cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2020-28400,https://securityvulnerability.io/vulnerability/CVE-2020-28400,,Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.,Siemens,"Development/evaluation Kits For Profinet Io: Dk Standard Ethernet Controller,Development/evaluation Kits For Profinet Io: Ek-ertec 200,Development/evaluation Kits For Profinet Io: Ek-ertec 200p,Ruggedcom Rm1224 Lte(4g) Eu,Ruggedcom Rm1224 Lte(4g) Nam,Scalance M804pb,Scalance M812-1 Adsl-router,Scalance M816-1 Adsl-router,Scalance M826-2 Shdsl-router,Scalance M874-2,Scalance M874-3,Scalance M874-3 3g-router (cn),Scalance M876-3,Scalance M876-3 (rok),Scalance M876-4,Scalance M876-4 (eu),Scalance M876-4 (nam),Scalance Mum853-1 (a1),Scalance Mum853-1 (b1),Scalance Mum853-1 (eu),Scalance Mum856-1 (a1),Scalance Mum856-1 (b1),Scalance Mum856-1 (cn),Scalance Mum856-1 (eu),Scalance Mum856-1 (row),Scalance S615 Eec Lan-router,Scalance S615 Lan-router,Scalance W1748-1 M12,Scalance W1788-1 M12,Scalance W1788-2 Eec M12,Scalance W1788-2 M12,Scalance W1788-2ia M12,Scalance W721-1 Rj45,Scalance W722-1 Rj45,Scalance W734-1 Rj45,Scalance W734-1 Rj45 (usa),Scalance W738-1 M12,Scalance W748-1 M12,Scalance W748-1 Rj45,Scalance W761-1 Rj45,Scalance W774-1 M12 Eec,Scalance W774-1 Rj45,Scalance W774-1 Rj45 (usa),Scalance W778-1 M12,Scalance W778-1 M12 Eec,Scalance W778-1 M12 Eec (usa),Scalance W786-1 Rj45,Scalance W786-2 Rj45,Scalance W786-2 Sfp,Scalance W786-2ia Rj45,Scalance W788-1 M12,Scalance W788-1 Rj45,Scalance W788-2 M12,Scalance W788-2 M12 Eec,Scalance W788-2 Rj45,Scalance X200-4p Irt,Scalance X201-3p Irt,Scalance X201-3p Irt Pro,Scalance X202-2irt,Scalance X202-2p Irt,Scalance X202-2p Irt Pro,Scalance X204-2,Scalance X204-2fm,Scalance X204-2ld,Scalance X204-2ld Ts,Scalance X204-2ts,Scalance X204irt,Scalance X204irt Pro,Scalance X206-1,Scalance X206-1ld,Scalance X208,Scalance X208pro,Scalance X212-2,Scalance X212-2ld,Scalance X216,Scalance X224,Scalance X302-7 Eec (230v, Coated),Scalance X302-7 Eec (230v),Scalance X302-7 Eec (24v, Coated),Scalance X302-7 Eec (24v),Scalance X302-7 Eec (2x 230v, Coated),Scalance X302-7 Eec (2x 230v),Scalance X302-7 Eec (2x 24v, Coated),Scalance X302-7 Eec (2x 24v),Scalance X304-2fe,Scalance X306-1ld Fe,Scalance X307-2 Eec (230v, Coated),Scalance X307-2 Eec (230v),Scalance X307-2 Eec (24v, Coated),Scalance X307-2 Eec (24v),Scalance X307-2 Eec (2x 230v, Coated),Scalance X307-2 Eec (2x 230v),Scalance X307-2 Eec (2x 24v, Coated),Scalance X307-2 Eec (2x 24v),Scalance X307-3,Scalance X307-3ld,Scalance X308-2,Scalance X308-2ld,Scalance X308-2lh,Scalance X308-2lh+,Scalance X308-2m,Scalance X308-2m Poe,Scalance X308-2m Ts,Scalance X310,Scalance X310fe,Scalance X320-1 Fe,Scalance X320-1-2ld Fe,Scalance X408-2,Scalance Xb205-3 (sc, Pn),Scalance Xb205-3 (st, E/ip),Scalance Xb205-3 (st, Pn),Scalance Xb205-3ld (sc, E/ip),Scalance Xb205-3ld (sc, Pn),Scalance Xb208 (e/ip),Scalance Xb208 (pn),Scalance Xb213-3 (sc, E/ip),Scalance Xb213-3 (sc, Pn),Scalance Xb213-3 (st, E/ip),Scalance Xb213-3 (st, Pn),Scalance Xb213-3ld (sc, E/ip),Scalance Xb213-3ld (sc, Pn),Scalance Xb216 (e/ip),Scalance Xb216 (pn),Scalance Xc206-2 (sc),Scalance Xc206-2 (st/bfoc),Scalance Xc206-2g Poe,Scalance Xc206-2g Poe (54 V Dc),Scalance Xc206-2g Poe Eec (54 V Dc),Scalance Xc206-2sfp,Scalance Xc206-2sfp Eec,Scalance Xc206-2sfp G,Scalance