Advisory (ICSA-15-022-01)
Siemens SIMATIC S7-1200 CPU Web Vulnerability
Original release date: January 22, 2015
Siemens has identified an open redirect vulnerability in the SIMATIC S7-1200 CPU family. This vulnerability was reported directly to Siemens by Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training. Siemens has produced an update that mitigates this vulnerability.This vulnerability could be exploited remotely.
AFFECTED PRODUCTS
The following Siemens SIMATIC S7-1200 CPU family versions are affected:SIMATIC S7-1200 CPU family: All versions prior to V4.1
IMPACT
This vulnerability could allow an attacker to redirect users to untrusted sites under certain conditions.Impact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.
Read More
No comments:
Post a Comment