Vulnerabilities (CVE)

Filtered by vendor Siemens Subscribe
Filtered by product Simatic S7-300 Cpu 312 Ifm Firmware
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10923 1 Siemens 78 Cp1604, Cp1604 Firmware, Cp1616 and 75 more 2024-09-10 5.0 MEDIUM 7.5 HIGH
An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.
CVE-2019-10936 1 Siemens 130 Dk Standard Ethernet Controller, Dk Standard Ethernet Controller Firmware, Ek-ertec 200 and 127 more 2024-07-09 5.0 MEDIUM 7.5 HIGH
Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.
CVE-2019-18336 1 Siemens 23 Simatic S7-300 Cpu, Simatic S7-300 Cpu 312 Ifm, Simatic S7-300 Cpu 312 Ifm Firmware and 20 more 2024-02-04 7.8 HIGH 7.5 HIGH
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known.