Remote Code Execution Vulnerability in Siemens SIMATIC S7-1500 CPU Devices
CVE-2016-2201

5.3MEDIUM

Key Information:

Vendor

Siemens
Status
Simatic S7-1500 Cpu Firmware
Vendor
CVE Published:
8 February 2016

What is CVE-2016-2201?

Siemens SIMATIC S7-1500 CPU devices prior to version 1.8.3 are susceptible to a vulnerability that enables remote attackers to bypass the replay protection mechanism. This threat arises through specially crafted packets sent to TCP port 102, potentially allowing unauthorized access and manipulation of device operations.

References

http://www.siemens.com/cert/pool/cert/siemens_security_ad...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1034954
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/83110
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.