| CVE-2017-2681 | Med | 0.42 | 6.5 | 0.00 | | May 11, 2017 | Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. |
| CVE-2017-2680 | Med | 0.42 | 6.5 | 0.02 | | May 11, 2017 | Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. |
| CVE-2013-2780 | | 0.00 | — | 0.00 | | Apr 22, 2013 | Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port). |
| CVE-2013-0700 | | 0.00 | — | 0.00 | | Apr 22, 2013 | Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port). |
| CVE-2012-3040 | | 0.00 | — | 0.01 | | Oct 10, 2012 | Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. |
| CVE-2012-3037 | | 0.00 | — | 0.00 | | Sep 25, 2012 | The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate. |
