| CVE-2016-2846 | Med | 0.42 | 6.5 | 0.00 | | Mar 16, 2016 | Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote attackers to bypass a "user program block" protection mechanism via unspecified vectors. |
| CVE-2014-2908 | | 0.08 | — | 0.68 | | Apr 25, 2014 | Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2014-2909 | | 0.00 | — | 0.01 | | Apr 25, 2014 | CRLF injection vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary HTTP headers via unspecified vectors. |
