Simatic s7-1200
This hub aggregates every CVE we track for Simatic s7-1200, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.
13
CVEs tracked
2
Critical
6
High
0
In CISA KEV
Severity distribution
HIGH6MEDIUM5CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 13 most recently published vulnerabilities affecting Simatic s7-1200.
- CVE-2025-40820Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to in...7.5
- CVE-2022-38465A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200...9.3
- BDU:2022-01218Уязвимость микропрограммного обеспечения программируемого логического контроллера SIMATIC S7-1200, связанная с возможностью неаутентифицированного пользователя выполнять команды, позволяющая нарушителю выполнить команды запуска и остановки контроллера6.5
- CVE-2021-37205A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V2...7.5
- CVE-2021-37204A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller C...7.5
- CVE-2021-37185A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V2...7.5
- CVE-2020-15782A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200...9.8
- CVE-2019-13945A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family < V4.x (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 C...6.8
- CVE-2018-13815A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by openin...7.5
- CVE-2017-12741Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.7.5
- CVE-2017-3737OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and...5.9
- CVE-2012-3040Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.4.3
- CVE-2012-3037The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web s...4.3
Product normalization is registry-driven with AI assist and human review. How it works