SSA-654382 (Last Update: 2020-02-10): Vulnerabilities in SIMATIC S7-1200 CPU Familiy

Published

2020-02-10 00:00:00 UTC

Summary

The latest product release of the SIMATIC S7-1200 CPU fixes several vulnerabilities. The most severe of these vulnerabilities could allow an attacker to take over an authenticated web session if the session token can be predicted. The attacker must have network access to the device to exploit this vulnerability.

Further vulnerabilities resolved in this product release are discussed below.

Source

https://cert-portal.siemens.com/productcert/pdf/ssa-654382.pdf