Description
Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets, a different vulnerability than CVE-2014-2255.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-654382.pdf
US Government Resource x_refsource_misc
http://ics-cert.us-cert.gov/advisories/ICSA-14-079-02
Vendor Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-654382.pdf
Scores
EPSS
0.0047
EPSS Percentile
65.0%
Details
CWE
CWE-399
Status
published
Products (7)
siemens/simatic_s7_cpu-1211c
siemens/simatic_s7_cpu_1200_firmware
3.0
siemens/simatic_s7_cpu_1200_firmware
< 3.0.2
siemens/simatic_s7_cpu_1212c
siemens/simatic_s7_cpu_1214c
siemens/simatic_s7_cpu_1215c
siemens/simatic_s7_cpu_1217c
Published
Mar 24, 2014
Tracked Since
Feb 18, 2026