Denial of Service Vulnerability in Siemens SIMATIC S7-1200 CPU Devices
CVE-2011-20001

8.7HIGH

Key Information:

Vendor: Siemens
Status: Simatic S7-1200 Cpu V1 Family (incl. Siplus Variants); Simatic S7-1200 Cpu V2 Family (incl. Siplus Variants)
Vendor: CVE Published:; 14 October 2025

What is CVE-2011-20001?

A vulnerability exists in the web server interface of Siemens SIMATIC S7-1200 CPU devices, which fails to properly handle malformed HTTP requests when subjected to high traffic volumes. This issue permits an unauthenticated remote attacker to exploit the flaw, leading to the device entering a stop or defect state and causing denial of service. Users of SIMATIC S7-1200 CPU versions earlier than 2.0.3 are particularly susceptible, as the issue can disrupt operations and compromise system availability.

Affected Version(s)

SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) 0

SIMATIC S7-1200 CPU V2 family (incl. SIPLUS variants) 0

References

https://cert-portal.siemens.com/productcert/html/ssa-6257...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2025
Vulnerability Reserved
May 22, 2025

JSON