Siemens EN100 Ethernet Module PROFINET IO Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:siemens:en100_ethernet_module_profinet_io_firmware:-:*:*:*:*:*:*:*
part: o version: - update: *
| Vendor | Siemens (4bd2a91b-02ad-5c3d-b25f-70697e0c9d7f) |
|---|---|
| Product | En100 Ethernet Module Profinet Io Firmware (7d505bbc-59e0-5c90-91d1-4f3ad7a27c09) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-30938 |
vulnerable | 2026-06-03 14:47:10.307764 |
Details available
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.40), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint manupulating a specific argument. This could allow an attacker to crash the affected application leading to a denial of service condition
Published: 2022-07-12T10:06:41.000Z
Updated: 2024-08-03T07:03:39.678Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30937 |
vulnerable | 2026-06-03 14:47:10.301240 |
Details available
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint. This could allow an attacker to crash the affected application leading to a denial of service condition.
Published: 2022-06-14T09:21:54.000Z
Updated: 2024-08-03T07:03:39.594Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-4840 |
vulnerable | 2026-06-03 14:38:56.621277 |
Details available
A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). The device engineering mechanism allows an unauthenticated remote user to upload a modified device configuration overwriting access authorization passwords.
Published: 2018-03-08T17:00:00.000Z
Updated: 2024-08-05T05:18:26.487Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-4839 |
vulnerable | 2026-06-03 14:38:56.620278 |
Details available
A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions < V4.70), SIPROTEC 4 7SJ61 (All versions < V4.96), SIPROTEC 4 7SJ62 (All versions < V4.96), SIPROTEC 4 7SJ64 (All versions < V4.96), SIPROTEC 4 7SJ66 (All versions < V4.30), SIPROTEC Compact 7SJ80 (All versions < V4.77), SIPROTEC Compact 7SK80 (All versions < V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords.
Published: 2018-03-08T17:00:00.000Z
Updated: 2024-08-05T05:18:26.659Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-4838 |
vulnerable | 2026-06-03 14:38:56.596439 |
Details available
A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module DNP3 variant (All versions < V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions < V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities.
Published: 2018-03-08T17:00:00.000Z
Updated: 2024-08-05T05:18:26.631Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.