The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject headers via unspecified vectors.
References
| Link | Resource |
|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01 | US Government Resource |
| http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf | Patch Vendor Advisory |
| https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf | |
| http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01 | US Government Resource |
| http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf | Patch Vendor Advisory |
| https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:05
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01 - US Government Resource | |
| References | () http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf - Patch, Vendor Advisory | |
| References | () https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf - |
Information
Published : 2014-03-16 14:06
Updated : 2025-04-12 10:46
NVD link : CVE-2014-2247
Mitre link : CVE-2014-2247
CVE.ORG link : CVE-2014-2247
JSON object : View
Products Affected
siemens
- simatic_s7-1500_cpu_firmware
CWE