Sinumerik 840d sl

This hub aggregates every CVE we track for Sinumerik 840d sl, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Sinumerik 840d sl.

• CVE-2025-40833The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service condition. A manual r...7.5May 12, 2026
• CVE-2025-40820Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to in...7.5Dec 9, 2025
• CVE-2025-40743A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 828D PPU.5 (All versions < V5.25 SP1), SINUMERIK 840D sl (All versions < V4.95 SP5), SINUMERIK MC (...8.3Aug 12, 2025
• CVE-2024-23814The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-asse...5.3Feb 11, 2025
• CVE-2024-43781A vulnerability has been identified in SINUMERIK 828D V4 (All versions < V4.95 SP3), SINUMERIK 840D sl V4 (All versions < V4.95 SP3 in connection with using Create MyConfig (CMC) <= V4.8 SP1 HF6), ...5.5Sep 10, 2024
• CVE-2024-41171A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All versions < V5.24), SINUMERIK 840D sl V4 (All versions), SINUMERIK ONE (All versions < V6.24). Affecte...8.8Sep 10, 2024
• CVE-2020-15783A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). ...7.5Nov 12, 2020
• CVE-2020-15791A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIM...6.5Sep 9, 2020
• CVE-2019-18336A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU...7.5Mar 10, 2020
• CVE-2019-10923An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.7.5Oct 10, 2019
• CVE-2019-10936Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.7.5Oct 10, 2019
• CVE-2019-11478SACK can cause extensive memory use via fragmented resend queue5.3Jun 18, 2019
• CVE-2019-11477Integer overflow in TCP_SKB_CB(skb)->tcp_gso_segs7.5Jun 18, 2019
• CVE-2019-11479Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced...7.5Jun 18, 2019
• CVE-2018-12130Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosu...5.9May 30, 2019