Detections
Analytics

Siemens SIMATIC S7-1500 PLCs < 1.5 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 720189

Synopsis

Siemens SIMATIC S7-1500 PLCs &lt; 1.5 are affected by multiple vulnerabilities.

Description

Siemens SIMATIC S7-1500 PLCs < 1.5 are affected by multiple vulnerabilities.
 A cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
 A vulnerability exists that allows remote attackers to cause a denial of service (defect-mode transition) via crafted Profinet packets.
 - The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject headers via unspecified vectors.
 - Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
 - The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors.
 - SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets.
 - SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted ISO-TSAP packets.
 - SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets.

Solution

Update the S7 1500 firmware to 1.5 or later.

See Also

http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01,http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf

Plugin Details

Severity: High

ID: 720189

Family: SCADA

Published: 5/8/2019

Updated: 10/9/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C

Vulnerability Information

Patch Publication Date: 3/14/2014

Vulnerability Publication Date: 3/14/2014

Reference Information

CVE: CVE-2014-2246, CVE-2014-2247, CVE-2014-2248, CVE-2014-2251, CVE-2014-2253, CVE-2014-2255, CVE-2014-2257, CVE-2014-2259

BID: 66201