Summary
Siemens SIMATIC S7-1200 is prone to a security vulnerability that may allow attackers to spoof SSL certificates.
Attackers can exploit this issue to display incorrect SSL certificates. Successful exploits will cause victims to accept the certificates assuming they are from a legitimate site.
Siemens SIMATIC S7-1200 versions 2.x are vulnerable other versions
may also be affected.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2012-3037 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apple Safari 'Webkit' Information Disclosure Vulnerability (Win)
- Adobe Products Unspecified Cross-Site Scripting Vulnerability June-2011 (Windows)
- Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Mac OS X)
- Apple Safari Multiple Memory Corruption Vulnerabilities-02 Apr14 (Mac OS X)
- aMSN session hijack vulnerability (Windows)