Sign-up

ID

VAR-201106-0309


TITLE

Siemens S7-1200 PLC Loophole

Trust: 0.2

sources: IVD: 325a5140-8898-11e7-a432-000c2975a0fc

DESCRIPTION

Siemens SIMATIC S7 series PLC Used in various industrial fields, including energy, water conservancy, oil, natural gas, chemical, building automation, and manufacturing. Attackers can use this vulnerability to gain unauthorized access to automated networks and control S7-1200 PLC Execution of various unauthorized orders causing damage to industrial control systems

Trust: 0.2

sources: IVD: 325a5140-8898-11e7-a432-000c2975a0fc

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: 325a5140-8898-11e7-a432-000c2975a0fc

AFFECTED PRODUCTS

vendor:siemensmodel: - scope:eqversion:*

Trust: 0.2

vendor:siemensmodel:simatic s7-1200;scope:eqversion:*

Trust: 0.2

sources: IVD: 325a5140-8898-11e7-a432-000c2975a0fc

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD: 325a5140-8898-11e7-a432-000c2975a0fc
value: CRITICAL

Trust: 0.2

IVD: 325a5140-8898-11e7-a432-000c2975a0fc
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.3 [IVD]

Trust: 0.2

sources: IVD: 325a5140-8898-11e7-a432-000c2975a0fc

TYPE

Permission permission and access control

Trust: 0.2

sources: IVD: 325a5140-8898-11e7-a432-000c2975a0fc

EXTERNAL IDS

db:IVDid:325A5140-8898-11E7-A432-000C2975A0FC

Trust: 0.2

sources: IVD: 325a5140-8898-11e7-a432-000c2975a0fc

SOURCES

db:IVDid:325a5140-8898-11e7-a432-000c2975a0fc

LAST UPDATE DATE

2022-05-04T10:16:52.464000+00:00


SOURCES UPDATE DATE


SOURCES RELEASE DATE

db:IVDid:325a5140-8898-11e7-a432-000c2975a0fcdate:2011-06-10T00:00:00