logo
DATABASE RESOURCES PRICING ABOUT US

Siemens SIMATIC CP SRCS VPN Feature Code Injection Vulnerability

Description

The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect SIMATIC S7-1200 controllers to a wide area network (WAN). They provide integrated security features such as firewalls, virtual private networks (VPNs), and support for other protocols with data encryption.The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to a control center or ST7 master via the SINAUT ST7 remote control protocol.The SIMATIC CP 1543-1 Communication processors connect SIMATIC S7-1500 controllers to Ethernet. They provide integrated security features such as firewalls, virtual private networks (VPNs), and support for other protocols with data encryption.SIMATIC CP 1543SP-1, CP 1542SP-1, and CP 1542SP-1 IRC communication processors connect SIMATIC ET 200SP controllers to Ethernet.SIMATIC CP 1543SP-1 and CP 1542SP-1 IRC communication processors also offer integrated security features such as firewalls, virtual private networks (VPNs), or support for other data encryption protocols. SIPLUS devices use the same firmware as the product on which they are based.A code injection vulnerability exists in the Siemens SIMATIC CP SRCS VPN Feature that could be exploited by an attacker to execute arbitrary code with elevated privileges.