CVE-2014-2258

2014-03-2414:20:39

CWE-399

[email protected]

web.nvd.nist.gov

siemens

simatic

s7-1200

cpu

plc

firmware

denial of service

vulnerability

cve-2014-2258

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.6%

JSON

Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets, a different vulnerability than CVE-2014-2259.

Affected configurations

NVD

Node

siemenssimatic_s7_cpu_1200_firmwareRange≤3.0.2

siemenssimatic_s7_cpu_1200_firmwareMatch3.0

AND

siemenssimatic_s7_cpu-1211cMatch-

siemenssimatic_s7_cpu_1212cMatch-

siemenssimatic_s7_cpu_1214cMatch-

siemenssimatic_s7_cpu_1215cMatch-

siemenssimatic_s7_cpu_1217cMatch-

CPENameOperatorVersion
siemens:simatic_s7_cpu_1200_firmwaresiemens simatic s7 cpu 1200 firmwarele3.0.2
siemens:simatic_s7_cpu_1200_firmwaresiemens simatic s7 cpu 1200 firmwareeq3.0
siemens:simatic_s7_cpu-1211csiemens simatic s7 cpu-1211ceq-
siemens:simatic_s7_cpu_1212csiemens simatic s7 cpu 1212ceq-
siemens:simatic_s7_cpu_1214csiemens simatic s7 cpu 1214ceq-
siemens:simatic_s7_cpu_1215csiemens simatic s7 cpu 1215ceq-
siemens:simatic_s7_cpu_1217csiemens simatic s7 cpu 1217ceq-

CPE	Name	Operator	Version
siemens:simatic_s7_cpu_1200_firmware	siemens simatic s7 cpu 1200 firmware	le	3.0.2
siemens:simatic_s7_cpu_1200_firmware	siemens simatic s7 cpu 1200 firmware	eq	3.0
siemens:simatic_s7_cpu-1211c	siemens simatic s7 cpu-1211c	eq	-
siemens:simatic_s7_cpu_1212c	siemens simatic s7 cpu 1212c	eq	-
siemens:simatic_s7_cpu_1214c	siemens simatic s7 cpu 1214c	eq	-
siemens:simatic_s7_cpu_1215c	siemens simatic s7 cpu 1215c	eq	-
siemens:simatic_s7_cpu_1217c	siemens simatic s7 cpu 1217c	eq	-