Siemens Sinumerik One
9 CVEs affecting Siemens Sinumerik One. Latest disclosed: 2025-08-12. Critical: 2, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-15782 | Critical | 9.8 | 2021-05-28 | A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS va… |
CVE-2022-38465 | Critical | 9.3 | 2022-10-11 | A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS va… |
CVE-2024-41171 | High | 8.8 | 2024-09-10 | A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All versions < V5.24), SINUMERIK 840D sl V4 (All versions), SINUMER… |
CVE-2025-40743 | High | 8.3 | 2025-08-12 | A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 828D PPU.5 (All versions < V5.25 SP1), SINUMERIK 840D sl (All… |
CVE-2023-46156 | High | 7.5 | 2023-12-12 | Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A res… |
CVE-2023-28831 | High | 7.5 | 2023-09-12 | The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infi… |
CVE-2022-30694 | Medium | 6.5 | 2022-11-08 | The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the a… |
CVE-2024-43781 | Medium | 5.5 | 2024-09-10 | A vulnerability has been identified in SINUMERIK 828D V4 (All versions < V4.95 SP3), SINUMERIK 840D sl V4 (All versions < V4.95 SP3 in connection with using Cr… |
CVE-2022-24408 | | 2022-03-08 | A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected device… |