3 matches found
CVE-2014-2250
The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors, a different vulnerability than...
CVE-2014-2250
CVE-2014-2250 concerns Siemens SIMATIC S7-1200 CPUs with firmware before 4.0, where the PRNG has insufficient entropy. This weaknesses can enable remote attackers to defeat cryptographic protections and hijack sessions via unspecified vectors. Public material ties this to the S7-1200 family and n...
Siemens SIMATIC S7-1200多个漏洞
CVE ID: CVE-2014-2249,CVE-2014-2250,CVE-2014-2252,CVE-2014-2254,CVE-2014-2256,CVE-2014-2258 SIMATIC S7-1200是可编程控制器,可实现简单却高度精确的自动化任务。 Siemens SIMATIC S7-1200 4.0.0之前版本在实现上存在多个漏洞,可被恶意利用执行跨站请求伪造、劫持用户会话、造成拒绝服务。 1、向TCP端口443发送特制的数据包造成的错误可造成设备进入defect模式。 2、随机生成器内弱熵相关错误,可导致劫持另外用户的会话。...