Siemens: >> 6es7314-6eh04-0ab0 Firmware Security Vulnerabilities
The login endpoint /FormLogin in affected web services does not apply proper origin checking.
This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-11-08
ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.
CVSS Score
7.5
EPSS Score
0.007
Published
2019-04-17