Detections
Analytics
Siemens S7 Heartbleed (CVE-2014-0160)
high Tenable OT Security Plugin ID 500424
Synopsis
The remote OT asset is affected by a vulnerability.Description
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
http://advisories.mageia.org/MGASA-2014-0165.html
http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/
http://cogentdatahub.com/ReleaseNotes.html
http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html
http://marc.info/?l=bugtraq&m=139722163017074&w=2
http://marc.info/?l=bugtraq&m=139757726426985&w=2
http://marc.info/?l=bugtraq&m=139757819327350&w=2
http://marc.info/?l=bugtraq&m=139757919027752&w=2
http://marc.info/?l=bugtraq&m=139758572430452&w=2
http://marc.info/?l=bugtraq&m=139765756720506&w=2
http://marc.info/?l=bugtraq&m=139774054614965&w=2
http://marc.info/?l=bugtraq&m=139774703817488&w=2
http://marc.info/?l=bugtraq&m=139808058921905&w=2
http://marc.info/?l=bugtraq&m=139817685517037&w=2
http://marc.info/?l=bugtraq&m=139817727317190&w=2
http://marc.info/?l=bugtraq&m=139817782017443&w=2
http://marc.info/?l=bugtraq&m=139824923705461&w=2
http://marc.info/?l=bugtraq&m=139824993005633&w=2
http://marc.info/?l=bugtraq&m=139833395230364&w=2
http://marc.info/?l=bugtraq&m=139835815211508&w=2
http://marc.info/?l=bugtraq&m=139835844111589&w=2
http://marc.info/?l=bugtraq&m=139836085512508&w=2
http://marc.info/?l=bugtraq&m=139842151128341&w=2
http://marc.info/?l=bugtraq&m=139843768401936&w=2
http://marc.info/?l=bugtraq&m=139869720529462&w=2
http://marc.info/?l=bugtraq&m=139869891830365&w=2
http://marc.info/?l=bugtraq&m=139889113431619&w=2
http://marc.info/?l=bugtraq&m=139889295732144&w=2
http://marc.info/?l=bugtraq&m=139905202427693&w=2
http://marc.info/?l=bugtraq&m=139905243827825&w=2
http://marc.info/?l=bugtraq&m=139905295427946&w=2
http://marc.info/?l=bugtraq&m=139905351928096&w=2
http://marc.info/?l=bugtraq&m=139905405728262&w=2
http://marc.info/?l=bugtraq&m=139905458328378&w=2
http://marc.info/?l=bugtraq&m=139905653828999&w=2
http://marc.info/?l=bugtraq&m=139905868529690&w=2
http://marc.info/?l=bugtraq&m=140015787404650&w=2
http://marc.info/?l=bugtraq&m=140075368411126&w=2
http://marc.info/?l=bugtraq&m=140724451518351&w=2
http://marc.info/?l=bugtraq&m=140752315422991&w=2
http://marc.info/?l=bugtraq&m=141287864628122&w=2
http://marc.info/?l=bugtraq&m=142660345230545&w=2
http://rhn.redhat.com/errata/RHSA-2014-0376.html
http://rhn.redhat.com/errata/RHSA-2014-0377.html
http://rhn.redhat.com/errata/RHSA-2014-0378.html
http://rhn.redhat.com/errata/RHSA-2014-0396.html
https://blog.torproject.org/blog/openssl-bug-cve-2014-0160
https://bugzilla.redhat.com/show_bug.cgi?id=1084875
https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf
https://code.google.com/p/mod-spdy/issues/detail?id=85
http://seclists.org/fulldisclosure/2014/Apr/109
http://seclists.org/fulldisclosure/2014/Apr/173
http://seclists.org/fulldisclosure/2014/Apr/190
http://seclists.org/fulldisclosure/2014/Apr/90
http://seclists.org/fulldisclosure/2014/Apr/91
http://seclists.org/fulldisclosure/2014/Dec/23
http://secunia.com/advisories/57347
http://secunia.com/advisories/57483
http://secunia.com/advisories/57721
http://secunia.com/advisories/57836
http://secunia.com/advisories/57966
http://secunia.com/advisories/57968
http://secunia.com/advisories/59139
http://secunia.com/advisories/59243
http://secunia.com/advisories/59347
https://filezilla-project.org/versions.php?type=server
https://gist.github.com/chapmajs/10473815
http://support.citrix.com/article/CTX140605
https://www.cert.fi/en/reports/2014/vulnerability788210.html
http://www-01.ibm.com/support/docview.wss?uid=isg400001841
