Remote Denial of Service Vulnerability in Siemens SIMATIC S7-1500 CPU Devices
CVE-2014-5074

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic S7-1500 Cpu Firmware; Simatic S7-1511-1 Pn Cpu; Simatic S7-1513-1 Pn Cpu; Simatic S7-1515-2 Pn Cpu
Vendor: CVE Published:; 17 August 2014

What is CVE-2014-5074?

Siemens SIMATIC S7-1500 CPUs with firmware prior to version 1.6 are vulnerable to a remote denial of service condition. Attackers can exploit this vulnerability by sending specially crafted TCP packets that lead to unplanned device restarts and transitions to a STOP state. This malicious activity can disrupt the functioning of critical operations relying on these devices, underscoring the importance of updating firmware to mitigate these risks. Organizations using these devices should assess their systems for potential exposure and take proactive measures to secure their environments.

References

https://ics-cert.us-cert.gov/advisories/ICSA-14-226-01

x_refsource_MISC

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

https://www.exploit-db.com/exploits/44693/

exploitx_refsource_EXPLOIT-DB

EPSS Score

13% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 17, 2014
Vulnerability Reserved
Jul 24, 2014