Summary
Siemens SIMATIC S7-1200 is prone to a denial-of-service vulnerability.
Impact
Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users.
Solution
Updates are available.
Insight
Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets, crafted ISO-TSAP packets or crafted HTTPS packets.
Affected
Versions prior to SIMATIC S7-1200 4.0 are vulnerable.
Detection
Check the firmware version
References
Severity
Classification
-
CVE CVE-2014-2254, CVE-2014-2256, CVE-2014-2258 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Windows)
- Adobe Acrobat Sandbox Bypass Vulnerability - Aug14 (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities -02 April 13 (Mac OS X)