http://www-01.ibm.com/support/docview.wss?uid=isg400001843
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
http://www.blackberry.com/btsc/KB35882
http://www.debian.org/security/2014/dsa-2896
http://www.exploit-db.com/exploits/32745
http://www.exploit-db.com/exploits/32764
http://www.f-secure.com/en/web/labs_global/fsc-2014-1
http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/
http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/
http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/
http://www.kb.cert.org/vuls/id/720951
http://www.kerio.com/support/kerio-control/release-history
http://www.nessus.org/u?1c45738a
http://www.nessus.org/u?22274a45
http://www.nessus.org/u?3053dc8b
http://www.nessus.org/u?37006736
http://www.nessus.org/u?38336169
http://www.nessus.org/u?3aa4af59
http://www.nessus.org/u?4f211d28
http://www.nessus.org/u?7de2f8eb
http://www.nessus.org/u?8376305c
http://www.nessus.org/u?8e93b1c3
http://www.nessus.org/u?93cd0f79
http://www.nessus.org/u?a6abc3fa
http://www.nessus.org/u?b3e9d2b8
http://www.nessus.org/u?b7354398
http://www.nessus.org/u?bb05d3e3
http://www.nessus.org/u?bc543587
http://www.nessus.org/u?bd05ca98
http://www.nessus.org/u?c46d757d
http://www.nessus.org/u?d79cd294
http://www.nessus.org/u?dcdcb279
http://www.nessus.org/u?e09c159e
http://www.nessus.org/u?f68d352b
http://www.openssl.org/news/secadv_20140407.txt
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.securityfocus.com/bid/66690
http://www.securitytracker.com/id/1030026
http://www.securitytracker.com/id/1030074
http://www.securitytracker.com/id/1030077
http://www.securitytracker.com/id/1030078
http://www.securitytracker.com/id/1030079
http://www.securitytracker.com/id/1030080
http://www.securitytracker.com/id/1030081
http://www.securitytracker.com/id/1030082
http://www.splunk.com/view/SP-CAAAMB3
http://www.ubuntu.com/usn/USN-2165-1
http://www.us-cert.gov/ncas/alerts/TA14-098A
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Plugin Details
Severity: High
ID: 500424
File Name: tenable_ot_siemens_CVE-2014-0160.nasl
Version: 1.6
Type: Remote
Family: Tenable.ot
Published: 2/7/2022
Updated: 4/21/2026
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 6.9
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 4.1
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: CVE-2014-0160
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:siemens:cp_1543-1_firmware:1.1, cpe:/o:siemens:simatic_s7-1500_firmware:1.5, cpe:/o:siemens:simatic_s7-1500t_firmware:1.5
Required KB Items: Tenable.ot/Siemens
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/7/2014
Vulnerability Publication Date: 4/7/2014
CISA Known Exploited Vulnerability Due Dates: 5/25/2022
Exploitable With
Core Impact
Reference Information
CVE: CVE-2014-0160
CWE: 125
CERT: TA14-098A
DSA: DSA-2896
FEDORA: FEDORA-2014-4879, FEDORA-2014-4910, FEDORA-2014-9308
HP: HPSBGN03008, HPSBGN03010, HPSBGN03011, HPSBHF03021, HPSBHF03136, HPSBMU02994, HPSBMU02995, HPSBMU02997, HPSBMU02998, HPSBMU02999, HPSBMU03009, HPSBMU03012, HPSBMU03013, HPSBMU03017, HPSBMU03018, HPSBMU03019, HPSBMU03020, HPSBMU03022, HPSBMU03023, HPSBMU03024, HPSBMU03025, HPSBMU03028, HPSBMU03029, HPSBMU03030, HPSBMU03032, HPSBMU03033, HPSBMU03037, HPSBMU03040, HPSBMU03044, HPSBMU03062, HPSBPI03014, HPSBPI03031, HPSBST03000, HPSBST03001, HPSBST03004, HPSBST03015, HPSBST03016, HPSBST03027, SSRT101846
RHSA: RHSA-2014:0376, RHSA-2014:0377, RHSA-2014:0378, RHSA-2014:0396
SECUNIA: 57347, 57483, 57721, 57836, 57966, 57968, 59139, 59243, 59347
SuSE: SUSE-SA:2014:002, openSUSE-SU-2014:0492, openSUSE-SU-2014:0560
USN: USN-2165-1