CVE-2014-2255

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2014-2255
Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets.

7.8 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf Patch Vendor Advisory
http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01 US Government Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:siemens:simatic_s7-1500_cpu_firmware:1.1.1:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_s7-1500_cpu_firmware:1.1.0:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_s7-1500_cpu_firmware:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_s7-1500_cpu_firmware:*:*:*:*:*:*:*:*
Information

Published : 2014-03-16 07:06

Updated : 2020-02-10 07:15

NVD link : CVE-2014-2255

Mitre link : CVE-2014-2255

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

siemens

  • simatic_s7-1500_cpu_firmware