Product:

Simatic_s7\-1200_firmware

(Siemens)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 10
Date Id Summary Products Score Patch Annotated
2017-05-11 CVE-2017-2680 Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. Dk_standard_ethernet_controller_firmware, Ek\-Ertec_200_pn_io_firmware, Ek\-Ertec_200p_pn_io_firmware, Extension_unit_12_profinet_firmware, Extension_unit_15_profinet_firmware, Extension_unit_19_profinet_firmware, Extension_unit_22_profinet_firmware, Ie\/as\-I_link_pn_io_firmware, Ie\/pb\-Link_firmware, Pn\/pn_coupler_firmware, Scalance_m\-800_firmware, Scalance_s615_firmware, Scalance_w700_firmware, Scalance_x200_firmware, Scalance_x200_irt_firmware, Scalance_x300_firmware, Scalance_x408_firmware, Scalance_x414_firmware, Scalance_xm400_firmware, Scalance_xr500_firmware, Simatic_cm_1542\-1_firmware, Simatic_cp_1242\-7_gprs_firmware, Simatic_cp_1243\-1_dnp3_firmware, Simatic_cp_1243\-1_firmware, Simatic_cp_1243\-1_iec_firmware, Simatic_cp_1243\-1_irc_firmware, Simatic_cp_1243\-7_lte\/us_firmware, Simatic_cp_1243\-8_firmware, Simatic_cp_1542sp\-1_firmware, Simatic_cp_1542sp\-1_irc_firmware, Simatic_cp_1543\-1_firmware, Simatic_cp_1543sp\-1_firmware, Simatic_cp_1604_firmware, Simatic_cp_1616_firmware, Simatic_cp_1626_firmware, Simatic_cp_343\-1_adv_firmware, Simatic_cp_343\-1_lean_firmware, Simatic_cp_343\-1_std_firmware, Simatic_cp_443\-1_adv_firmware, Simatic_cp_443\-1_opc\-Ua_firmware, Simatic_cp_443\-1_std_firmware, Simatic_dk\-1604_pn_io_firmware, Simatic_dk\-1616_pn_io_firmware, Simatic_et_200al_firmware, Simatic_et_200ecopn_firmware, Simatic_et_200m_firmware, Simatic_et_200mp_firmware, Simatic_et_200pro_firmware, Simatic_et_200s_firmware, Simatic_et_200sp_firmware, Simatic_hmi_comfort_panels, Simatic_hmi_mobile_panels, Simatic_hmi_multi_panels, Simatic_rf650r_firmware, Simatic_rf680r_firmware, Simatic_rf685r_firmware, Simatic_s7\-1200_firmware, Simatic_s7\-1500_firmware, Simatic_s7\-1500_software_controller_firmware, Simatic_s7\-200_smart_firmware, Simatic_s7\-300_firmware, Simatic_s7\-400_firmware, Simatic_tdc_cp51m1_firmware, Simatic_tdc_cpu555_firmware, Simatic_teleservice_adapter_ie_advanced_firmware, Simatic_teleservice_adapter_ie_basic_firmware, Simatic_teleservice_adapter_ie_standard_firmware, Simatic_winac_rtx_firmware, Simocode_pro_v_profinet_firmware, Simotion_firmware, Sinamics__s110_pn_firmware, Sinamics_dcm_firmware, Sinamics_dcp_firmware, Sinamics_g110m_firmware, Sinamics_g120\(C\/p\/d\)_w\._pn_firmware, Sinamics_g130_firmware, Sinamics_g150_firmware, Sinamics_gh150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_s120_firmware, Sinamics_s150_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinamics_v90_pn_firmware, Sinumerik_828d_firmware, Sinumerik_840d_sl_firmware, Sirius_act_3su1_firmware, Sirius_motor_starter_m200d_profinet_firmware, Sirius_soft_starter_3rw44_pn_firmware, Sitop_psu8600_firmware, Softnet_profinet_io_firmware, Ups1600_profinet_firmware 6.5
