Exploit for n-days-poc-benchmark-and-dataset CVE-2012-3037 CVE-2012-3040 CVE-2013-0700 CVE-2014-2909 CVE-2015-0015 CVE-2015-0987 CVE-2015-2177 CVE-2015-7937 CVE-2016-5645 CVE-2018-7789 CVE-2019-13946 CVE-2020-12040 CVE-2021-29241

Name: Exploit for n-days-poc-benchmark-and-dataset CVE-2012-3037 CVE-2012-3040 CVE-2013-0700 CVE-2014-2909 CVE-2015-0015 CVE-2015-0987 CVE-2015-2177 CVE-2015-7937 CVE-2016-5645 CVE-2018-7789 CVE-2019-13946 CVE-2020-12040 CVE-2021-29241
Rating: 5 (104 reviews)

2026-04-17 | CVSS 10.0

## https://sploitus.com/exploit?id=D3F41F9A-BF8B-57A3-A6B9-5D5B7B2896AE
# ICS N-Day Vulnerability PoC Benchmark Suite

A structured collection of Proof-of-Concept scripts for known (N-Day) vulnerabilities in industrial control system (ICS) devices. Intended for academic security research, vulnerability detection benchmarking, and IDS/IPS evaluation in isolated lab environments.

## Disclaimer

**For authorized use in isolated lab environments only.** See [DISCLAIMER.md](DISCLAIMER.md).

## Vulnerability Index

| # | Vendor | Model | Protocol | CVE/CNVD | Type |
|---|--------|-------|----------|----------|------|
| 1 | Siemens | S7-300 | PROFINET | [CVE-2019-13946](siemens/CVE-2019-13946/) | Remote DoS |
| 2 | Siemens | S7-300 | S7 Comm | [CVE-2015-2177](siemens/CVE-2015-2177/) | Input Validation / DoS |
| 3 | Siemens | S7-300 | PROFIBUS | [CVE-2015-0015](siemens/CVE-2015-0015/) | I/O Module Stoppage DoS |
| 4 | Siemens | S7-1200 | HTTP | [CVE-2014-2909](siemens/CVE-2014-2909/) | CRLF Injection |
| 5 | Siemens | S7-1200 | HTTP | [CVE-2012-3040](siemens/CVE-2012-3040/) | Cross-Site Scripting |
| 6 | Siemens | S7-1200 | ISO-TSAP | [CVE-2013-0700](siemens/CVE-2013-0700/) | Crafted Packet Crash DoS |
| 7 | Siemens | S7-1200 | S7 Comm | [CVE-2012-3037](siemens/CVE-2012-3037/) | Diagnostic Buffer Info Disclosure |
| 8 | Rockwell | 1766-L32 | EIP/PCCC | [CNVD-2018-00883](rockwell/CNVD-2018-00883/) | Stack Buffer Overflow |
| 9 | Rockwell | 1766-L32 | EIP | [CVE-2016-5645](rockwell/CVE-2016-5645/) | Ethernet Interface DoS |
| 10 | Rockwell | SoftLogix | EIP/CIP | [CVE-2020-12040](rockwell/CVE-2020-12040/) | CIP Stack Buffer Overflow |
| 11 | Emerson | VersaMax | SRTP | [CNVD-2013-13377](emerson/CNVD-2013-13377/) | Memory Corruption / RCE |
| 12 | Omron | CP2E | FINS | [CVE-2015-0987](omron/CVE-2015-0987/) | CPU Cycle Time Error DoS |
| 13 | Schneider | TM221 | Modbus | [CVE-2015-7937](schneider/CVE-2015-7937/) | CPU Crash via Func 0x71 |
| 14 | Schneider | TM221 | HTTP | [CVE-2018-7789](schneider/CVE-2018-7789/) | Web Service DoS via POST |
| 15 | CODESYS | Linux SL | OPC UA | [CVE-2021-29241](codesys/CVE-2021-29241/) | OPC UA Protocol Stack DoS |

## Structure

```
vul_poc/
├── common/
│   ├── safety.py          # Authorization gate (required by all PoCs)
│   └── utils.py           # Shared protocol helpers
├── siemens/
│   └── /
│       ├── README.md      # Vulnerability details, affected versions, patch info
│       └── poc.py         # PoC script
├── rockwell/ ...
├── emerson/  ...
├── omron/    ...
├── schneider/...
└── codesys/  ...
```

## Usage

All PoCs require explicit lab authorization before execution:

```bash
export ICS_POC_AUTHORIZED=yes
export ICS_POC_TARGET=192.168.x.x   # must be RFC-1918 / isolated lab range

python siemens/CVE-2019-13946/poc.py --target 192.168.1.100
```

## Requirements

```bash
pip install -r requirements.txt
```

## Research Context

This benchmark suite accompanies the paper *"N-Day Vulnerability Detection in Industrial Control Systems"*. Each PoC is derived from public CVE disclosures, vendor advisories, and published security research.