Simatic_s7\-1500_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Simatic_s7\-1500_firmware
(Siemens)

Repositories	git://git.openssl.org/openssl.git
#Vulnerabilities	13

Date	Id	Summary	Products	Score	Patch	Annotated
2017-05-11	CVE-2017-2680	Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.	Dk_standard_ethernet_controller_firmware, Ek\-Ertec_200_pn_io_firmware, Ek\-Ertec_200p_pn_io_firmware, Extension_unit_12_profinet_firmware, Extension_unit_15_profinet_firmware, Extension_unit_19_profinet_firmware, Extension_unit_22_profinet_firmware, Ie\/as\-I_link_pn_io_firmware, Ie\/pb\-Link_firmware, Pn\/pn_coupler_firmware, Scalance_m\-800_firmware, Scalance_s615_firmware, Scalance_w700_firmware, Scalance_x200_firmware, Scalance_x200_irt_firmware, Scalance_x300_firmware, Scalance_x408_firmware, Scalance_x414_firmware, Scalance_xm400_firmware, Scalance_xr500_firmware, Simatic_cm_1542\-1_firmware, Simatic_cp_1242\-7_gprs_firmware, Simatic_cp_1243\-1_dnp3_firmware, Simatic_cp_1243\-1_firmware, Simatic_cp_1243\-1_iec_firmware, Simatic_cp_1243\-1_irc_firmware, Simatic_cp_1243\-7_lte\/us_firmware, Simatic_cp_1243\-8_firmware, Simatic_cp_1542sp\-1_firmware, Simatic_cp_1542sp\-1_irc_firmware, Simatic_cp_1543\-1_firmware, Simatic_cp_1543sp\-1_firmware, Simatic_cp_1604_firmware, Simatic_cp_1616_firmware, Simatic_cp_1626_firmware, Simatic_cp_343\-1_adv_firmware, Simatic_cp_343\-1_lean_firmware, Simatic_cp_343\-1_std_firmware, Simatic_cp_443\-1_adv_firmware, Simatic_cp_443\-1_opc\-Ua_firmware, Simatic_cp_443\-1_std_firmware, Simatic_dk\-1604_pn_io_firmware, Simatic_dk\-1616_pn_io_firmware, Simatic_et_200al_firmware, Simatic_et_200ecopn_firmware, Simatic_et_200m_firmware, Simatic_et_200mp_firmware, Simatic_et_200pro_firmware, Simatic_et_200s_firmware, Simatic_et_200sp_firmware, Simatic_hmi_comfort_panels, Simatic_hmi_mobile_panels, Simatic_hmi_multi_panels, Simatic_rf650r_firmware, Simatic_rf680r_firmware, Simatic_rf685r_firmware, Simatic_s7\-1200_firmware, Simatic_s7\-1500_firmware, Simatic_s7\-1500_software_controller_firmware, Simatic_s7\-200_smart_firmware, Simatic_s7\-300_firmware, Simatic_s7\-400_firmware, Simatic_tdc_cp51m1_firmware, Simatic_tdc_cpu555_firmware, Simatic_teleservice_adapter_ie_advanced_firmware, Simatic_teleservice_adapter_ie_basic_firmware, Simatic_teleservice_adapter_ie_standard_firmware, Simatic_winac_rtx_firmware, Simocode_pro_v_profinet_firmware, Simotion_firmware, Sinamics__s110_pn_firmware, Sinamics_dcm_firmware, Sinamics_dcp_firmware, Sinamics_g110m_firmware, Sinamics_g120\(C\/p\/d\)_w\._pn_firmware, Sinamics_g130_firmware, Sinamics_g150_firmware, Sinamics_gh150_firmware, Sinamics_gl150_firmware, Sinamics_gm150_firmware, Sinamics_s120_firmware, Sinamics_s150_firmware, Sinamics_sl150_firmware, Sinamics_sm120_firmware, Sinamics_v90_pn_firmware, Sinumerik_828d_firmware, Sinumerik_840d_sl_firmware, Sirius_act_3su1_firmware, Sirius_motor_starter_m200d_profinet_firmware, Sirius_soft_starter_3rw44_pn_firmware, Sitop_psu8600_firmware, Softnet_profinet_io_firmware, Ups1600_profinet_firmware	6.5
