Denial of Service Vulnerability in Siemens SIMATIC S7-1500 PLC Devices
CVE-2014-2255

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic S7-1500 Cpu Firmware
Vendor: CVE Published:; 16 March 2014

What is CVE-2014-2255?

The Siemens SIMATIC S7-1500 CPU PLC devices with firmware versions earlier than 1.5.0 are susceptible to a remote denial of service vulnerability. Attackers can exploit this vulnerability by sending specially crafted HTTP packets, which may force the device into a defect mode, leading to operational disruptions. Implementing robust security measures and updating firmware to the latest version are essential to mitigate the risk associated with this vulnerability.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-45642...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 16, 2014
Vulnerability Reserved
Feb 28, 2014