Denial of Service Vulnerability in Siemens SIMATIC S7-1500 CPU PLC Devices
CVE-2014-2257

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic S7-1500 Cpu Firmware
Vendor: CVE Published:; 16 March 2014

Summary

The Siemens SIMATIC S7-1500 CPU PLC devices are vulnerable to a denial of service condition due to improper handling of crafted ISO-TSAP packets. Attackers can exploit this vulnerability by sending specially crafted packets to the affected devices, triggering a transition to defect mode and disrupting normal operations. Users are encouraged to upgrade to firmware version 1.5.0 or later to mitigate this risk. For additional information, refer to the security advisories provided by Siemens.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-45642...

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 16, 2014
Vulnerability Reserved
Feb 28, 2014