VYPR

SIMATIC S7-PLCSIM V17

by Siemens Foundation

CVEs (23)

  • CVE-2020-15782CriMay 28, 2021
    risk 0.64cvss 9.8epss 0.05

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),…

  • CVE-2022-38465CriOct 11, 2022
    risk 0.60cvss 9.3epss 0.00

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),…

  • CVE-2025-40759HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 V17 (All versions < V17 Update 9), SIMATIC STEP 7 V18 (All versions), SIMATIC STEP 7 V19 (All versions < V19 Update 4), SIMATIC STEP 7 V20 (All versions < V20 Update 4), SIMATIC WinCC V17…

  • CVE-2024-49849HigDec 10, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 9), SIMATIC STEP 7 Safety V18 (All versions), SIMATIC STEP 7 Safety…

  • CVE-2023-46156HigDec 12, 2023
    risk 0.49cvss 7.5epss 0.01

    Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations.

  • CVE-2023-28831HigSep 12, 2023
    risk 0.49cvss 7.5epss 0.01

    The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of…

  • CVE-2021-40365HigDec 13, 2022
    risk 0.49cvss 7.5epss 0.01

    Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

  • CVE-2021-37205HigFeb 9, 2022
    risk 0.49cvss 7.5epss 0.02

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions…

  • CVE-2021-37204HigFeb 9, 2022
    risk 0.49cvss 7.5epss 0.02

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open…

  • CVE-2021-37185HigFeb 9, 2022
    risk 0.49cvss 7.5epss 0.02

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions…

  • CVE-2019-10943HigAug 13, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC…

  • CVE-2019-6568HigApr 17, 2019
    risk 0.49cvss 7.5epss 0.01

    The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited…

  • CVE-2023-32736HigNov 12, 2024
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 8), SIMATIC STEP 7 Safety V18 (All versions < V18 Update 5), SIMATIC…

  • CVE-2022-30694MedNov 8, 2022
    risk 0.42cvss 6.5epss 0.00

    The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.

  • CVE-2019-10929MedAug 13, 2019
    risk 0.38cvss 5.9epss 0.01

    A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl.…

  • CVE-2021-44694MedDec 13, 2022
    risk 0.36cvss 5.5epss 0.01

    Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

  • CVE-2021-25675MedMar 15, 2021
    risk 0.36cvss 5.5epss 0.00

    A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, a divide by zero operation…

  • CVE-2021-25674MedMar 15, 2021
    risk 0.36cvss 5.5epss 0.00

    A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, a NULL pointer deference…

  • CVE-2021-25673MedMar 15, 2021
    risk 0.36cvss 5.5epss 0.00

    A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, the application could enter…

  • CVE-2020-28397MedAug 10, 2021
    risk 0.35cvss 5.3epss 0.01

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl.…

Page 1 of 2