2017-05-11 CVE-2017-2681 Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Dk_standard_ethernet_controller_firmware, Ek\-Ertec_200_pn_io_firmware, Ek\-Ertec_200p_pn_io_firmware, Ie\/as\-I_link_pn_io_firmware, Ie\/pb\-Link_firmware, Pn\/pn_coupler_firmware, Scalance_m\-800_firmware, Scalance_s615_firmware, Scalance_w700_firmware, Scalance_x200_firmware, Scalance_x200_irt_firmware, Scalance_x300_firmware, Scalance_x408_firmware, Scalance_x414_firmware, Scalance_xm400_firmware, Scalance_xr500_firmware, Simatic_cm_1542\-1_firmware, Simatic_cm_1542sp\-1_firmware, Simatic_cp_1243\-1_dnp3_firmware, Simatic_cp_1243\-1_firmware, Simatic_cp_1243\-1_iec_firmware, Simatic_cp_1243\-1_irc_firmware, Simatic_cp_1542sp\-1_irc_firmware, Simatic_cp_1543\-1_firmware, Simatic_cp_1543sp\-1_firmware, Simatic_cp_1604_firmware, Simatic_cp_1616_firmware, Simatic_cp_343\-1_adv_firmware, Simatic_cp_343\-1_lean_firmware, Simatic_cp_343\-1_std_firmware, Simatic_cp_443\-1_adv_firmware, Simatic_cp_443\-1_opc\-Ua_firmware, Simatic_cp_443\-1_std_firmware, Simatic_dk\-16xx_pn_io_firmware, Simatic_et_200al_firmware, Simatic_et_200ecopn_firmware, Simatic_et_200m_firmware, Simatic_et_200mp_firmware, Simatic_et_200pro_firmware, Simatic_et_200s_firmware, Simatic_et_200sp_firmware, Simatic_hmi_comfort_panels, Simatic_hmi_mobile_panels, Simatic_hmi_multi_panels, Simatic_rf650r_firmware, Simatic_rf680r_firmware, Simatic_rf685r_firmware, Simatic_s7\-1200_firmware, Simatic_s7\-1500_firmware, Simatic_s7\-1500_software_controller, Simatic_s7\-200_smart_firmware, Simatic_s7\-300_firmware, Simatic_s7\-400_firmware, Simatic_tdc_cp51m1_firmware, Simatic_tdc_cpu555_firmware, Simatic_teleservice_adapter_ie_advanced_modem_firmware, Simatic_teleservice_adapter_ie_basic_modem_firmware, Simatic_teleservice_adapter_standard_modem_firmware, Simatic_winac_rtx_firmware, Simocode_pro_v_profinet_firmware, Simotion_firmware, Sinamics_dcm_firmware, Sinamics_dcp_firmware, Sinamics_g110m_firmware, Sinamics_g120\(C\/p\/d\)_pn_firmware, Sinamics_g130_firmware, Sinamics_g150_firmware, Sinamics_s110_pn_firmware, Sinamics_s120_firmware, Sinamics_s150_firmware, Sinamics_v90_pn_firmware, Sinumerik_828d_firmware, Sinumerik_840d_sl_firmware, Sirius_act_3su1_firmware, Sirius_motor_starter_m200d_profinet_firmware, Sirius_soft_starter_3rw44_pn_firmware, Sitop_psu8600_firmware, Softnet_profinet_io_firmware, Ups1600_profinet_firmware 6.5
