Replay Vulnerability in SIMATIC S7-1200 Series by Siemens
CVE-2011-20002

8.3HIGH

Key Information:

Vendor

Siemens
Status
Simatic S7-1200 Cpu V1 Family (incl. Siplus Variants)
Simatic S7-1200 Cpu V2 Family (incl. Siplus Variants)
Vendor
CVE Published:
14 October 2025

What is CVE-2011-20002?

A security flaw exists in the SIMATIC S7-1200 CPU series from Siemens, particularly affecting versions prior to V2.0.2. The vulnerability allows an on-path adversary to intercept and replay communications between engineering software and the controllers. This could enable unauthorized execution of previously recorded commands, such as stopping a controller, without requiring password authentication. The implications are significant, potentially leading to unauthorized control over industrial processes.

Affected Version(s)

SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) 0

SIMATIC S7-1200 CPU V2 family (incl. SIPLUS variants) 0

References

https://cert-portal.siemens.com/productcert/html/ssa-6257...

CVSS V4

Score:
8.3
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2011-20002 : Replay Vulnerability in SIMATIC S7-1200 Series by Siemens