Xc206-2sfp G (eip Def.),Scalance Xc206-2sfp G Eec,Scalance Xc208,Scalance Xc208eec,Scalance Xc208g,Scalance Xc208g (eip Def.),Scalance Xc208g Eec,Scalance Xc208g Poe,Scalance Xc208g Poe (54 V Dc),Scalance Xc216,Scalance Xc216-3g Poe,Scalance Xc216-3g Poe (54 V Dc),Scalance Xc216-4c,Scalance Xc216-4c G,Scalance Xc216-4c G (eip Def.),Scalance Xc216-4c G Eec,Scalance Xc216eec,Scalance Xc224,Scalance Xc224-4c G,Scalance Xc224-4c G (eip Def.),Scalance Xc224-4c G Eec,Scalance Xf201-3p Irt,Scalance Xf202-2p Irt,Scalance Xf204,Scalance Xf204 Dna,Scalance Xf204-2,Scalance Xf204-2ba,Scalance Xf204-2ba Dna,Scalance Xf204-2ba Irt,Scalance Xf204irt,Scalance Xf206-1,Scalance Xf208,Scalance Xm408-4c,Scalance Xm408-4c (l3 Int.),Scalance Xm408-8c,Scalance Xm408-8c (l3 Int.),Scalance Xm416-4c,Scalance Xm416-4c (l3 Int.),Scalance Xp208,Scalance Xp208 (ethernet/ip),Scalance Xp208eec,Scalance Xp208poe Eec,Scalance Xp216,Scalance Xp216 (ethernet/ip),Scalance Xp216eec,Scalance Xp216poe Eec,Scalance Xr324-12m (230v, Ports On Front),Scalance Xr324-12m (230v, Ports On Rear),Scalance Xr324-12m (24v, Ports On Front),Scalance Xr324-12m (24v, Ports On Rear),Scalance Xr324-12m Ts (24v),Scalance Xr324-4m Eec (100-240vac/60-250vdc, Ports On Front),Scalance Xr324-4m Eec (100-240vac/60-250vdc, Ports On Rear),Scalance Xr324-4m Eec (24v, Ports On Front),Scalance Xr324-4m Eec (24v, Ports On Rear),Scalance Xr324-4m Eec (2x 100-240vac/60-250vdc, Ports On Front),Scalance Xr324-4m Eec (2x 100-240vac/60-250vdc, Ports On Rear),Scalance Xr324-4m Eec (2x 24v, Ports On Front),Scalance Xr324-4m Eec (2x 24v, Ports On Rear),Scalance Xr324-4m Poe (230v, Ports On Front),Scalance Xr324-4m Poe (230v, Ports On Rear),Scalance Xr324-4m Poe (24v, Ports On Front),Scalance Xr324-4m Poe (24v, Ports On Rear),Scalance Xr324-4m Poe Ts (24v, Ports On Front),Scalance Xr324wg (24 X Fe, Ac 230v),Scalance Xr324wg (24 X Fe, Dc 24v),Scalance Xr326-2c Poe Wg,Scalance Xr326-2c Poe Wg (without Ul),Scalance Xr328-4c Wg (24xfe, 4xge, 24v),Scalance Xr328-4c Wg (24xfe, 4xge,dc24v),Scalance Xr328-4c Wg (24xfe,4xge,ac230v),Scalance Xr328-4c Wg (28xge, Ac 230v),Scalance Xr328-4c Wg (28xge, Dc 24v),Scalance Xr524-8c, 1x230v,Scalance Xr524-8c, 1x230v (l3 Int.),Scalance Xr524-8c, 24v,Scalance Xr524-8c, 24v (l3 Int.),Scalance Xr524-8c, 2x230v,Scalance Xr524-8c, 2x230v (l3 Int.),Scalance Xr526-8c, 1x230v,Scalance Xr526-8c, 1x230v (l3 Int.),Scalance Xr526-8c, 24v,Scalance Xr526-8c, 24v (l3 Int.),Scalance Xr526-8c, 2x230v,Scalance Xr526-8c, 2x230v (l3 Int.),Scalance Xr528-6m,Scalance Xr528-6m (2hr2, L3 Int.),Scalance Xr528-6m (2hr2),Scalance Xr528-6m (l3 Int.),Scalance Xr552-12m,Scalance Xr552-12m (2hr2, L3 Int.),Scalance Xr552-12m (2hr2),Simatic Cfu Diq,Simatic Cfu Pa,Simatic Cm 1542-1,Simatic Cp 1604,Simatic Cp 1616,Simatic Cp 1626,Simatic Ie/pb-link,Simatic Mv540 H,Simatic Mv540 S,Simatic Mv550 H,Simatic Mv550 S,Simatic Mv560 U,Simatic Mv560 X,Simatic Net Dk-16xx Pn Io,Simatic Power Line Booster Plb, Base Module,Simatic Profinet Driver,Simatic S7-1200 Cpu Family (incl. Siplus Variants),Simocode Pro V Ethernet/ip (incl. Siplus Variants),Simocode Pro V Profinet (incl. Siplus Variants),Siplus Net Scalance X308-2,Siplus Net Scalance Xc206-2,Siplus Net Scalance Xc206-2sfp,Siplus Net Scalance Xc208,Siplus Net Scalance Xc216-4c,Softnet-ie Pnio",7.5,HIGH,0.002850000048056245,false,,false,false,false,,false,false,2021-07-13T11:02:49.000Z,0
