Simatic s7-400 pn/dp v7 cpu family (incl. siplus variants)

This hub aggregates every CVE we track for Simatic s7-400 pn/dp v7 cpu family (incl. siplus variants), a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 11 most recently published vulnerabilities affecting Simatic s7-400 pn/dp v7 cpu family (incl. siplus variants).

• CVE-2024-23814The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-asse...5.3Feb 11, 2025
• CVE-2022-30694The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login c...6.5Nov 8, 2022
• CVE-2021-40368A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN/DP V7 (All versions < V7.0.3), S...7.5Apr 12, 2022
• CVE-2019-19300A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE...7.5Apr 14, 2020
• CVE-2019-13940A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP...5.3Feb 11, 2020
• CVE-2019-6568The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the ...7.5Apr 17, 2019
• CVE-2017-12741Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.7.5Dec 26, 2017
• CVE-2017-2681Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to ...6.5May 11, 2017
• CVE-2017-2680Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the s...6.5May 11, 2017
• CVE-2016-9159A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and...5.9Dec 17, 2016
• CVE-2016-9158A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and...7.5Dec 17, 2016