Simatic Net Cp 1543 1 Firmware

simatic_net_cp_1543-1_firmware

Vendor: Siemens • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-3449 12Checkpoint DebianFedoraproject+9 more 106Active Iq Unified Manager Capture ClientCloud Volumes Ontap Mediator+103 more Nov 21, 2024 Mar 25, 2021 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the...Show more An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).Show less
CVE-2020-27827 5Fedoraproject Lldpd ProjectOpenvswitch+2 more 17Enterprise Linux FedoraLldpd+14 more Dec 3, 2025 Mar 18, 2021 N/A· v4 7.5 HIGH· v3 7.1 HIGH· v2 A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest...Show more A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.Show less
CVE-2020-9273 5Debian FedoraprojectOpensuse+2 more 7Backports Sle Debian LinuxFedora+4 more Nov 21, 2024 Feb 20, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
CVE-2020-9272 3Opensuse ProftpdSiemens 5Backports Sle LeapProftpd+2 more Nov 21, 2024 Feb 20, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
CVE-2018-5391 7Canonical DebianF5+4 more 51Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+48 more Nov 21, 2024 Sep 6, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending...Show more The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.Show less