CVE-2020-15800,https://securityvulnerability.io/vulnerability/CVE-2020-15800,,"A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.",Siemens,"Scalance X-200 Switch Family (incl. Siplus Net Variants),Scalance X-200irt Switch Family (incl. Siplus Net Variants),Scalance X-300 Switch Family (incl. X408 And Siplus Net Variants)",9.8,CRITICAL,0.0019199999514967203,false,,false,false,false,,false,false,2021-01-12T20:18:33.000Z,0
CVE-2020-28395,https://securityvulnerability.io/vulnerability/CVE-2020-28395,,"A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.",Siemens,"Scalance X-200rna Switch Family,Scalance X-300 Switch Family (incl. X408 And Siplus Net Variants)",5.9,MEDIUM,0.0018500000005587935,false,,false,false,false,,false,false,2021-01-12T00:00:00.000Z,0
CVE-2019-13946,https://securityvulnerability.io/vulnerability/CVE-2019-13946,,"Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit
internal resource allocation when multiple legitimate diagnostic package
requests are sent to the DCE-RPC interface.
This could lead to a denial of service condition due to lack of memory
for devices that include a vulnerable version of the stack.

The security vulnerability could be exploited by an attacker with network
access to an affected device. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise the availability of the device.",Siemens,"Development/evaluation Kits For Profinet Io: Dk Standard Ethernet Controller,Development/evaluation Kits For Profinet Io: Ek-ertec 200,Development/evaluation Kits For Profinet Io: Ek-ertec 200p,Profinet Driver For Controller,Ruggedcom Rm1224 Family,Scalance M804pb,Scalance M812-1 Adsl-router,Scalance M816-1 Adsl-router,Scalance M826-2 Shdsl-router,Scalance M874-2,Scalance M874-3,Scalance M876-3,Scalance M876-3 (rok),Scalance M876-4 (eu),Scalance M876-4 (nam),Scalance S615 Lan-router,Scalance W-700 Ieee 802.11n Family,Scalance X200-4p Irt,Scalance X201-3p Irt,Scalance X201-3p Irt Pro,Scalance X202-2irt,Scalance X202-2p Irt,Scalance X202-2p Irt Pro,Scalance X204-2,Scalance X204-2fm,Scalance X204-2ld,Scalance X204-2ld Ts,Scalance X204-2ts,Scalance X204irt,Scalance X204irt Pro,Scalance X206-1,Scalance X206-1ld,Scalance X208,Scalance X208pro,Scalance X212-2,Scalance X212-2ld,Scalance X216,Scalance X224,Scalance X302-7 Eec (230v, Coated),Scalance X302-7 Eec (230v),Scalance X302-7 Eec (24v, Coated),Scalance X302-7 Eec (24v),Scalance X302-7 Eec (2x 230v, Coated),Scalance X302-7 Eec (2x 230v),Scalance X302-7 Eec (2x 24v, Coated),Scalance X302-7 Eec (2x 24v),Scalance X304-2fe,Scalance X306-1ld Fe,Scalance X307-2 Eec (230v, Coated),Scalance X307-2 Eec (230v),Scalance X307-2 Eec (24v, Coated),Scalance X307-2 Eec (24v),Scalance X307-2 Eec (2x 230v, Coated),Scalance X307-2 Eec (2x 230v),Scalance X307-2 Eec (2x 24v, Coated),Scalance X307-2 Eec (2x 24v),Scalance X307-3,Scalance X307-3ld,Scalance X308-2,Scalance X308-2ld,Scalance X308-2lh,Scalance X308-2lh+,Scalance X308-2m,Scalance X308-2m Poe,Scalance X308-2m Ts,Scalance X310,Scalance X310fe,Scalance X320-1 Fe,Scalance X320-1-2ld Fe,Scalance X408-2,Scalance Xb-200 Family,Scalance Xc-200,Scalance Xf-200ba,Scalance Xf201-3p Irt,Scalance Xf202-2p Irt,Scalance Xf204,Scalance Xf204-2,Scalance Xf204-2ba Irt,Scalance Xf204irt,Scalance Xf206-1,Scalance Xf208,Scalance