The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.
File data ot_500030.nasl
Vendor | Product | Version | CPE |
---|---|---|---|
siemens | simatic_s7-1200_plc | 2.0 | cpe:2.3:h:siemens:simatic_s7-1200_plc:2.0:*:*:*:*:*:*:* |
siemens | simatic_s7-1200_plc | 2.1 | cpe:2.3:h:siemens:simatic_s7-1200_plc:2.1:*:*:*:*:*:*:* |
siemens | simatic_s7-1200_plc | 2.2 | cpe:2.3:h:siemens:simatic_s7-1200_plc:2.2:*:*:*:*:*:*:* |