CVE-2014-2258

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2014-2258
Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets, a different vulnerability than CVE-2014-2259.

7.8 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-079-02 US Government Resource
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-654382.pdf Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-654382.pdf
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:3.0:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:siemens:simatic_s7_cpu_1212c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7_cpu_1215c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7_cpu_1217c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7_cpu_1214c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7_cpu-1211c:-:*:*:*:*:*:*:*
Information

Published : 2014-03-24 07:20

Updated : 2020-02-10 07:15

NVD link : CVE-2014-2258

Mitre link : CVE-2014-2258

JSON object : View

CWE
CWE-399

Resource Management Errors

Advertisement

dedicated server usa
Products Affected

siemens

  • simatic_s7_cpu_1200_firmware
  • simatic_s7_cpu-1211c
  • simatic_s7_cpu_1215c
  • simatic_s7_cpu_1217c
  • simatic_s7_cpu_1212c
  • simatic_s7_cpu_1214c