Xm-400 Family,Scalance Xp-200,Scalance Xr-300wg Family,Scalance Xr-500 Family,Scalance Xr324-12m (230v, Ports On Front),Scalance Xr324-12m (230v, Ports On Rear),Scalance Xr324-12m (24v, Ports On Front),Scalance Xr324-12m (24v, Ports On Rear),Scalance Xr324-12m Ts (24v),Scalance Xr324-4m Eec (100-240vac/60-250vdc, Ports On Front),Scalance Xr324-4m Eec (100-240vac/60-250vdc, Ports On Rear),Scalance Xr324-4m Eec (24v, Ports On Front),Scalance Xr324-4m Eec (24v, Ports On Rear),Scalance Xr324-4m Eec (2x 100-240vac/60-250vdc, Ports On Front),Scalance Xr324-4m Eec (2x 100-240vac/60-250vdc, Ports On Rear),Scalance Xr324-4m Eec (2x 24v, Ports On Front),Scalance Xr324-4m Eec (2x 24v, Ports On Rear),Scalance Xr324-4m Poe (230v, Ports On Front),Scalance Xr324-4m Poe (230v, Ports On Rear),Scalance Xr324-4m Poe (24v, Ports On Front),Scalance Xr324-4m Poe (24v, Ports On Rear),Scalance Xr324-4m Poe Ts (24v, Ports On Front),Simatic Cp 1616 And Cp 1604,Simatic Cp 343-1,Simatic Cp 343-1 Advanced,Simatic Cp 343-1 Erpc,Simatic Cp 343-1 Lean,Simatic Cp 443-1,Simatic Cp 443-1 Advanced,Simatic Cp 443-1 Opc Ua,Simatic Et 200al Im 157-1 Pn,Simatic Et 200m Im 153-4 Pn Io Hf (incl. Siplus Variants),Simatic Et 200m Im 153-4 Pn Io St (incl. Siplus Variants),Simatic Et 200mp Im 155-5 Pn Hf,Simatic Et 200mp Im 155-5 Pn St,Simatic Et 200pro Im 154-3 Pn Hf,Simatic Et 200pro Im 154-4 Pn Hf,Simatic Et 200sp Im 155-6 Pn Ba,Simatic Et 200sp Im 155-6 Pn Hf,Simatic Et 200sp Im 155-6 Pn St,Simatic Et 200sp Im 155-6 Pn St Ba,Simatic Et200ecopn, 16di, Dc24v, 8xm12,Simatic Et200ecopn, 16do Dc24v/1,3a, 8xm12,Simatic Et200ecopn, 4ao U/i 4xm12,Simatic Et200ecopn, 8 Dio, Dc24v/1,3a, 8xm12,Simatic Et200ecopn, 8 Do, Dc24v/2a, 8xm12,Simatic Et200ecopn, 8ai Rtd/tc 8xm12,Simatic Et200ecopn, 8ai; 4 U/i; 4 Rtd/tc 8xm12,Simatic Et200ecopn, 8di, Dc24v, 4xm12,Simatic Et200ecopn, 8di, Dc24v, 8xm12,Simatic Et200ecopn, 8do, Dc24v/0,5a, 4xm12,Simatic Et200ecopn, 8do, Dc24v/1,3a, 4xm12,Simatic Et200ecopn, 8do, Dc24v/1,3a, 8xm12,Simatic Et200ecopn: Io-link Master,Simatic Et200s (incl. Siplus Variants),Simatic Ipc Support, Package For Vxworks,Simatic Mv420 Sr-b,Simatic Mv420 Sr-b Body,Simatic Mv420 Sr-p,Simatic Mv420 Sr-p Body,Simatic Mv440 Hr,Simatic Mv440 Sr,Simatic Mv440 Ur,Simatic Pn/pn Coupler (incl. Siplus Net Variants),Simatic Rf180c,Simatic Rf182c,Simatic Rf600r Family,Simotion C,Simotion D,Simotion P,Sinamics Dcp,Siplus Et 200mp Im 155-5 Pn Hf,Siplus Et 200mp Im 155-5 Pn Hf T1 Rail,Siplus Et 200mp Im 155-5 Pn St,Siplus Et 200mp Im 155-5 Pn St Tx Rail,Siplus Et 200sp Im 155-6 Pn Hf,Siplus Et 200sp Im 155-6 Pn Hf T1 Rail,Siplus Et 200sp Im 155-6 Pn St,Siplus Et 200sp Im 155-6 Pn St Ba,Siplus Et 200sp Im 155-6 Pn St Ba Tx Rail,Siplus Et 200sp Im 155-6 Pn St Tx Rail,Siplus Net Cp 343-1,Siplus Net Cp 343-1 Advanced,Siplus Net Cp 343-1 Lean,Siplus Net Cp 443-1,Siplus Net Cp 443-1 Advanced,Siplus Net Scalance X308-2,Softnet-ie Pnio",7.5,HIGH,0.0012000000569969416,false,,false,false,false,,false,false,2020-02-11T15:36:10.000Z,0
