cbcvebase.
CVE-2014-2249
published 2014-03-16

CVE-2014-2249: Cross-site request forgery (CSRF) vulnerability on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 and SIMATIC S7-1200 CPU PLC devices with…

medium5.8CVSS 3.1
AVNACMAuNCNIPAP
Cross-site request forgery (CSRF) vulnerability on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 and SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Affected

4 ranges
VendorProductVersion rangeFixed in
siemenssimatic_s7-1500_cpu_firmware<= 1.1.2
siemenssimatic_s7-1500_cpu_firmware
siemenssimatic_s7-1500_cpu_firmware
siemenssimatic_s7-1500_cpu_firmware