Open Redirect Vulnerability in Siemens SIMATIC S7-1500 CPU PLC Devices
CVE-2014-2248

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic S7-1500 Cpu Firmware
Vendor: CVE Published:; 16 March 2014

Summary

An open redirect vulnerability exists in the integrated web server of Siemens SIMATIC S7-1500 CPU PLC devices, allowing remote attackers to redirect users to arbitrary websites. This flaw can be exploited through various unspecified vectors, potentially enabling attackers to conduct phishing attacks, putting users at risk by leading them to malicious sites.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/66190

vdb-entryx_refsource_BID

http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01

x_refsource_MISC

Timeline

Vulnerability published
Mar 16, 2014
Vulnerability Reserved
Feb 28, 2014