2017-05-11	CVE-2017-2681	Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices.	Dk_standard_ethernet_controller_firmware, Ek\-Ertec_200_pn_io_firmware, Ek\-Ertec_200p_pn_io_firmware, Ie\/as\-I_link_pn_io_firmware, Ie\/pb\-Link_firmware, Pn\/pn_coupler_firmware, Scalance_m\-800_firmware, Scalance_s615_firmware, Scalance_w700_firmware, Scalance_x200_firmware, Scalance_x200_irt_firmware, Scalance_x300_firmware, Scalance_x408_firmware, Scalance_x414_firmware, Scalance_xm400_firmware, Scalance_xr500_firmware, Simatic_cm_1542\-1_firmware, Simatic_cm_1542sp\-1_firmware, Simatic_cp_1243\-1_dnp3_firmware, Simatic_cp_1243\-1_firmware, Simatic_cp_1243\-1_iec_firmware, Simatic_cp_1243\-1_irc_firmware, Simatic_cp_1542sp\-1_irc_firmware, Simatic_cp_1543\-1_firmware, Simatic_cp_1543sp\-1_firmware, Simatic_cp_1604_firmware, Simatic_cp_1616_firmware, Simatic_cp_343\-1_adv_firmware, Simatic_cp_343\-1_lean_firmware, Simatic_cp_343\-1_std_firmware, Simatic_cp_443\-1_adv_firmware, Simatic_cp_443\-1_opc\-Ua_firmware, Simatic_cp_443\-1_std_firmware, Simatic_dk\-16xx_pn_io_firmware, Simatic_et_200al_firmware, Simatic_et_200ecopn_firmware, Simatic_et_200m_firmware, Simatic_et_200mp_firmware, Simatic_et_200pro_firmware, Simatic_et_200s_firmware, Simatic_et_200sp_firmware, Simatic_hmi_comfort_panels, Simatic_hmi_mobile_panels, Simatic_hmi_multi_panels, Simatic_rf650r_firmware, Simatic_rf680r_firmware, Simatic_rf685r_firmware, Simatic_s7\-1200_firmware, Simatic_s7\-1500_firmware, Simatic_s7\-1500_software_controller, Simatic_s7\-200_smart_firmware, Simatic_s7\-300_firmware, Simatic_s7\-400_firmware, Simatic_tdc_cp51m1_firmware, Simatic_tdc_cpu555_firmware, Simatic_teleservice_adapter_ie_advanced_modem_firmware, Simatic_teleservice_adapter_ie_basic_modem_firmware, Simatic_teleservice_adapter_standard_modem_firmware, Simatic_winac_rtx_firmware, Simocode_pro_v_profinet_firmware, Simotion_firmware, Sinamics_dcm_firmware, Sinamics_dcp_firmware, Sinamics_g110m_firmware, Sinamics_g120\(C\/p\/d\)_pn_firmware, Sinamics_g130_firmware, Sinamics_g150_firmware, Sinamics_s110_pn_firmware, Sinamics_s120_firmware, Sinamics_s150_firmware, Sinamics_v90_pn_firmware, Sinumerik_828d_firmware, Sinumerik_840d_sl_firmware, Sirius_act_3su1_firmware, Sirius_motor_starter_m200d_profinet_firmware, Sirius_soft_starter_3rw44_pn_firmware, Sitop_psu8600_firmware, Softnet_profinet_io_firmware, Ups1600_profinet_firmware	6.5
2017-12-26	CVE-2017-12741	A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SIMATIC Compact Field Unit, SIMATIC ET200AL, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants), SIMATIC...	Dk_standard_ethernet_controller_firmware, Ek\-Ertec_200p_firmware, Ek\-Ertec_200pn_io_firmware, Simatic_compact_field_unit_firmware, Simatic_et_200al_firmware, Simatic_et_200ecopn_firmware, Simatic_et_200m_firmware, Simatic_et_200mp_firmware, Simatic_et_200pro_firmware, Simatic_et_200s_firmware, Simatic_et_200sp_firmware, Simatic_pn\/pn_coupler_firmware, Simatic_s7\-1200_firmware, Simatic_s7\-1500_controller_firmware, Simatic_s7\-1500_firmware, Simatic_s7\-200_firmware, Simatic_s7\-300_firmware, Simatic_s7\-400h_v6_firmware, Simatic_s7\-400pn\/dp_v7_firmware, Simatic_s7\-400pn_v6_firmware, Simatic_s7\-410_v8_firmware, Simatic_winac_rtx_f_2010_firmware, Simocode_pro_v_profinet_firmware, Simotion_c_firmware, Simotion_d_firmware, Simotion_p_firmware, Sinamics_dcm_firmware, Sinamics_dcp_firmware, Sinamics_g110m\/g120pn_firmware, Sinamics_g130_firmware, Sinamics_g150_firmware, Sinamics_s110pn_firmware, Sinamics_s120_firmware, Sinamics_s150_v4\.7_firmware, Sinamics_s150_v4\.8_firmware, Sinamics_v90pn_firmware, Sinumerik_840d_sl_firmware, Sirius_soft_starter_3rw44pn_firmware	7.5
