Denial of Service Vulnerability in Siemens SIMATIC S7-1200 CPU Devices
CVE-2011-20001

8.7HIGH

Key Information:

Vendor

Siemens
Status
Simatic S7-1200 Cpu V1 Family (incl. Siplus Variants)
Simatic S7-1200 Cpu V2 Family (incl. Siplus Variants)
Vendor
CVE Published:
14 October 2025

What is CVE-2011-20001?

A vulnerability exists in the web server interface of Siemens SIMATIC S7-1200 CPU devices, which fails to properly handle malformed HTTP requests when subjected to high traffic volumes. This issue permits an unauthenticated remote attacker to exploit the flaw, leading to the device entering a stop or defect state and causing denial of service. Users of SIMATIC S7-1200 CPU versions earlier than 2.0.3 are particularly susceptible, as the issue can disrupt operations and compromise system availability.

Affected Version(s)

SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) 0

SIMATIC S7-1200 CPU V2 family (incl. SIPLUS variants) 0

References

https://cert-portal.siemens.com/productcert/html/ssa-6257...

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2011-20001 : Denial of Service Vulnerability in Siemens SIMATIC S7-1200 CPU Devices