← Back

Simatic S7 400 Cpu Firmware

simatic_s7-400_cpu_firmware

Vendor: Siemens • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-9159
1Siemens
2Simatic S7 300 Cpu Firmware
Simatic S7 400 Cpu Firmware
Jun 2, 2026
Dec 17, 2016
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl...Show more
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 V6 and earlier CPU family (All versions), SIMATIC S7-400 V7 CPU family (All versions), SIMATIC S7-410 V8 CPU family (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions). An attacker with network access to port 102/tcp (ISO-TSAP) or via Profibus could obtain credentials from the PLC if protection-level 2 is configured on the affected devices.Show less
CVE-2016-9158
1Siemens
2Simatic S7 300 Cpu Firmware
Simatic S7 400 Cpu Firmware
Jun 2, 2026
Dec 17, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl...Show more
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 V6 and earlier CPU family (All versions), SIMATIC S7-400 V7 CPU family (All versions). Specially crafted packets sent to port 80/tcp could cause the affected devices to go into defect mode. A cold restart is required to recover the system.Show less
CVE-2016-8673
1Siemens
4Simatic Cp 343 1 Firmware
Simatic Cp 443 1 FirmwareSimatic S7 300 Cpu Firmware+1 more
May 6, 2026
Nov 23, 2016
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CP...Show more
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request.Show less
CVE-2016-8672
1Siemens
4Simatic Cp 343 1 Firmware
Simatic Cp 443 1 FirmwareSimatic S7 300 Cpu Firmware+1 more
May 6, 2026
Nov 23, 2016
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CP...Show more
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the "secure" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission.Show less
CVE-2012-3017
1Siemens
4Simatic S7 400 Cpu 414 3 Pn/dp
Simatic S7 400 Cpu 416 3 Pn/dpSimatic S7 400 Cpu 416f 3 Pn/dp+1 more
Apr 29, 2026
Jul 31, 2012
N/A· v4
N/A· v3
7.8 HIGH· v2
Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote attackers to cause a denial of service (defect-mode transition and service outage) via (1) malformed HTTP traffic or (2) malformed IP packets.
CVE-2012-3016
1Siemens
6Simatic S7 400 Cpu 412 2 Pn
Simatic S7 400 Cpu 414 3 Pn/dpSimatic S7 400 Cpu 414f 3 Pn/dp+3 more
Apr 29, 2026
Jul 31, 2012
N/A· v4
N/A· v3
7.8 HIGH· v2
Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 6.0.3 allow remote attackers to cause a denial of service (defect-mode transition and service outage) via crafted ICMP packets.