本ページは siemens simatic_s7-1500_software_controller_firmware に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-46156 | Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations. | [email protected] | 7.5 | 1.24% | 2023-12-12 | 2026-06-17 |
| CVE-2023-28831 | The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. | [email protected] | 8.7 | 0.82% | 2023-09-12 | 2026-06-17 |
| CVE-2021-44695 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. | [email protected] | 4.9 | 0.72% | 2022-12-13 | 2026-06-17 |
| CVE-2021-44694 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. | [email protected] | 5.5 | 0.62% | 2022-12-13 | 2026-06-17 |
| CVE-2021-44693 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. | [email protected] | 4.9 | 0.72% | 2022-12-13 | 2026-06-17 |
| CVE-2021-40365 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. | [email protected] | 7.5 | 0.87% | 2022-12-13 | 2026-06-17 |
| CVE-2020-15796 | A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a specially crafted HTTP request. | [email protected] | 7.5 | 1.59% | 2020-12-14 | 2026-06-16 |
| CVE-2017-2680 | Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. | [email protected] | 7.1 | 1.15% | 2017-05-10 | 2026-06-16 |