CVE-2019-13924,https://securityvulnerability.io/vulnerability/CVE-2019-13924,,"A vulnerability has been identified in SCALANCE S602 (All versions < V4.1), SCALANCE S612 (All versions < V4.1), SCALANCE S623 (All versions < V4.1), SCALANCE S627-2M (All versions < V4.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < 5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < 4.1.3). The device does not send the X-Frame-Option Header in the administrative web interface, which makes it vulnerable to Clickjacking attacks. The security vulnerability could be exploited by an attacker that is able to trick an administrative user with a valid session on the target device into clicking on a website controlled by the attacker. The vulnerability could allow an attacker to perform administrative actions via the web interface.",Siemens,"Scalance S602,Scalance S612,Scalance S623,Scalance S627-2m,Scalance X-200 Switch Family (incl. Siplus Net Variants),Scalance X-200irt Switch Family (incl. Siplus Net Variants),Scalance X-200rna Switch Family,Scalance X-300 Switch Family (incl. X408 And Siplus Net Variants)",5.4,MEDIUM,0.0008399999933317304,false,,false,false,false,,false,false,2020-02-11T00:00:00.000Z,0
CVE-2019-6567,https://securityvulnerability.io/vulnerability/CVE-2019-6567,,"A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All Versions < V5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X-414-3E (All versions). The affected devices store passwords in a recoverable format. An attacker may extract and recover device passwords from the device configuration. Successful exploitation requires access to a device configuration backup and impacts confidentiality of the stored passwords.",Siemens,"Scalance X-200 Switch Family (incl. Siplus Net Variants),Scalance X-200irt Switch Family (incl. Siplus Net Variants),Scalance X-300 Switch Family (incl. X408 And Siplus Net Variants),Scalance X-414-3e",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,false,false,2019-06-12T13:47:56.000Z,0
CVE-2018-4833,https://securityvulnerability.io/vulnerability/CVE-2018-4833,,"A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.6), SCALANCE X-300 switch family (incl. SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X408 (All versions < V4.1.3), SCALANCE X414 (All versions), SIMATIC RF182C (All versions). Unprivileged remote attackers located in the same local network segment (OSI Layer 2) could gain remote code execution on the affected products by sending a specially crafted DHCP response to a client's DHCP request.",Siemens,"Rfid 181eip,Ruggedcom Win,Scalance X-200 Switch Family (incl. Siplus Net Variants),Scalance X-200irt Switch Family (incl. Siplus Net Variants),Scalance X-200rna Switch Family,Scalance X-300 Switch Family (incl. Siplus Net Variants),Scalance X408,Scalance X414,Simatic Rf182c",8.8,HIGH,0.0037299999967217445,false,,false,false,false,,false,false,2018-06-14T16:00:00.000Z,0
CVE-2018-4842,https://securityvulnerability.io/vulnerability/CVE-2018-4842,,"A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.",Siemens,"Scalance X-200irt Switch Family (incl. Siplus Net Variants),Scalance X-200rna Switch Family,Scalance X-300 Switch Family (incl. X408 And Siplus Net Variants)",4.8,MEDIUM,0.0006500000017695129,false,,false,false,false,,false,false,2018-06-14T00:00:00.000Z,0
CVE-2018-4848,https://securityvulnerability.io/vulnerability/CVE-2018-4848,,"A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). The integrated configuration web server of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.",Siemens,"Scalance X-200 Switch Family (incl. Siplus Net Variants),Scalance X-200irt Switch Family (incl. Siplus Net Variants),Scalance X-200rna Switch Family,Scalance X-300 Switch Family (incl. X408 And Siplus Net Variants)",6.1,MEDIUM,0.0006099999882280827,false,,false,false,false,,false,false,2018-06-14T00:00:00.000Z,0
