Lucene search
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500030.NASLHistoryNov 08, 2019 - 12:00 a.m.
Siemens Simatic Exposure of Sensitive Information to an Unauthorized Actor
2019-11-0800:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
0.002 Low
EPSS
Percentile
56.0%
The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.
File data ot_500030.nasl| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | simatic_s7-1200_plc | 2.0 | cpe:2.3:h:siemens:simatic_s7-1200_plc:2.0:*:*:*:*:*:*:* |
| siemens | simatic_s7-1200_plc | 2.1 | cpe:2.3:h:siemens:simatic_s7-1200_plc:2.1:*:*:*:*:*:*:* |
| siemens | simatic_s7-1200_plc | 2.2 | cpe:2.3:h:siemens:simatic_s7-1200_plc:2.2:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2012-3037
2022-10-03 16:15:22
ptsecurity
ptsecurity
prion
prion
Code injection
2012-09-25 11:07:00
openvas
openvas
cvelist
cvelist
CVE-2012-3037
2022-10-03 16:15:22
nessus
nessus
Siemens SIMATIC Improper Certificate Validation (CVE-2012-3037)
2022-02-07 00:00:00
ics
ics
Siemens S7-1200 Insecure Storage of HTTPS CA Certificate
2013-05-06 12:00:00
nvd
nvd
CVE-2012-3037
2012-09-25 11:07:46