Filtered by vendor Siemens Subscriptions
Filtered by product Simatic Cp 343-1 Lean Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-51440 1 Siemens 8 Simatic Cp 343-1, Simatic Cp 343-1 Firmware, Simatic Cp 343-1 Lean and 5 more 2024-12-16 7.5 High
A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) (All versions). Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets.
CVE-2021-33737 1 Siemens 12 Simatic Cp343-1, Simatic Cp343-1 Advanced, Simatic Cp 343-1 Advanced Firmware and 9 more 2024-11-21 7.5 High
A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations.
CVE-2019-13946 1 Siemens 101 Dk Standard Ethernet Controller, Ek-ertec 200, Ek-ertec 200 Firmware and 98 more 2024-11-21 7.5 High
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.
CVE-2017-2681 1 Siemens 155 Dk Standard Ethernet Controller, Dk Standard Ethernet Controller Firmware, Ek-ertec 200 Pn Io and 152 more 2024-11-21 6.5 Medium
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.
CVE-2017-2680 1 Siemens 183 S110 Pn, Dk Standard Ethernet Controller, Dk Standard Ethernet Controller Firmware and 180 more 2024-11-21 6.5 Medium
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.