2021-07-13 CVE-2020-28400 Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. Dk_standard_ethernet_controller_evaluation_kit_firmware, Ek\-Ertec_200_evaulation_kit_firmware, Ek\-Ertec_200p_evaluation_kit_firmware, Ruggedcom_rm1224_firmware, Scalance_m\-800_firmware, Scalance_s615_firmware, Scalance_w1700_firmware, Scalance_w700_firmware, Scalance_x200\-4_p_irt_firmware, Scalance_x201\-3p_irt_firmware, Scalance_x201\-3p_irt_pro_firmware, Scalance_x202\-2_irt_firmware, Scalance_x202\-2p_irt_pro_firmware, Scalance_x204\-2_firmware, Scalance_x204\-2fm_firmware, Scalance_x204\-2ld_firmware, Scalance_x204\-2ld_ts_firmware, Scalance_x204\-2ts_firmware, Scalance_x204_irt_firmware, Scalance_x204_irt_pro_firmware, Scalance_x206\-1_firmware, Scalance_x206\-1ld_firmware, Scalance_x208_firmware, Scalance_x208pro_firmware, Scalance_x212\-2_firmware, Scalance_x212\-2ld_firmware, Scalance_x216_firmware, Scalance_x224_firmware, Scalance_x302\-7eec_firmware, Scalance_x304\-2fe_firmware, Scalance_x306\-1ldfe_firmware, Scalance_x307\-2eec_firmware, Scalance_x307\-3_firmware, Scalance_x307\-3ld_firmware, Scalance_x308\-2_firmware, Scalance_x308\-2ld_firmware, Scalance_x308\-2lh\+_firmware, Scalance_x308\-2lh_firmware, Scalance_x308\-2m_firmware, Scalance_x308\-2m_poe_firmware, Scalance_x308\-2m_ts_firmware, Scalance_x310_firmware, Scalance_x310fe_firmware, Scalance_x320\-1fe_firmware, Scalance_x320\-3ldfe_firmware, Scalance_xb\-200_firmware, Scalance_xc\-200_firmware, Scalance_xf201\-3p_irt_firmware, Scalance_xf202\-2p_irt_firmware, Scalance_xf204\-2_firmware, Scalance_xf204\-2ba_irt_firmware, Scalance_xf204_firmware, Scalance_xf204_irt_firmware, Scalance_xf206\-1_firmware, Scalance_xf208_firmware, Scalance_xf\-200ba_firmware, Scalance_xm400_firmware, Scalance_xp\-200_firmware, Scalance_xr324\-12m_firmware, Scalance_xr324\-12m_ts_firmware, Scalance_xr324\-4m_eec_firmware, Scalance_xr324\-4m_poe_firmware, Scalance_xr324\-4m_poe_ts_firmware, Scalance_xr500_firmware, Scalance_xr\-300wg_firmware, Simatic_cfu_pa_firmware, Simatic_ie\/pb\-Link_v3_firmware, Simatic_mv500_firmware, Simatic_net_cm_1542\-1_firmware, Simatic_net_cp1604_firmware, Simatic_net_cp1616_firmware, Simatic_net_cp1626_firmware, Simatic_net_dk\-16xx_pn_io, Simatic_power_line_booster_plb_firmware, Simatic_profinet_driver_firmware, Simatic_s7\-1200_firmware, Simocode_prov_ethernet\/ip_firmware, Simocode_prov_profinet_firmware, Softnet\-Ie_pnio_firmware 7.5
2017-12-26 CVE-2017-12741 A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SIMATIC Compact Field Unit, SIMATIC ET200AL, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants), SIMATIC... Dk_standard_ethernet_controller_firmware, Ek\-Ertec_200p_firmware, Ek\-Ertec_200pn_io_firmware, Simatic_compact_field_unit_firmware, Simatic_et_200al_firmware, Simatic_et_200ecopn_firmware, Simatic_et_200m_firmware, Simatic_et_200mp_firmware, Simatic_et_200pro_firmware, Simatic_et_200s_firmware, Simatic_et_200sp_firmware, Simatic_pn\/pn_coupler_firmware, Simatic_s7\-1200_firmware, Simatic_s7\-1500_controller_firmware, Simatic_s7\-1500_firmware, Simatic_s7\-200_firmware, Simatic_s7\-300_firmware, Simatic_s7\-400h_v6_firmware, Simatic_s7