SSA-654382 (Last Update: 2020-02-10): Vulnerabilities in SIMATIC S7-1200 CPU Familiy


2020-02-10 00:00:00 UTC


The latest product release of the SIMATIC S7-1200 CPU fixes several vulnerabilities. The most severe of these vulnerabilities could allow an attacker to take over an authenticated web session if the session token can be predicted. The attacker must have network access to the device to exploit this vulnerability.

Further vulnerabilities resolved in this product release are discussed below.