2018-05-22	CVE-2018-3639	Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.	Cortex\-A, Ubuntu_linux, Debian_linux, Atom_c, Atom_e, Atom_x5\-E3930, Atom_x5\-E3940, Atom_x7\-E3950, Atom_z, Celeron_j, Celeron_n, Core_i3, Core_i5, Core_i7, Core_m, Pentium, Pentium_j, Pentium_silver, Xeon_e3, Xeon_e3_1105c_v2, Xeon_e3_1125c_v2, Xeon_e3_12201, Xeon_e3_12201_v2, Xeon_e3_1220_v2, Xeon_e3_1220_v3, Xeon_e3_1220_v5, Xeon_e3_1220_v6, Xeon_e3_1220l_v3, Xeon_e3_1225, Xeon_e3_1225_v2, Xeon_e3_1225_v3, Xeon_e3_1225_v5, Xeon_e3_1225_v6, Xeon_e3_1226_v3, Xeon_e3_1230, Xeon_e3_1230_v2, Xeon_e3_1230_v3, Xeon_e3_1230_v5, Xeon_e3_1230_v6, Xeon_e3_1230l_v3, Xeon_e3_1231_v3, Xeon_e3_1235, Xeon_e3_1235l_v5, Xeon_e3_1240, Xeon_e3_1240_v2, Xeon_e3_1240_v3, Xeon_e3_1240_v5, Xeon_e3_1240_v6, Xeon_e3_1240l_v3, Xeon_e3_1240l_v5, Xeon_e3_1241_v3, Xeon_e3_1245, Xeon_e3_1245_v2, Xeon_e3_1245_v3, Xeon_e3_1245_v5, Xeon_e3_1245_v6, Xeon_e3_1246_v3, Xeon_e3_1258l_v4, Xeon_e3_1260l, Xeon_e3_1260l_v5, Xeon_e3_1265l_v2, Xeon_e3_1265l_v3, Xeon_e3_1265l_v4, Xeon_e3_1268l_v3, Xeon_e3_1268l_v5, Xeon_e3_1270, Xeon_e3_1270_v2, Xeon_e3_1270_v3, Xeon_e3_1270_v5, Xeon_e3_1270_v6, Xeon_e3_1271_v3, Xeon_e3_1275_v2, Xeon_e3_1275_v3, Xeon_e3_1275_v5, Xeon_e3_1275_v6, Xeon_e3_1275l_v3, Xeon_e3_1276_v3, Xeon_e3_1278l_v4, Xeon_e3_1280, Xeon_e3_1280_v2, Xeon_e3_1280_v3, Xeon_e3_1280_v5, Xeon_e3_1280_v6, Xeon_e3_1281_v3, Xeon_e3_1285_v3, Xeon_e3_1285_v4, Xeon_e3_1285_v6, Xeon_e3_1285l_v3, Xeon_e3_1285l_v4, Xeon_e3_1286_v3, Xeon_e3_1286l_v3, Xeon_e3_1290, Xeon_e3_1290_v2, Xeon_e3_1501l_v6, Xeon_e3_1501m_v6, Xeon_e3_1505l_v5, Xeon_e3_1505l_v6, Xeon_e3_1505m_v5, Xeon_e5, Xeon_e5_1428l, Xeon_e5_1428l_v2, Xeon_e5_1428l_v3, Xeon_e5_1620, Xeon_e5_1620_v2, Xeon_e5_1620_v3, Xeon_e5_1620_v4, Xeon_e5_1630_v3, Xeon_e5_1630_v4, Xeon_e5_1650, Xeon_e5_1650_v2, Xeon_e5_1650_v3, Xeon_e5_1650_v4, Xeon_e5_1660, Xeon_e5_1660_v2, Xeon_e5_1660_v3, Xeon_e5_1660_v4, Xeon_e5_1680_v3, Xeon_e5_1680_v4, Xeon_e5_2403, Xeon_e5_2403_v2, Xeon_e5_2407, Xeon_e5_2407_v2, Xeon_e5_2408l_v3, Xeon_e5_2418l, Xeon_e5_2418l_v2, Xeon_e5_2418l_v3, Xeon_e5_2420, Xeon_e5_2420_v2, Xeon_e5_2428l, Xeon_e5_2428l_v2, Xeon_e5_2428l_v3, Xeon_e5_2430, Xeon_e5_2430_v2, Xeon_e5_2430l, Xeon_e5_2430l_v2, Xeon_e5_2438l_v3, Xeon_e5_2440, Xeon_e5_2440_v2, Xeon_e5_2448l, Xeon_e5_2448l_v2, Xeon_e5_2450, Xeon_e5_2450_v2, Xeon_e5_2450l, Xeon_e5_2450l_v2, Xeon_e5_2470, Xeon_e5_2470_v2, Xeon_e5_2603, Xeon_e5_2603_v2, Xeon_e5_2603_v3, Xeon_e5_2603_v4, Xeon_e5_2608l_v3, Xeon_e5_2608l_v4, Xeon_e5_2609, Xeon_e5_2609_v2, Xeon_e5_2609_v3, Xeon_e5_2609_v4, Xeon_e5_2618l_v2, Xeon_e5_2618l_v3, Xeon_e5_2618l_v4, Xeon_e5_2620, Xeon_e5_2620_v2, Xeon_e5_2620_v3, Xeon_e5