_s7\-1500_cpu_1511tf\-1_pn_firmware, Simatic_s7\-1500_cpu_1512c\-1_pn_firmware, Simatic_s7\-1500_cpu_1512sp\-1_pn_firmware, Simatic_s7\-1500_cpu_1512sp_f\-1_pn_firmware, Simatic_s7\-1500_cpu_1513\-1_pn_firmware, Simatic_s7\-1500_cpu_1513f\-1_pn_firmware, Simatic_s7\-1500_cpu_1513r\-1_pn_firmware, Simatic_s7\-1500_cpu_1514sp\-2_pn_firmware, Simatic_s7\-1500_cpu_1514sp_f\-2_pn_firmware, Simatic_s7\-1500_cpu_1514spt\-2_pn_firmware, Simatic_s7\-1500_cpu_1514spt_f\-2_pn_firmware, Simatic_s7\-1500_cpu_1515\-2_pn_firmware, Simatic_s7\-1500_cpu_1515f\-2_pn_firmware, Simatic_s7\-1500_cpu_1515r\-2_pn_firmware, Simatic_s7\-1500_cpu_1515t\-2_pn_firmware, Simatic_s7\-1500_cpu_1515tf\-2_pn_firmware, Simatic_s7\-1500_cpu_1516\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1516f\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1516t\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1517\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1517f\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1517h\-3_pn_firmware, Simatic_s7\-1500_cpu_1517t\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1517tf\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1518\-4_pn\/dp_firmware, Simatic_s7\-1500_cpu_1518f\-4_pn\/dp_firmware, Simatic_s7\-1500_cpu_1518hf\-4_pn_firmware, Simatic_s7\-1500_cpu_1518t\-4_pn\/dp_firmware, Simatic_s7\-1500_cpu_1518tf\-4_pn\/dp_firmware, Simatic_s7\-1500_cpu_s7\-1518\-4_pn\/dp_odk_firmware, Simatic_s7\-1500_cpu_s7\-1518f\-4_pn\/dp_odk_firmware, Simatic_s7\-1500_et_200pro\:_cpu_1513pro\-2_pn_firmware, Simatic_s7\-1500_et_200pro\:_cpu_1513pro_f\-2_pn_firmware, Simatic_s7\-1500_et_200pro\:_cpu_1516pro_f\-2_pn_firmware, Simatic_s7\-1500_et_200pro\:cpu_1516pro\-2_pn_firmware, Simatic_s7\-1500_software_controller_firmware, Simatic_s7\-Plcsim_advanced_firmware, Sinumerik_mc_firmware, Sinumerik_one_firmware, Siplus_et_200sp_1512sp_f\-1_pn_firmware, Siplus_et_200sp_cpu_1510sp\-1_pn_firmware, Siplus_et_200sp_cpu_1510sp\-1_pn_rail_firmware, Siplus_et_200sp_cpu_1510sp_f\-1_pn_firmware, Siplus_et_200sp_cpu_1510sp_f\-1_pn_rail_firmware, Siplus_et_200sp_cpu_1512sp\-1_pn_firmware, Siplus_et_200sp_cpu_1512sp\-1_pn_rail_firmware, Siplus_et_200sp_cpu_1512sp_f\-1_pn_rail_firmware, Siplus_s7\-1500_cpu_1511\-1_pn_firmware, Siplus_s7\-1500_cpu_1511\-1_pn_t1_rail_firmware, Siplus_s7\-1500_cpu_1511\-1_pn_tx_rail_firmware, Siplus_s7\-1500_cpu_1511f\-1_pn_firmware, Siplus_s7\-1500_cpu_1513\-1_pn_firmware, Siplus_s7\-1500_cpu_1513f\-1_pn_firmware, Siplus_s7\-1500_cpu_1515f\-2_pn_firmware, Siplus_s7\-1500_cpu_1515f\-2_pn_rail_firmware, Siplus_s7\-1500_cpu_1515f\-2_pn_t2_rail_firmware, Siplus_s7\-1500_cpu_1515r\-2_pn_firmware, Siplus_s7\-1500_cpu_1515r\-2_pn_tx_rail_firmware, Siplus_s7\-1500_cpu_1516\-3_pn\/dp_firmware, Siplus_s7\-1500_cpu_1516\-3_pn\/dp_tx_rail_firmware, Siplus_s7\-1500_cpu_1516f\-3_pn\/dp_firmware, Siplus_s7\-1500_cpu_1516f\-3_pn\/dp_rail_firmware, Siplus_s7\-1500_cpu_1517h\-3_pn_firmware, Siplus_s7\-1500_cpu_1518\-4_pn\/dp_firmware, Siplus_s7\-1500_cpu_1518\-4_pn\/dp_mfp_firmware, Siplus_s7\-1500_cpu_1518f\-4_pn\/dp_firmware, Siplus_s7\-1500_cpu_1518hf\-4_pn_firmware
|
7.5
|
|
|
2021-03-18
|
CVE-2020-27827
|
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
|
Fedora, Lldpd, Openvswitch, Enterprise_linux, Openshift_container_platform, Openstack, Virtualization, Simatic_hmi_unified_comfort_panels_firmware, Simatic_net_cp_1243\-1_firmware, Simatic_net_cp_1243\-8_irc_firmware, Simatic_net_cp_1542sp\-1_firmware, Simatic_net_cp_1542sp\-1_irc_firmware, Simatic_net_cp_1543\-1_firmware, Simatic_net_cp_1543sp\-1_firmware, Simatic_net_cp_1545\-1_firmware, Sinumerik_one_firmware, Tim_1531_irc_firmware
|
7.5
|
|
|
2022-11-08
|
CVE-2022-30694
|
The login endpoint /FormLogin in affected web services does not apply proper origin checking.
