← Back

Sinamics S120 Firmware

sinamics_s120_firmware

Vendor: Siemens • 8 CVEs

CVEs (8)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-47375
1Siemens
96ag1414 3em07 7ab0 Firmware
6ag1416 3es07 7ab0 Firmware6es7412 2ek07 0ab0 Firmware+6 more
Nov 21, 2024
Dec 12, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All vers...Show more
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly. This could allow an attacker to create a buffer overflow and create a denial of service condition for the device.Show less
CVE-2022-47374
1Siemens
96ag1414 3em07 7ab0 Firmware
6ag1416 3es07 7ab0 Firmware6es7412 2ek07 0ab0 Firmware+6 more
Nov 21, 2024
Dec 12, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All vers...Show more
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly. This could allow an attacker to exhaust system resources and create a denial of service condition for the device.Show less
CVE-2019-10936
1Siemens
66Dk Standard Ethernet Controller Firmware
Ek Ertec 200 FirmwareEk Ertec 200p Firmware+63 more
Nov 21, 2024
Oct 10, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.
CVE-2019-10923
1Siemens
40Cp1604 Firmware
Cp1616 FirmwareDk Standard Ethernet Controller Firmware+37 more
Nov 21, 2024
Oct 10, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.
CVE-2019-6568
1Siemens
53Cp1604 Firmware
Cp1616 FirmwareSimatic Cp343 1 Advanced Firmware+50 more
Nov 21, 2024
Apr 17, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affect...Show more
The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.Show less
CVE-2017-12741
1Siemens
38Dk Standard Ethernet Controller Firmware
Ek Ertec 200p FirmwareEk Ertec 200pn Io Firmware+35 more
May 13, 2026
Dec 26, 2017
8.7 HIGH· v4
7.5 HIGH· v3
7.8 HIGH· v2
Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.
CVE-2017-2681
1Siemens
79Dk Standard Ethernet Controller Firmware
Ek Ertec 200 Pn Io FirmwareEk Ertec 200p Pn Io Firmware+76 more
May 13, 2026
May 11, 2017
7.1 HIGH· v4
6.5 MEDIUM· v3
6.1 MEDIUM· v2
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PRO...Show more
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.Show less
CVE-2017-2680
1Siemens
93Dk Standard Ethernet Controller Firmware
Ek Ertec 200 Pn Io FirmwareEk Ertec 200p Pn Io Firmware+90 more
May 13, 2026
May 11, 2017
7.1 HIGH· v4
6.5 MEDIUM· v3
6.1 MEDIUM· v2
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interf...Show more
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.Show less