VYPR

SIMATIC ET 200pro IM154-8 PN/DP CPU

by Siemens Foundation

CVEs (8)

  • CVE-2018-4843MedMar 20, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions <…

  • CVE-2022-30694Nov 8, 2022
    risk 0.00cvss epss 0.00

    The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.

  • CVE-2022-25622Apr 12, 2022
    risk 0.00cvss epss 0.01

    The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on…

  • CVE-2019-19300Apr 14, 2020
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0),…

  • CVE-2019-13940Feb 11, 2020
    risk 0.00cvss epss 0.02

    A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions <…

  • CVE-2019-10923Oct 10, 2019
    risk 0.00cvss epss 0.01

    An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

  • CVE-2019-10936Oct 10, 2019
    risk 0.00cvss epss 0.02

    Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.

  • CVE-2019-6568Apr 17, 2019
    risk 0.00cvss epss 0.01

    The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited…