Siemens SIMATIC S7-1500 PLCs < 1.5 Improper Resource Release DOS

medium Nessus Network Monitor Plugin ID 720196

Synopsis

Siemens SIMATIC S7-1500 PLCs allow remote attackers to cause a denial of service via crafted PROFINET packets.

Description

Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted Profinet packets. Improper Resource Shutdown or Release.

Solution

Update the S7 1500 firmware to 1.5 or later.

Plugin Details

Severity: Medium

ID: 720196

Family: SCADA

Published: 5/8/2019

Updated: 9/30/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 6.1

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

Patch Publication Date: 3/14/2014

Vulnerability Publication Date: 3/14/2014

Reference Information

CVE: CVE-2014-2253

Detections

Analytics