Siemens SIMATIC S7-1200 SSL Private Key Reuse Spoofing Vulnerability Network Vulnerability

Summary

Siemens SIMATIC S7-1200 is prone to a security vulnerability that may allow attackers to spoof SSL certificates. Attackers can exploit this issue to display incorrect SSL certificates. Successful exploits will cause victims to accept the certificates assuming they are from a legitimate site. Siemens SIMATIC S7-1200 versions 2.x are vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://www.securityfocus.com/bid/55559
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-240718.pdf

Updated on 2017-03-28

Severity

Classification

CVE CVE-2012-3037

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Adobe Reader Old Plugin Signature Bypass Vulnerability (Windows)
Adobe Reader 'SWF' Information Disclosure Vulnerability (Windows)
Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux)
Asterisk SIP REGISTER Response Username Enumeration Vulnerability
Apple Safari Secure Cookie Security Bypass Vulnerability (Windows)

Take action and discover your vulnerabilities