_2620_v4, Xeon_e5_2623_v3, Xeon_e5_2623_v4, Xeon_e5_2628l_v2, Xeon_e5_2628l_v3, Xeon_e5_2628l_v4, Xeon_e5_2630, Xeon_e5_2630_v2, Xeon_e5_2630_v3, Xeon_e5_2630_v4, Xeon_e5_2630l, Xeon_e5_2630l_v2, Xeon_e5_2630l_v3, Xeon_e5_2630l_v4, Xeon_e5_2637, Xeon_e5_2637_v2, Xeon_e5_2637_v3, Xeon_e5_2637_v4, Xeon_e5_2640, Xeon_e5_2640_v2, Xeon_e5_2640_v3, Xeon_e5_2640_v4, Xeon_e5_2643, Xeon_e5_2643_v2, Xeon_e5_2643_v3, Xeon_e5_2643_v4, Xeon_e5_2648l, Xeon_e5_2648l_v2, Xeon_e5_2648l_v3, Xeon_e5_2648l_v4, Xeon_e5_2650, Xeon_e5_2650_v2, Xeon_e5_2650_v3, Xeon_e5_2650_v4, Xeon_e5_2650l, Xeon_e5_2650l_v2, Xeon_e5_2650l_v3, Xeon_e7, Xeon_e\-1105c, Xeon_gold, Xeon_platinum, Xeon_silver, Surface, Surface_book, Surface_pro, Surface_pro_with_lte_advanced, Surface_studio, Windows_10, Windows_7, Windows_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Micloud_management_portal, Micollab, Mivoic_mx\-One, Mivoice_5000, Mivoice_border_gateway, Mivoice_business, Mivoice_connect, Open_integration_gateway, Jetson_tx1, Jetson_tx2, Local_service_management_system, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Mrg_realtime, Openstack, Virtualization, Virtualization_manager, Struxureware_data_center_expert, Itc1500_firmware, Itc1500_pro_firmware, Itc1900_firmware, Itc1900_pro_firmware, Itc2200_firmware, Itc2200_pro_firmware, Ruggedcom_ape_firmware, Simatic_et_200_sp_firmware, Simatic_field_pg_m4_firmware, Simatic_field_pg_m5_firmware, Simatic_ipc3000_smart_firmware, Simatic_ipc347e_firmware, Simatic_ipc427c_firmware, Simatic_ipc427d_firmware, Simatic_ipc427e_firmware, Simatic_ipc477c_firmware, Simatic_ipc477d_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc547e_firmware, Simatic_ipc547g_firmware, Simatic_ipc627c_firmware, Simatic_ipc627d_firmware, Simatic_ipc647c_firmware, Simatic_ipc647d_firmware, Simatic_ipc677c_firmware, Simatic_ipc677d_firmware, Simatic_ipc827c_firmware, Simatic_ipc827d_firmware, Simatic_ipc847c_firmware, Simatic_ipc847d_firmware, Simatic_itp1000_firmware, Simatic_s7\-1500_firmware, Simotion_p320\-4e_firmware, Sinema_remote_connect_firmware, Sinumerik_840_d_sl_firmware, Sinumerik_pcu_50\.5_firmware, Sinumerik_tcu_30\.3_firmware, Cloud_global_management_system, Email_security, Global_management_system, Secure_mobile_access, Sonicosv, Web_application_firewall	5.5
2018-12-13	CVE-2018-13815	A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a...	Simatic_s7\-1200_firmware, Simatic_s7\-1500_firmware	7.5
2019-04-17	CVE-2018-16559	A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and...	Simatic_s7\-1500_firmware	7.5
2019-04-17	CVE-2018-16558	A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and...	Simatic_s7\-1500_firmware	7.5
2018-10-10	CVE-2018-13805	A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 incl. F (All versions >= V2.0 and < V2.5). An attacker can cause a denial-of-service condition on the network stack by sending a large number of specially crafted packets to the PLC. The PLC will lose its ability to communicate over the network. This vulnerability could be exploited by an attacker...	Simatic_et_200sp_firmware, Simatic_s7\-1500_firmware, Simatic_s7\-1500f_firmware	7.5