Open Redirect Vulnerability in Siemens SIMATIC S7-1200 Devices
CVE-2015-1048

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic S7 1200 Cpu Firmware
Vendor: CVE Published:; 21 January 2015

Summary

An open redirect vulnerability exists in the integrated web server of Siemens SIMATIC S7-1200 CPU devices running firmware versions prior to 4.1. This security flaw allows remote attackers to exploit the web server, facilitating the redirection of users to malicious websites. Such vulnerabilities can lead to phishing attempts, significantly compromising user security by unwittingly directing them to potentially harmful external addresses, ultimately heightening the risk of data theft and other malicious activities.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

https://cert-portal.siemens.com/productcert/pdf/ssa-59721...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 21, 2015
Vulnerability Reserved
Jan 12, 2015