threat
engine
.sh
Back
·
··:··
Home
/
Product
/
siemens scalance m 800 firmware
Product
siemens scalance m 800 firmware
13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-36325
all versions
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authent
6.8
MEDIUM
CVE-2022-36324
all versions
Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attack
7.5
HIGH
CVE-2022-36323
all versions
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative p
9.1
CRITICAL
CVE-2020-28400
< 6.4
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vul
7.5
HIGH
CVE-2021-3449
>= 6.2
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renego
5.9
MEDIUM
CVE-2021-25676
all versions
A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All
7.5
HIGH
CVE-2021-25667
>= 4.3 and < 6.4
A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 an
8.8
HIGH
CVE-2019-13946
< 4.3
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnos
7.5
HIGH
CVE-2018-5391
< 6.1
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targetin
7.5
HIGH
CVE-2017-14491
< 5.0
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrar
9.8
CRITICAL
CVE-2017-2681
< 4.03
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of s
6.5
MEDIUM
CVE-2017-2680
< 4.03
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Etherne
6.5
MEDIUM
CVE-2016-7090
<= 4.01
The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for th
4.0
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin