CVE-2014-2256

2014-03-2414:20:39

CWE-399

[email protected]

web.nvd.nist.gov

siemens

s7-1200

plc

firmware

vulnerability

denial of service

iso-tsap

nvd

cve-2014-2256

6.6 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.007 Low

EPSS

Percentile

80.2%

JSON

Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted ISO-TSAP packets, a different vulnerability than CVE-2014-2257.

Affected configurations

NVD

Node

siemenssimatic_s7_cpu_1200_firmwareRange≤3.0.2

siemenssimatic_s7_cpu_1200_firmwareMatch3.0

AND

siemenssimatic_s7_cpu-1211cMatch-

siemenssimatic_s7_cpu_1212cMatch-

siemenssimatic_s7_cpu_1214cMatch-

siemenssimatic_s7_cpu_1215cMatch-

siemenssimatic_s7_cpu_1217cMatch-

CPENameOperatorVersion
siemens:simatic_s7_cpu_1200_firmwaresiemens simatic s7 cpu 1200 firmwarele3.0.2
siemens:simatic_s7_cpu_1200_firmwaresiemens simatic s7 cpu 1200 firmwareeq3.0
siemens:simatic_s7_cpu-1211csiemens simatic s7 cpu-1211ceq-
siemens:simatic_s7_cpu_1212csiemens simatic s7 cpu 1212ceq-
siemens:simatic_s7_cpu_1214csiemens simatic s7 cpu 1214ceq-
siemens:simatic_s7_cpu_1215csiemens simatic s7 cpu 1215ceq-
siemens:simatic_s7_cpu_1217csiemens simatic s7 cpu 1217ceq-

CPE	Name	Operator	Version
siemens:simatic_s7_cpu_1200_firmware	siemens simatic s7 cpu 1200 firmware	le	3.0.2
siemens:simatic_s7_cpu_1200_firmware	siemens simatic s7 cpu 1200 firmware	eq	3.0
siemens:simatic_s7_cpu-1211c	siemens simatic s7 cpu-1211c	eq	-
siemens:simatic_s7_cpu_1212c	siemens simatic s7 cpu 1212c	eq	-
siemens:simatic_s7_cpu_1214c	siemens simatic s7 cpu 1214c	eq	-
siemens:simatic_s7_cpu_1215c	siemens simatic s7 cpu 1215c	eq	-
siemens:simatic_s7_cpu_1217c	siemens simatic s7 cpu 1217c	eq	-