PT-2014-1178 · Siemens · Simatic S7-1200 Cpu

Publicado

2014-03-20

Atualizado

2020-02-10

CVE-2014-2254

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Siemens SIMATIC S7-1200 CPU PLC devices with firmware prior to 4.0

Description The issue allows a remote attacker to cause a denial of service, resulting in the device entering defect mode, by sending crafted HTTP packets to the TCP port 80. This can lead to the device requiring a "cold" restart.

Recommendations For Siemens SIMATIC S7-1200 CPU PLC devices with firmware prior to 4.0, update the firmware to version 4.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the TCP port 80 to minimize the risk of exploitation.

Correção

Improper Resource Release

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399CWE-404

Identificadores relacionados

BDU:2014-00323

CVE-2014-2254

Produtos afetados

Simatic S7-1200 Cpu

PT-2014-1178 · Siemens · Simatic S7-1200 Cpu

CVE-2014-2254

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7