Siemens SIMATIC S7-1200 SSL Private Key Reuse Spoofing Vulnerability Network Vulnerability

Summary

Siemens SIMATIC S7-1200 is prone to a security vulnerability that may allow attackers to spoof SSL certificates. Attackers can exploit this issue to display incorrect SSL certificates. Successful exploits will cause victims to accept the certificates assuming they are from a legitimate site. Siemens SIMATIC S7-1200 versions 2.x are vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://www.securityfocus.com/bid/55559
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-240718.pdf

Updated on 2017-03-28

Severity

Classification

CVE CVE-2012-3037
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
Adobe Reader Multiple Vulnerabilities - Aug07 (Linux)
Aardvark Topsites Multiple Vulnerabilities
APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability
Apple Safari Webkit Multiple Vulnerabilities - March 2011

Take action and discover your vulnerabilities