Lucene search
HistoryMar 16, 2014 - 2:06 p.m.
CVE-2014-2251
8.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:P/I:P/A:C
6.6 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.8%
The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors.
Affected configurations
Node
siemenssimatic_s7-1500_cpu_firmwareRange≤1.1.2
ORsiemenssimatic_s7-1500_cpu_firmwareMatch1.0.1
ORsiemenssimatic_s7-1500_cpu_firmwareMatch1.1.0
ORsiemenssimatic_s7-1500_cpu_firmwareMatch1.1.1
Related
ptsecurity
ptsecurity
PT-2013-84: Insuffient Entropy in Siemens SIMATIC S7-1500 CPU PLC
2013-05-08 00:00:00
cve
cve
CVE-2014-2251
2014-03-16 14:06:45
CVE-2014-2250
2014-03-24 14:20:39
prion
prion
Code injection
2014-03-16 14:06:00
Code injection
2014-03-24 14:20:00
nessus
nessus
Siemens SIMATIC S7-1500 Insufficient Entropy (CVE-2014-2251)
2022-02-07 00:00:00
Siemens Simatic Unspecified Vulnerability
2019-11-08 00:00:00
cvelist
cvelist
CVE-2014-2251
2014-03-16 10:00:00
CVE-2014-2250
2014-03-22 01:00:00
nvd
nvd
CVE-2014-2250
2014-03-24 14:20:39
ics
ics
Siemens SIMATIC S7-1500 CPU Firmware Vulnerabilities
2018-09-06 12:00:00
8.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:P/I:P/A:C
6.6 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.8%
Related for NVD:CVE-2014-2251