Detections
Analytics

Siemens SIMATIC S7-1200 PLC < 4.1 Open Redirection

medium Nessus Plugin ID 81592

Language:

Synopsis

The remote web server running on the S7-1200 PLC is affected by an open redirection vulnerability.

Description

The Siemens SIMATIC S7-1200 integrated web server is running a firmware version that is prior to 4.1. It is, therefore, affected by an open redirection vulnerability due to improper validation of user-supplied input. A remote attacker can exploit this, via a crafted URL, to conduct a phishing attack by redirecting a legitimate user to a malicious website.

Note that Nessus has not attempted to exploit this issue but has instead relied only on the device's self-reported version number.

Solution

Upgrade to Siemens SIMATIC S7-1200 CPU firmware release version 4.1 or later.

See Also

http://www.nessus.org/u?0dd4ed5d

https://ics-cert.us-cert.gov/advisories/ICSA-15-022-01

Plugin Details

Severity: Medium

ID: 81592

File Name: scada_siemens_simatic_s7_1200_plc_open_redirection.nbin

Version: 1.69

Type: remote

Family: SCADA

Published: 3/2/2015

Updated: 3/19/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/h:siemens:simatic_s7_1200_cpu, cpe:/o:siemens:simatic_s7_1200_cpu_firmware

Required KB Items: SCADA/Siemens SIMATIC S7-1200 PLC Web Server, Siemens SIMATIC S7-1200 PLC Firmware

Exploit Ease: No known exploits are available

Patch Publication Date: 1/21/2015

Vulnerability Publication Date: 1/21/2015

Reference Information

CVE: CVE-2015-1048

BID: 72282

ICSA: 15-022-01