Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Siemens Simatic S7-1500 Cpu Firmware < 1.5.1 - Denial of Service
Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow remote attackers to cause a denial of service (device restart and STOP transition) via crafted TCP packets.