CVE-2017-2681,https://securityvulnerability.io/vulnerability/CVE-2017-2681,,Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.,Siemens,"Development/evaluation Kits For Profinet Io: Dk Standard Ethernet Controller,Development/evaluation Kits For Profinet Io: Ek-ertec 200,Development/evaluation Kits For Profinet Io: Ek-ertec 200p,Ie/as-i Link Pn Io,Ie/pb-link (incl. Siplus Net Variants),Scalance M-800 Family (incl. S615, Mum-800 And Rm1224),Scalance W-700 Ieee 802.11n Family,Scalance X-200 Family (incl. Siplus Net Variants),Scalance X-200irt Family (incl. Siplus Net Variants),Scalance X-300 Family (incl. X408 And Siplus Net Variants),Scalance X408 Family,Scalance X414,Scalance Xm-400 Family,Scalance Xr-500 Family,Simatic Cm 1542-1,Simatic Cm 1542sp-1,Simatic Cp 1243-1 (incl. Siplus Variants),Simatic Cp 1243-1 Dnp3 (incl. Siplus Variants),Simatic Cp 1243-1 Iec (incl. Siplus Variants),Simatic Cp 1243-8 Irc,Simatic Cp 1542sp-1 Irc (incl. Siplus Variants),Simatic Cp 1543-1 (incl. Siplus Variants),Simatic Cp 1543sp-1 (incl. Siplus Variants),Simatic Cp 1604,Simatic Cp 1616,Simatic Cp 343-1 (incl. Siplus Variants),Simatic Cp 343-1 Advanced (incl. Siplus Variants),Simatic Cp 343-1 Lean (incl. Siplus Variants),Simatic Cp 443-1 (incl. Siplus Variants),Simatic Cp 443-1 Advanced (incl. Siplus Variants),Simatic Cp 443-1 Opc Ua,Simatic Dk-16xx Pn Io,Simatic Et 200al Im 157-1 Pn,Simatic Et 200m (incl. Siplus Variants),Simatic Et 200mp Im 155-5 Pn Ba,Simatic Et 200mp Im 155-5 Pn Hf,Simatic Et 200mp Im 155-5 Pn St,Simatic Et 200pro Im 154-3 Pn Hf,Simatic Et 200pro Im 154-4 Pn Hf,Simatic Et 200sp Im 155-6 Pn Ba,Simatic Et 200sp Im 155-6 Pn Hf,Simatic Et 200sp Im 155-6 Pn Hs,Simatic Et 200sp Im 155-6 Pn St,Simatic Et 200sp Im 155-6 Pn St Ba,Simatic Et200ecopn, 16di, Dc24v, 8xm12,Simatic Et200ecopn, 16do Dc24v/1,3a, 8xm12,Simatic Et200ecopn, 4ao U/i 4xm12,Simatic Et200ecopn, 8 Dio, Dc24v/1,3a, 8xm12,Simatic Et200ecopn, 8 Do, Dc24v/2a, 8xm12,Simatic Et200ecopn, 8ai Rtd/tc 8xm12,Simatic Et200ecopn, 8ai; 4 U/i; 4 Rtd/tc 8xm12,Simatic Et200ecopn, 8di, Dc24v, 4xm12,Simatic Et200ecopn, 8di, Dc24v, 8xm12,Simatic Et200ecopn, 8do, Dc24v/0,5a, 4xm12,Simatic Et200ecopn, 8do, Dc24v/1,3a, 4xm12,Simatic Et200ecopn, 8do, Dc24v/1,3a, 8xm12,Simatic Et200ecopn: Io-link Master,Simatic Et200s (incl. Siplus Variants),Simatic Hmi Comfort Panels, Hmi Multi Panels, Hmi Mobile Panels (incl. Siplus Variants),Simatic Mv420 Sr-b,Simatic Mv420 Sr-b Body,Simatic Mv420 Sr-p,Simatic Mv420 Sr-p Body,Simatic Mv440 Hr,Simatic Mv440 Sr,Simatic Mv440 Ur,Simatic Pn/pn Coupler (incl. Siplus Net Variants),Simatic Rf650r,Simatic Rf680r,Simatic Rf685r,Simatic S7-1200 Cpu Family (incl. Siplus Variants),Simatic S7-1500 Cpu Family (incl. Related Et200 Cpus And Siplus Variants),Simatic S7-1500 Software Controller,Simatic S7-200 Smart,Simatic S7-300 Cpu Family (incl. Related Et200 Cpus And Siplus Variants),Simatic S7-400 H V6 Cpu Family (incl. Siplus Variants),Simatic S7-400 Pn/dp V6 Cpu Family (incl. Siplus Variants),Simatic S7-400 Pn/dp V7 Cpu Family (incl. Siplus Variants),Simatic S7-410 Cpu Family (incl. Siplus Variants),Simatic Tdc Cp51m1,Simatic Tdc