CVE-2014-2258
Published Mar 24, 2014
Last updated 5 years ago
Overview
- Description
- Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets, a different vulnerability than CVE-2014-2259.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BCF4722-1850-48CD-9BCA-6EBD9EFF8147",
"versionEndIncluding": "3.0.2"
},
{
"criteria": "cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8C7A9D3-33C0-465B-914D-3D1FF1BE8272"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7_cpu-1211c:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7F8E0D6-D9DE-4F2A-A0D3-84A9EEB8EAFD"
},
{
"criteria": "cpe:2.3:h:siemens:simatic_s7_cpu_1212c:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6A11F4A-4DA2-4EDC-A51F-69DA422C320F"
},
{
"criteria": "cpe:2.3:h:siemens:simatic_s7_cpu_1214c:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9EB6306C-2F6E-49A3-BFAE-BA6962501697"
},
{
"criteria": "cpe:2.3:h:siemens:simatic_s7_cpu_1215c:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DC6AAEF-22EE-449B-83A8-9BE0B84199EE"
},
{
"criteria": "cpe:2.3:h:siemens:simatic_s7_cpu_1217c:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36F69756-6304-489F-A287-65D0A9E81943"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]