Cross-Site Scripting Vulnerability in Siemens SIMATIC S7-1200 CPU
CVE-2014-2908

Currently unrated

Key Information:

Vendor

Siemens
Status
Simatic S7 Cpu 1200 Firmware
Simatic S7 Cpu-1211c
Simatic S7 Cpu 1212c
Simatic S7 Cpu 1214c
Vendor
CVE Published:
25 April 2014

What is CVE-2014-2908?

A cross-site scripting (XSS) vulnerability exists in the integrated web server of Siemens SIMATIC S7-1200 CPU devices version 2.x and 3.x. This vulnerability allows remote attackers to inject arbitrary web scripts or HTML, potentially compromising the security of the affected systems. Exploitation of this vulnerability can lead to unauthorized actions by the attacker, requiring immediate attention and mitigation to prevent malicious activities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://ics-cert.us-cert.gov/advisories/ICSA-14-114-02
x_refsource_MISC
https://www.exploit-db.com/exploits/44687/
exploitx_refsource_EXPLOIT-DB
http://www.siemens.com/innovation/pool/de/forschungsfelde...
x_refsource_CONFIRM

EPSS Score

38% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.