Denial of Service Vulnerability in Siemens SIMATIC S7-1200 PLC Firmware
CVE-2014-2256

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic S7 Cpu 1200 Firmware; Simatic S7 Cpu-1211c; Simatic S7 Cpu 1212c; Simatic S7 Cpu 1214c
Vendor: CVE Published:; 24 March 2014

Summary

The vulnerability in Siemens SIMATIC S7-1200 CPU PLC devices prior to firmware version 4.0 allows remote attackers to disrupt operations by sending specially crafted ISO-TSAP packets. This can cause the device to transition into a defect mode, impairing its functionality and potentially halting critical automation processes. Users of affected versions should take immediate action to update their firmware to mitigate the risks associated with this vulnerability.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

http://ics-cert.us-cert.gov/advisories/ICSA-14-079-02

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-65438...

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 24, 2014
Vulnerability Reserved
Feb 28, 2014