Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.3
CVSSv2

CVE-2014-2250

Published: 24/03/2014 Updated: 10/02/2020
CVSS v2 Base Score: 8.3 | Impact Score: 8.5 | Exploitability Score: 8.6
VMScore: 739
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:C
Subscribe to Siemens

Vulnerability Summary

The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices with firmware prior to 4.0 does not have sufficient entropy, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors, a different vulnerability than CVE-2014-2251.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siemens simatic_s7_cpu_1200_firmware

siemens simatic_s7_cpu_1200_firmware 3.0

siemens simatic_s7_cpu_1212c -

siemens simatic_s7_cpu_1217c -

siemens simatic_s7_cpu-1211c -

siemens simatic_s7_cpu_1215c -

siemens simatic_s7_cpu_1214c -

References

CWE-310http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-654382.pdfhttp://ics-cert.us-cert.gov/advisories/ICSA-14-079-02https://cert-portal.siemens.com/productcert/pdf/ssa-654382.pdfhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook