Simatic drive controller cpu 1504d tf
This hub aggregates every CVE we track for Simatic drive controller cpu 1504d tf, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
3
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM3CRITICAL3HIGH2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
3
0
0
2024-082026-07
Latest CVEs
The 8 most recently published vulnerabilities affecting Simatic drive controller cpu 1504d tf.
- CVE-2026-25789Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting the modified firmware fi...7.1
- CVE-2026-25787Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker...9.1
- CVE-2026-25786Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow an authenticated attacker who is auth...9.1
- CVE-2025-40943Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read dia...9.6
- CVE-2021-44695Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.4.9
- CVE-2021-44694Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.5.5
- CVE-2021-44693Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.4.9
- CVE-2021-40365Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.7.5
Product normalization is registry-driven with AI assist and human review. How it works