\-400pn\/dp_v7_firmware, Simatic_s7\-400pn_v6_firmware, Simatic_s7\-410_v8_firmware, Simatic_winac_rtx_f_2010_firmware, Simocode_pro_v_profinet_firmware, Simotion_c_firmware, Simotion_d_firmware, Simotion_p_firmware, Sinamics_dcm_firmware, Sinamics_dcp_firmware, Sinamics_g110m\/g120pn_firmware, Sinamics_g130_firmware, Sinamics_g150_firmware, Sinamics_s110pn_firmware, Sinamics_s120_firmware, Sinamics_s150_v4\.7_firmware, Sinamics_s150_v4\.8_firmware, Sinamics_v90pn_firmware, Sinumerik_840d_sl_firmware, Sirius_soft_starter_3rw44pn_firmware 7.5
2012-10-10 CVE-2012-3040 Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. Simatic_s7\-1200_cpu_1211c_firmware, Simatic_s7\-1200_cpu_1212c_firmware, Simatic_s7\-1200_cpu_1212fc_firmware, Simatic_s7\-1200_cpu_1214_fc_firmware, Simatic_s7\-1200_cpu_1214c_firmware, Simatic_s7\-1200_cpu_1215_fc_firmware, Simatic_s7\-1200_cpu_1215c_firmware, Simatic_s7\-1200_cpu_1217c_firmware, Simatic_s7\-1200_firmware N/A
2012-09-25 CVE-2012-3037 The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate. Simatic_s7\-1200_cpu_1211c_firmware, Simatic_s7\-1200_cpu_1212c_firmware, Simatic_s7\-1200_cpu_1212fc_firmware, Simatic_s7\-1200_cpu_1214_fc_firmware, Simatic_s7\-1200_cpu_1214c_firmware, Simatic_s7\-1200_cpu_1215_fc_firmware, Simatic_s7\-1200_cpu_1215c_firmware, Simatic_s7\-1200_cpu_1217c_firmware, Simatic_s7\-1200_firmware N/A
2013-04-22 CVE-2013-2780 Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port). Simatic_s7\-1200_cpu_1211c_firmware, Simatic_s7\-1200_cpu_1212c_firmware, Simatic_s7\-1200_cpu_1212fc_firmware, Simatic_s7\-1200_cpu_1214_fc_firmware, Simatic_s7\-1200_cpu_1214c_firmware, Simatic_s7\-1200_cpu_1215_fc_firmware, Simatic_s7\-1200_cpu_1215c_firmware, Simatic_s7\-1200_cpu_1217c_firmware, Simatic_s7\-1200_firmware N/A
2013-04-22 CVE-2013-0700 Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port). Simatic_s7\-1200_cpu_1211c_firmware, Simatic_s7\-1200_cpu_1212c_firmware, Simatic_s7\-1200_cpu_1212fc_firmware, Simatic_s7\-1200_cpu_1214_fc_firmware, Simatic_s7\-1200_cpu_1214c_firmware, Simatic_s7\-1200_cpu_1215_fc_firmware, Simatic_s7\-1200_cpu_1215c_firmware, Simatic_s7\-1200_cpu_1217c_firmware, Simatic_s7\-1200_firmware N/A
2019-12-12 CVE-2019-13945 A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family < V4.x (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family V4.x (incl. SIPLUS variants) (All versions with Function State (FS) < 11), SIMATIC S7-200 SMART CPU CR20s (6ES7 288-1CR20-0AA1) (All versions <= V2.3.0 and Function State (FS) <= 3), SIMATIC S7-200 SMART CPU CR30s (6ES7 288-1CR30-0AA1) (All versions <= V2.3.0 and Function State (FS) <=... S7\-200_smart_firmware, Simatic_s7\-1200_firmware N/A
2018-12-13 CVE-2018-13815 A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a... Simatic_s7\-1200_firmware, Simatic_s7\-1500_firmware 7.5