Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Siemens SIMATIC S7-300/400 PLC Multiple Vulnerabilities
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Siemens SIMATIC S7-300 and S7-400 are prone to multiple vulnerabilities.
Insight
Insight
Siemens SIMATIC S7-300 and S7-400 are prone to multiple vulnerabilities: - Specially crafted packets sent to Port 80/TCP could cause the affected devices to go into defect mode. (CVE-2016-9158) - An attacker with network access to Port 102/TCP (ISO-TSAP) could obtain credentials from the PLC if Protection-level 2 is configured on the affected devices. (CVE-2016-9159)
Affected Software
Affected Software
S7-300 CPU firmware version prior to 3.X.14, S7-400 PN V6 firmware version prior to 6.0.6, S7-400 V7 firmware version prior to 7.0.2 and S7-CPU 410 CPU firmware version prior to 8.2.0.
Detection Method
Detection Method
Checks if a HTTP port or the COTP port is open.
Solution
Solution
Siemens provides updated firmware versions.