SIMATIC S7-400 CPU family

CVEs (11)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-9158	Siemens Foundation Simatic S7 400 CPU Firmware	Hig	0.49	7.5	0.01	Dec 17, 2016	A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7…
CVE-2020-28397	Siemens Foundation Simatic S7 1500 Software Controller		0.00	—	0.00	Aug 10, 2021	A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl.…
CVE-2020-15782	Siemens Foundation Simatic S7 1500 Software Controller		0.00	—	0.00	May 28, 2021	A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),…
CVE-2020-25241	Siemens Foundation SIMATIC S7-400 CPU family		0.00	—	0.00	Mar 15, 2021	A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP…
CVE-2020-15791	Siemens Foundation Simatic Winac Rtx F 2010		0.00	—	0.00	Sep 9, 2020	A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The…
CVE-2019-19300	Siemens Foundation Simatic S7 400 CPU 414 3 Pn\/dp		0.00	—	0.01	Apr 14, 2020	A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0),…
CVE-2019-19281	Siemens Foundation Simatic S7 1500 Software Controller		0.00	—	0.01	Mar 10, 2020	A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V2.5 and < V20.8), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 and < V2.8), SIMATIC S7-1500…
CVE-2019-13940	Siemens Foundation Simatic S7 400 CPU 414 3 Pn\/dp		0.00	—	0.01	Feb 11, 2020	A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions <…
CVE-2019-13945	Siemens Foundation SIMATIC S7-400 CPU family		0.00	—	0.00	Dec 12, 2019	A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family < V4.x (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family V4.x (incl. SIPLUS variants) (All versions with Function State (FS) <…
CVE-2019-10929	Siemens Foundation Simatic Wincc Runtime		0.00	—	0.00	Aug 13, 2019	A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl.…
CVE-2018-13800	Siemens Foundation SIMATIC S7-400 CPU family		0.00	—	0.00	Oct 10, 2018	A vulnerability has been identified in SIMATIC S7-1200 CPU family version 4 (All versions < V4.2.3). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user…

CVE-2016-9158HigDec 17, 2016
Siemens Foundation
Simatic S7 400 CPU Firmware
risk 0.49cvss 7.5epss 0.01
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7…
CVE-2020-28397Aug 10, 2021
Siemens Foundation
Simatic S7 1500 Software Controller
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl.…
CVE-2020-15782May 28, 2021
Siemens Foundation
Simatic S7 1500 Software Controller
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),…
CVE-2020-25241Mar 15, 2021
Siemens Foundation
SIMATIC S7-400 CPU family
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP…
CVE-2020-15791Sep 9, 2020
Siemens Foundation
Simatic Winac Rtx F 2010
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The…
CVE-2019-19300Apr 14, 2020
Siemens Foundation
Simatic S7 400 CPU 414 3 Pn\/dp
risk 0.00cvss —epss 0.01
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0),…
CVE-2019-19281Mar 10, 2020
Siemens Foundation
Simatic S7 1500 Software Controller
risk 0.00cvss —epss 0.01
A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V2.5 and < V20.8), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 and < V2.8), SIMATIC S7-1500…
CVE-2019-13940Feb 11, 2020
Siemens Foundation
Simatic S7 400 CPU 414 3 Pn\/dp
risk 0.00cvss —epss 0.01
A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions <…
CVE-2019-13945Dec 12, 2019
Siemens Foundation
SIMATIC S7-400 CPU family
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family < V4.x (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family V4.x (incl. SIPLUS variants) (All versions with Function State (FS) <…
CVE-2019-10929Aug 13, 2019
Siemens Foundation
Simatic Wincc Runtime
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl.…
CVE-2018-13800Oct 10, 2018
Siemens Foundation
SIMATIC S7-400 CPU family
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC S7-1200 CPU family version 4 (All versions < V4.2.3). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user…