CVE-2025-24811

Name of the Vulnerable Software and Affected Versions: SIMATIC S7-1200 CPU versions 6ES7211-1BE40-0XB0 through 6ES7217-1AG40-0XB0 SIPLUS S7-1200 CPU versions 6AG1212-1AE40-2XB0 through 6AG1215-1AF40-5XB0

Description: A vulnerability has been identified in certain SIMATIC S7-1200 CPUs, where affected devices do not process correctly certain specially crafted packets sent to port 80/tcp. This could allow an unauthenticated attacker to cause a denial of service in the device.

Recommendations: For SIMATIC S7-1200 CPU versions 6ES7211-1BE40-0XB0 through 6ES7217-1AG40-0XB0, restrict access to port 80/tcp to minimize the risk of exploitation. For SIPLUS S7-1200 CPU versions 6AG1212-1AE40-2XB0 through 6AG1215-1AF40-5XB0, consider disabling the processing of special crafted packets on port 80/tcp until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.