SIMATIC S7-1200 CPU family (incl. SIPLUS variants)

CVEs (10)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2022-30694	Siemens Foundation Wincc Runtime Advanced	—	0.00	Nov 8, 2022	The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
CVE-2022-38465	Siemens Foundation Simatic S7 1500 Software Controller	—	0.00	Oct 11, 2022	A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),…
CVE-2021-40368	Siemens Foundation Simatic S7 400 CPU 412 2 Pn	—	0.00	Apr 12, 2022	A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All…
CVE-2022-25622	Siemens Foundation Simatic S7 400 CPU 412 2 Pn	—	0.00	Apr 12, 2022	The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on…
CVE-2021-37205	Siemens Foundation Simatic S7 1500 Software Controller	—	0.01	Feb 9, 2022	A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions…
CVE-2021-37185	Siemens Foundation Simatic S7 1500 Software Controller	—	0.02	Feb 9, 2022	A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions…
CVE-2020-15791	Siemens Foundation Simatic Winac Rtx F 2010	—	0.00	Sep 9, 2020	A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The…
CVE-2019-19300	Siemens Foundation Simatic S7 400 CPU 414 3 Pn\/dp	—	0.01	Apr 14, 2020	A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0),…
CVE-2019-13940	Siemens Foundation Simatic S7 400 CPU 414 3 Pn\/dp	—	0.01	Feb 11, 2020	A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions <…
CVE-2019-10943	Siemens Foundation Simatic S7 1500 Software Controller	—	0.00	Aug 13, 2019	A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC…

CVE-2022-30694Nov 8, 2022
Siemens Foundation
Wincc Runtime Advanced
risk 0.00cvss —epss 0.00
The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
CVE-2022-38465Oct 11, 2022
Siemens Foundation
Simatic S7 1500 Software Controller
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),…
CVE-2021-40368Apr 12, 2022
Siemens Foundation
Simatic S7 400 CPU 412 2 Pn
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All…
CVE-2022-25622Apr 12, 2022
Siemens Foundation
Simatic S7 400 CPU 412 2 Pn
risk 0.00cvss —epss 0.00
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on…
CVE-2021-37205Feb 9, 2022
Siemens Foundation
Simatic S7 1500 Software Controller
risk 0.00cvss —epss 0.01
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions…
CVE-2021-37185Feb 9, 2022
Siemens Foundation
Simatic S7 1500 Software Controller
risk 0.00cvss —epss 0.02
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions…
CVE-2020-15791Sep 9, 2020
Siemens Foundation
Simatic Winac Rtx F 2010
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The…
CVE-2019-19300Apr 14, 2020
Siemens Foundation
Simatic S7 400 CPU 414 3 Pn\/dp
risk 0.00cvss —epss 0.01
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0),…
CVE-2019-13940Feb 11, 2020
Siemens Foundation
Simatic S7 400 CPU 414 3 Pn\/dp
risk 0.00cvss —epss 0.01
A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions <…
CVE-2019-10943Aug 13, 2019
Siemens Foundation
Simatic S7 1500 Software Controller
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC…