Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-10923 | 1 Siemens | 78 Cp1604, Cp1604 Firmware, Cp1616 and 75 more | 2024-09-10 | 5.0 MEDIUM | 7.5 HIGH |
An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation. | |||||
CVE-2019-10936 | 1 Siemens | 130 Dk Standard Ethernet Controller, Dk Standard Ethernet Controller Firmware, Ek-ertec 200 and 127 more | 2024-07-09 | 5.0 MEDIUM | 7.5 HIGH |
Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition. | |||||
CVE-2019-18336 | 1 Siemens | 23 Simatic S7-300 Cpu, Simatic S7-300 Cpu 312 Ifm, Simatic S7-300 Cpu 312 Ifm Firmware and 20 more | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known. |