Siemens Simatic Et 200sp Open Controller Cpu 1515sp Pc (Incl. Siplus Variants)
12 CVEs affecting Siemens Simatic Et 200sp Open Controller Cpu 1515sp Pc (Incl. Siplus Variants). Latest disclosed: 2026-05-12. Critical: 5, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-15782 | Critical | 9.8 | 2021-05-28 | A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS va… |
CVE-2025-40943 | Critical | 9.6 | 2026-03-10 | Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user… |
CVE-2022-38465 | Critical | 9.3 | 2022-10-11 | A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS va… |
CVE-2026-25787 | Critical | 9.1 | 2026-05-12 | Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface. This… |
CVE-2026-25786 | Critical | 9.1 | 2026-05-12 | Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow… |
CVE-2021-37204 | High | 7.5 | 2022-02-09 | A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9… |
CVE-2019-19300 | High | 7.5 | 2020-04-14 | A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, K… |
CVE-2019-10936 | High | 7.5 | 2019-10-10 | Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial o… |
CVE-2019-6568 | High | 7.5 | 2019-04-17 | The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situ… |
CVE-2026-25789 | High | 7.1 | 2026-05-12 | Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user i… |
CVE-2019-10943 | | 2019-08-13 | A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (… | |
CVE-2019-10929 | | 2019-08-13 | A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), S… |