Cpu555,Simatic Teleservice Adapter Ie Advanced,Simatic Teleservice Adapter Ie Basic,Simatic Teleservice Adapter Ie Standard,Simatic Winac Rtx 2010,Simatic Winac Rtx F 2010,Simocode Pro V Profinet (incl. Siplus Variants),Simotion,Sinamics Dcm W. Pn,Sinamics Dcp W. Pn,Sinamics G110m W. Pn,Sinamics G120(c/p/d) W. Pn (incl. Siplus Variants),Sinamics G130 V4.7 W. Pn,Sinamics G130 V4.8 W. Pn,Sinamics G150 V4.7 W. Pn,Sinamics G150 V4.8 W. Pn,Sinamics S110 W. Pn,Sinamics S120 Prior To V4.7 W. Pn (incl. Siplus Variants),Sinamics S120 V4.7 Sp1 W. Pn (incl. Siplus Variants),Sinamics S120 V4.7 W. Pn (incl. Siplus Variants),Sinamics S120 V4.8 W. Pn (incl. Siplus Variants),Sinamics S150 V4.7 W. Pn,Sinamics S150 V4.8 W. Pn,Sinamics V90 W. Pn,Sinumerik 828d V4.5 And Prior,Sinumerik 828d V4.7,Sinumerik 840d Sl V4.5 And Prior,Sinumerik 840d Sl V4.7,Siplus Et 200mp Im 155-5 Pn Hf,Siplus Et 200mp Im 155-5 Pn Hf T1 Rail,Siplus Et 200mp Im 155-5 Pn St,Siplus Et 200mp Im 155-5 Pn St Tx Rail,Siplus Et 200sp Im 155-6 Pn Hf,Siplus Et 200sp Im 155-6 Pn Hf T1 Rail,Siplus Et 200sp Im 155-6 Pn St,Siplus Et 200sp Im 155-6 Pn St Ba,Siplus Et 200sp Im 155-6 Pn St Ba Tx Rail,Siplus Et 200sp Im 155-6 Pn St Tx Rail,Sirius Act 3su1 Interface Module Profinet,Sirius Motor Starter M200d Profinet,Sirius Soft Starter 3rw44 Pn,Sitop Psu8600 Profinet,Sitop Ups1600 Profinet (incl. Siplus Variants),Softnet Profinet Io For Pc-based Windows Systems",6.5,MEDIUM,0.0019399999873712659,false,,false,false,false,,false,false,2017-05-11T10:00:00.000Z,0
CVE-2017-2680,https://securityvulnerability.io/vulnerability/CVE-2017-2680,,Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.,Siemens,"Development/evaluation Kits For Profinet Io: Dk Standard Ethernet Controller,Development/evaluation Kits For Profinet Io: Ek-ertec 200,Development/evaluation Kits For Profinet Io: Ek-ertec 200p,Extension Unit 12"" Profinet,Extension Unit 15"" Profinet,Extension Unit 19"" Profinet,Extension Unit 22"" Profinet,Ie/as-i Link Pn Io,Ie/pb-link (incl. Siplus Net Variants),Scalance M-800 Family (incl. S615, Mum-800 And Rm1224),Scalance W-700 Ieee 802.11n Family,Scalance X-200 Family (incl. Siplus Net Variants),Scalance X-200irt Family (incl. Siplus Net Variants),Scalance X-300 Family (incl. X408 And Siplus Net Variants),Scalance X408 Family,Scalance X414,Scalance Xm-400 Family,Scalance Xr-500 Family,Simatic Cm 1542-1,Simatic Cm 1542sp-1,Simatic Cp 1242-7 V2 (incl. Siplus Variants),Simatic Cp 1243-1 (incl. Siplus Variants),Simatic Cp 1243-1 Dnp3 (incl. Siplus Variants),Simatic Cp 1243-1 Iec (incl. Siplus Variants),Simatic Cp 1243-7 Lte Us,Simatic Cp 1243-8 Irc,Simatic Cp 1542sp-1 Irc (incl. Siplus Variants),Simatic Cp 1543-1 (incl. Siplus Variants),Simatic Cp 1543sp-1 (incl. Siplus Variants),Simatic Cp 1604,Simatic Cp 1616,Simatic Cp 1626,Simatic Cp 343-1 (incl. Siplus Variants),Simatic Cp 343-1 Advanced (incl. Siplus Variants),Simatic Cp 343-1 Lean (incl. Siplus Variants),Simatic Cp 443-1 (incl. Siplus Variants),Simatic Cp 443-1 Advanced (incl. Siplus Variants),Simatic Cp 443-1 Opc Ua,Simatic Dk-16xx Pn Io,Simatic Et 200al Im 157-1 Pn,Simatic Et 200m (incl. Siplus Variants),Simatic Et 200mp Im 155-5 Pn Ba,Simatic Et 200mp Im 155-5 Pn Hf,Simatic Et 200mp Im 155-5 Pn St,Simatic Et 200pro Im 154-3 Pn Hf,Simatic Et 200pro Im 154-4 Pn Hf,Simatic Et 200sp Im 155-6 Pn Ba,Simatic