Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-5074

4 documents4 sources

Severity

7.1HIGH

EPSS

12.9%

top 5.95%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Siemens Simatic S7-1500 CPU Firmware

Timeline

PublishedAug 17

Latest updateMay 14

Description

Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow remote attackers to cause a denial of service (device restart and STOP transition) via crafted TCP packets.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

▶NVDsiemens/simatic_s7-1500_cpu_firmware1.5.1+5

Patches

Patch: www.siemens.com ↗Patch: ics-cert.us-cert.gov ↗Patch: www.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-64h7-xqm5-vw78: Siemens SIMATIC S7-1500 CPU devices with firmware before 1↗2022-05-14

▶

CVEList

CVE-2014-5074: Siemens SIMATIC S7-1500 CPU devices with firmware before 1↗2014-08-17

▶

💥Exploits & PoCs

Exploit-DB

Siemens SIMATIC S7-1500 CPU - Remote Denial of Service↗2018-05-22

▶