Filtered by vendor Siemens
Subscriptions
Filtered by product Simatic S7-1500 Cpu 1512sp F-1 Pn
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-40820 | 1 Siemens | 16 Sidoor Atd430w, Sidoor Ate530s Coated, Simatic and 13 more | 2025-12-10 | 7.5 High |
| Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addresses at precisely timed moments, and it affects only TCP-based services. | ||||
| CVE-2023-28831 | 1 Siemens | 156 Simatic Cloud Connect 7 Cc712, Simatic Cloud Connect 7 Cc712 Firmware, Simatic Cloud Connect 7 Cc716 and 153 more | 2025-11-11 | 7.5 High |
| The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. | ||||
| CVE-2022-38773 | 1 Siemens | 140 Simatic Drive Controller Cpu 1504d Tf, Simatic Drive Controller Cpu 1504d Tf Firmware, Simatic Drive Controller Cpu 1507d Tf and 137 more | 2025-04-03 | 4.6 Medium |
| Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code. | ||||
| CVE-2023-46156 | 1 Siemens | 145 Simatic Drive Controller Cpu 1504d Tf, Simatic Drive Controller Cpu 1504d Tf Firmware, Simatic Drive Controller Cpu 1507d Tf and 142 more | 2024-11-21 | 7.5 High |
| Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations. | ||||
Page 1 of 1.