Et 200sp Im 155-6 Pn Hf,Simatic Et 200sp Im 155-6 Pn Hs,Simatic Et 200sp Im 155-6 Pn St,Simatic Et 200sp Im 155-6 Pn St Ba,Simatic Et200ecopn, 16di, Dc24v, 8xm12,Simatic Et200ecopn, 16do Dc24v/1,3a, 8xm12,Simatic Et200ecopn, 4ao U/i 4xm12,Simatic Et200ecopn, 8 Dio, Dc24v/1,3a, 8xm12,Simatic Et200ecopn, 8 Do, Dc24v/2a, 8xm12,Simatic Et200ecopn, 8ai Rtd/tc 8xm12,Simatic Et200ecopn, 8ai; 4 U/i; 4 Rtd/tc 8xm12,Simatic Et200ecopn, 8di, Dc24v, 4xm12,Simatic Et200ecopn, 8di, Dc24v, 8xm12,Simatic Et200ecopn, 8do, Dc24v/0,5a, 4xm12,Simatic Et200ecopn, 8do, Dc24v/1,3a, 4xm12,Simatic Et200ecopn, 8do, Dc24v/1,3a, 8xm12,Simatic Et200ecopn: Io-link Master,Simatic Et200s (incl. Siplus Variants),Simatic Hmi Comfort Panels, Hmi Multi Panels, Hmi Mobile Panels (incl. Siplus Variants),Simatic Mv420 Sr-b,Simatic Mv420 Sr-b Body,Simatic Mv420 Sr-p,Simatic Mv420 Sr-p Body,Simatic Mv440 Hr,Simatic Mv440 Sr,Simatic Mv440 Ur,Simatic Pn/pn Coupler (incl. Siplus Net Variants),Simatic Rf650r,Simatic Rf680r,Simatic Rf685r,Simatic S7-1200 Cpu Family (incl. Siplus Variants),Simatic S7-1500 Cpu Family (incl. Related Et200 Cpus And Siplus Variants),Simatic S7-1500 Software Controller,Simatic S7-200 Smart,Simatic S7-300 Cpu Family (incl. Related Et200 Cpus And Siplus Variants),Simatic S7-400 H V6 Cpu Family (incl. Siplus Variants),Simatic S7-400 Pn/dp V6 Cpu Family (incl. Siplus Variants),Simatic S7-400 Pn/dp V7 Cpu Family (incl. Siplus Variants),Simatic S7-410 Cpu Family (incl. Siplus Variants),Simatic Tdc Cp51m1,Simatic Tdc Cpu555,Simatic Teleservice Adapter Ie Advanced,Simatic Teleservice Adapter Ie Basic,Simatic Teleservice Adapter Ie Standard,Simatic Winac Rtx 2010,Simatic Winac Rtx F 2010,Simocode Pro V Profinet (incl. Siplus Variants),Simotion,Simotion D4xx V4.4 For Sinamics Sm150i-2 W. Profinet (incl. Siplus Variants),Sinamics Dcm W. Pn,Sinamics Dcp W. Pn,Sinamics G110m W. Pn,Sinamics G120(c/p/d) W. Pn (incl. Siplus Variants),Sinamics G130 V4.7 W. Pn,Sinamics G130 V4.8 W. Pn,Sinamics G150 V4.7 W. Pn,Sinamics G150 V4.8 W. Pn,Sinamics Gh150 V4.7 W. Profinet,Sinamics Gl150 V4.7 W. Profinet,Sinamics Gm150 V4.7 W. Profinet,Sinamics S110 W. Pn,Sinamics S120 Prior To V4.7 W. Pn (incl. Siplus Variants),Sinamics S120 V4.7 Sp1 W. Pn (incl. Siplus Variants),Sinamics S120 V4.7 W. Pn (incl. Siplus Variants),Sinamics S120 V4.8 W. Pn (incl. Siplus Variants),Sinamics S150 V4.7 W. Pn,Sinamics S150 V4.8 W. Pn,Sinamics Sl150 V4.7.0 W. Profinet,Sinamics Sl150 V4.7.4 W. Profinet,Sinamics Sl150 V4.7.5 W. Profinet,Sinamics Sm120 V4.7 W. Profinet,Sinamics V90 W. Pn,Sinumerik 828d V4.5 And Prior,Sinumerik 828d V4.7,Sinumerik 840d Sl V4.5 And Prior,Sinumerik 840d Sl V4.7,Siplus Et 200mp Im 155-5 Pn Hf,Siplus Et 200mp Im 155-5 Pn Hf T1 Rail,Siplus Et 200mp Im 155-5 Pn St,Siplus Et 200mp Im 155-5 Pn St Tx Rail,Siplus Et 200sp Im 155-6 Pn Hf,Siplus Et 200sp Im 155-6 Pn Hf T1 Rail,Siplus Et 200sp Im 155-6 Pn St,Siplus Et 200sp Im 155-6 Pn St Ba,Siplus Et 200sp Im 155-6 Pn St Ba Tx Rail,Siplus Et 200sp Im 155-6 Pn St Tx Rail,Sirius Act 3su1 Interface Module Profinet,Sirius Motor Starter M200d Profinet,Sirius Soft Starter 3rw44 Pn,Sitop Psu8600 Profinet,Sitop Ups1600 Profinet (incl. Siplus Variants),Softnet Profinet Io For Pc-based Windows Systems",6.5,MEDIUM,0.0024999999441206455,false,,false,false,false,,false,false,2017-05-11T01:00:00.000Z,0