VYPR

Simatic S7 1200 Firmware

by Siemens Foundation

CVEs (7)

  • CVE-2017-12741HigDec 26, 2017
    risk 0.49cvss 7.5epss 0.03

    Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.

  • CVE-2017-2681MedMay 11, 2017
    risk 0.42cvss 6.5epss 0.01

    Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.

  • CVE-2017-2680MedMay 11, 2017
    risk 0.42cvss 6.5epss 0.01

    Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

  • CVE-2013-2780Apr 22, 2013
    risk 0.00cvss epss 0.02

    Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port).

  • CVE-2013-0700Apr 22, 2013
    risk 0.00cvss epss 0.02

    Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port).

  • CVE-2012-3040Oct 10, 2012
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

  • CVE-2012-3037Sep 25, 2012
    risk 0.00cvss epss 0.01

    The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.