This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
|
6ag1151\-8ab01\-7ab0_firmware, 6ag1151\-8fb01\-2ab0_firmware, 6ag1314\-6eh04\-7ab0_firmware, 6ag1315\-2eh14\-7ab0_firmware, 6ag1315\-2fj14\-2ab0_firmware, 6ag1317\-2ek14\-7ab0_firmware, 6ag1317\-2fk14\-2ab0_firmware, 6es7151\-8ab01\-0ab0_firmware, 6es7151\-8fb01\-0ab0_firmware, 6es7154\-8ab01\-0ab0_firmware, 6es7154\-8fb01\-0ab0_firmware, 6es7154\-8fx00\-0ab0_firmware, 6es7314\-6eh04\-0ab0_firmware, 6es7315\-2eh14\-0ab0_firmware, 6es7315\-2fj14\-0ab0_firmware, 6es7315\-7tj10\-0ab0_firmware, 6es7317\-2ek14\-0ab0_firmware, 6es7317\-2fk14\-0ab0_firmware, 6es7317\-7tk10\-0ab0_firmware, 6es7317\-7ul10\-0ab0_firmware, 6es7318\-3el01\-0ab0_firmware, 6es7318\-3fl01\-0ab0_firmware, Simatic_drive_controller_cpu_1504d_tf_firmware, Simatic_drive_controller_cpu_1507d_tf_firmware, Simatic_pcs_firmware, Simatic_s7\-1200_cpu_1211c_firmware, Simatic_s7\-1200_cpu_1212c_firmware, Simatic_s7\-1200_cpu_1212fc_firmware, Simatic_s7\-1200_cpu_1214_fc_firmware, Simatic_s7\-1200_cpu_1214c_firmware, Simatic_s7\-1200_cpu_1214fc_firmware, Simatic_s7\-1200_cpu_1215_fc_firmware, Simatic_s7\-1200_cpu_1215c_firmware, Simatic_s7\-1200_cpu_1215fc_firmware, Simatic_s7\-1200_cpu_1217c_firmware, Simatic_s7\-1200_cpu_12_1211c_firmware, Simatic_s7\-1200_cpu_12_1212c_firmware, Simatic_s7\-1200_cpu_12_1212fc_firmware, Simatic_s7\-1200_cpu_12_1214c_firmware, Simatic_s7\-1200_cpu_12_1214fc_firmware, Simatic_s7\-1200_cpu_12_1215c_firmware, Simatic_s7\-1200_cpu_12_1215fc_firmware, Simatic_s7\-1200_cpu_12_1217c_firmware, Simatic_s7\-1500_cpu_1507s_f_firmware, Simatic_s7\-1500_cpu_1507s_firmware, Simatic_s7\-1500_cpu_1508s_f_firmware, Simatic_s7\-1500_cpu_1508s_firmware, Simatic_s7\-1500_cpu_1510sp\-1_firmware, Simatic_s7\-1500_cpu_1510sp_firmware, Simatic_s7\-1500_cpu_1511\-1_firmware, Simatic_s7\-1500_cpu_1511\-1_pn_firmware, Simatic_s7\-1500_cpu_1511c\-1_firmware, Simatic_s7\-1500_cpu_1511c_firmware, Simatic_s7\-1500_cpu_1511f\-1_firmware, Simatic_s7\-1500_cpu_1511f\-1_pn_firmware, Simatic_s7\-1500_cpu_1511t\-1_firmware, Simatic_s7\-1500_cpu_1511tf\-1_firmware, Simatic_s7\-1500_cpu_1512c\-1_firmware, Simatic_s7\-1500_cpu_1512c_firmware, Simatic_s7\-1500_cpu_1512sp\-1_firmware, Simatic_s7\-1500_cpu_1512spf\-1_firmware, Simatic_s7\-1500_cpu_1513\-1_firmware, Simatic_s7\-1500_cpu_1513\-1_pn_firmware, Simatic_s7\-1500_cpu_1513f\-1_firmware, Simatic_s7\-1500_cpu_1513f\-1_pn_firmware, Simatic_s7\-1500_cpu_1513r\-1_firmware, Simatic_s7\-1500_cpu_151511c\-1_firmware, Simatic_s7\-1500_cpu_151511f\-1_firmware, Simatic_s7\-1500_cpu_1515\-2_firmware, Simatic_s7\-1500_cpu_1515\-2_pn_firmware, Simatic_s7\-1500_cpu_1515f\-2_firmware, Simatic_s7\-1500_cpu_1515f\-2_pn_firmware, Simatic_s7\-1500_cpu_1515r\-2_firmware, Simatic_s7\-1500_cpu_1515t\-2_firmware, Simatic_s7\-1500_cpu_1515tf\-2_firmware, Simatic_s7\-1500_cpu_1516\-3_dp_firmware, Simatic_s7\-1500_cpu_1516\-3_firmware, Simatic_s7\-1500_cpu_1516\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1516\-3_pn_firmware, Simatic_s7\-1500_cpu_1516f\-3_firmware, Simatic_s7\-1500_cpu_1516f\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1516pro\-2_firmware, Simatic_s7\-1500_cpu_1516pro_f_firmware, Simatic_s7\-1500_cpu_1516t\-3_firmware, Simatic_s7\-1500_cpu_1516tf\-3_firmware, Simatic_s7\-1500_cpu_1517\-3_dp_firmware, Simatic_s7\-1500_cpu_1517\-3_firmware, Simatic_s7\-1500_cpu_1517\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1517\-3_pn_firmware, Simatic_s7\-1500_cpu_1517f\-3_firmware, Simatic_s7\-1500_cpu_1517f\-3_pn\/dp_firmware, Simatic_s7\-1500_cpu_1517tf\-3_firmware, Simatic_s7\-1500_cpu_1518\-4_dp_firmware, Simatic_s7\-1500_cpu_1518\-4_firmware, Simatic_s7\-1500_cpu_1518\-4_pn\/dp_firmware, Simatic_s7\-1500_cpu_1518\-4_pn\/dp_mfp_firmware, Simatic_s7\-1500_cpu_1518\-4_pn_firmware, Simatic_s7\-1500_cpu_1518_firmware, Simatic_s7\-1500_cpu_1518f\-4_firmware, Simatic_s7\-1500_cpu_1518f\-4_pn\/dp_firmware, Simatic_s7\-1500_cpu_1518hf\-4_firmware, Simatic_s7\-1500_cpu_1518t\-4_firmware, Simatic_s7\-1500_cpu_1518tf\-4_firmware, Simatic_s7\-1500_cpu_15pro\-2_firmware, Simatic_s7\-1500_cpu_15prof\-2_firmware, Simatic_s7\-1500_cpu_cpu_1513pro\-2_firmware, Simatic_s7\-1500_cpu_cpu_1513prof\-2_firmware, Simatic_s7\-1500_software_controller, Simatic_s7\-400_pn\/dp_v6_firmware, Simatic_s7\-400_pn\/dp_v7_firmware, Simatic_s7\-Plcsim_advanced, Simatic_wincc_runtime, Sinumerik_one_firmware
|
6.5
|
|
|
2020-11-12
|
CVE-2020-8745
|
Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
|
Converged_security_and_manageability_engine, Trusted_execution_technology, Simatic_drive_controller_firmware, Simatic_et200sp_1515sp_pc2_firmware, Simatic_field_pg_m5_firmware, Simatic_field_pg_m6_firmware, Simatic_ipc127e_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc527g_firmware, Simatic_ipc547g_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc667e_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware, Sinumerik_828d_hw_pu\.4_firmware, Sinumerik_840d_sl_ht_10_firmware, Sinumerik_mc_mcu_1720_firmware, Sinumerik_one_firmware, Sinumerik_one_ncu_1740_firmware, Sinumerik_one_ppu_1740_firmware
|
6.8
|
|
|
2022-03-08
|
CVE-2022-24408
|
A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow local attackers to escalate their privileges to root.
|
Sinumerik_mc_firmware, Sinumerik_one_firmware
|
7.8
|
|
|