VYPR

Simatic S7 1200 CPU 1214c Firmware

by Siemens Foundation

CVEs (12)

  • CVE-2014-2908Apr 25, 2014
    risk 0.05cvss epss 0.21

    Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2020-28400Jul 13, 2021
    risk 0.00cvss epss 0.02

    Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.

  • CVE-2014-2909Apr 25, 2014
    risk 0.00cvss epss 0.02

    CRLF injection vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary HTTP headers via unspecified vectors.

  • CVE-2014-2258Mar 24, 2014
    risk 0.00cvss epss 0.05

    Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets, a different vulnerability than CVE-2014-2259.

  • CVE-2014-2256Mar 24, 2014
    risk 0.00cvss epss 0.04

    Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted ISO-TSAP packets, a different vulnerability than CVE-2014-2257.

  • CVE-2014-2254Mar 24, 2014
    risk 0.00cvss epss 0.05

    Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets, a different vulnerability than CVE-2014-2255.

  • CVE-2014-2252Mar 24, 2014
    risk 0.00cvss epss 0.01

    Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted PROFINET packets, a different vulnerability than CVE-2014-2253.

  • CVE-2014-2250Mar 24, 2014
    risk 0.00cvss epss 0.03

    The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors, a different…

  • CVE-2013-2780Apr 22, 2013
    risk 0.00cvss epss 0.02

    Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port).

  • CVE-2013-0700Apr 22, 2013
    risk 0.00cvss epss 0.02

    Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port).

  • CVE-2012-3040Oct 10, 2012
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

  • CVE-2012-3037Sep 25, 2012
    risk 0.00cvss epss 0.01

    The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.