Siemens SIMATIC S7-1200 PLC < 4.1.3 XSRF

high Nessus Plugin ID 85842

Synopsis

The remote web server running on the S7-1200 PLC is affected by a cross-site request forgery vulnerability.

Description

The Siemens SIMATIC S7-1200 integrated web server is running a firmware version that is prior to 4.1.3 It is, therefore, affected by an unspecified cross-site request forgery (XSRF) vulnerability. A remote attacker can exploit this by convincing a user to click a malicious link.

Note that Nessus has not attempted to exploit this issue but has instead relied only on the device's self-reported version number.

Solution

Upgrade to Siemens SIMATIC S7-1200 CPU firmware release version 4.1.3 or later.

See Also

http://www.nessus.org/u?6edea143

https://ics-cert.us-cert.gov/advisories/ICSA-15-239-02

Plugin Details

Severity: High

ID: 85842

File Name: scada_siemens_simatic_s7_1200_plc_SSA-134003.nbin

Version: 1.66

Type: remote

Family: SCADA

Published: 9/8/2015

Updated: 5/20/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2015-5698

Vulnerability Information

CPE: cpe:/h:siemens:simatic_s7_1200_cpu, cpe:/o:siemens:simatic_s7_1200_cpu_firmware

Required KB Items: SCADA/Siemens SIMATIC S7-1200 PLC Web Server, Siemens SIMATIC S7-1200 PLC Firmware

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/27/2015

Vulnerability Publication Date: 8/27/2015

Reference Information

CVE: CVE-2015-5698

ICSA: 15-239-02