PT-2014-4585 · Siemens · Simatic S7-1500 Cpu

Aleksandr Timorin

Published

2014-03-16

Updated

2020-02-10

CVE-2014-2251

CVSS v2.0

8.3

High

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:C

Name of the Vulnerable Software and Affected Versions Siemens SIMATIC S7-1500 CPU PLC devices versions prior to 1.5.0

Description The issue concerns the random-number generator, which lacks sufficient entropy. This weakness can be exploited by remote attackers to bypass cryptographic protection mechanisms and hijack sessions.

Recommendations For versions prior to 1.5.0, update the firmware to version 1.5.0 or later to address the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2014-2251

Affected Products

Simatic S7-1500 Cpu

PT-2014-4585 · Siemens · Simatic S7-1500 Cpu

CVE-2014-2251

Related Identifiers

Affected Products

References · 4