← Back

Simatic Cp 343 1 Lean Firmware

simatic_cp_343-1_lean_firmware

Vendor: Siemens • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-51440
1Siemens
4Simatic Cp 343 1 Firmware
Simatic Cp 343 1 Lean FirmwareSiplus Net Cp 343 1 Firmware+1 more
Dec 16, 2024
Feb 13, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET...Show more
A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) (All versions). Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets.Show less
CVE-2021-33737
1Siemens
6Simatic Cp 343 1 Advanced Firmware
Simatic Cp 343 1 Erpc FirmwareSimatic Cp 343 1 Firmware+3 more
Nov 21, 2024
Sep 14, 2021
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lea...Show more
A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations.Show less
CVE-2019-13946
1Siemens
52Dk Standard Ethernet Controller
Ek Ertec 200 FirmwareEk Ertec 200p Firmware+49 more
Nov 21, 2024
Feb 11, 2020
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of ser...Show more
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.Show less
CVE-2017-2681
1Siemens
79Dk Standard Ethernet Controller Firmware
Ek Ertec 200 Pn Io FirmwareEk Ertec 200p Pn Io Firmware+76 more
May 13, 2026
May 11, 2017
7.1 HIGH· v4
6.5 MEDIUM· v3
6.1 MEDIUM· v2
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PRO...Show more
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.Show less
CVE-2017-2680
1Siemens
93Dk Standard Ethernet Controller Firmware
Ek Ertec 200 Pn Io FirmwareEk Ertec 200p Pn Io Firmware+90 more
May 13, 2026
May 11, 2017
7.1 HIGH· v4
6.5 MEDIUM· v3
6.1 MEDIUM· v2
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interf...Show more
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.Show less