Denial of Service Vulnerability in Siemens SIMATIC S7-1200 CPU PLC
CVE-2014-2258

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic S7 Cpu 1200 Firmware; Simatic S7 Cpu-1211c; Simatic S7 Cpu 1212c; Simatic S7 Cpu 1214c
Vendor: CVE Published:; 24 March 2014

Summary

The Siemens SIMATIC S7-1200 CPU PLC devices running firmware versions before 4.0 exhibit a vulnerability that allows remote attackers to induce a denial of service. This can occur through the transmission of specially crafted HTTPS packets, leading to a defect-mode transition that disrupts the normal operation of the PLC. This poses significant risks for industrial control systems relying on these devices, warranting immediate attention from users to mitigate potential threats.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

http://ics-cert.us-cert.gov/advisories/ICSA-14-079-02

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-65438...

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 24, 2014
Vulnerability Reserved
Feb 28, 2014