Vulnerabilities > CVE-2014-2248 - Unspecified vulnerability in Siemens Simatic S7-1500 CPU Firmware 1.0.1/1.1.0/1.1.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 |
References
- http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01
- http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01
- http://www.securityfocus.com/bid/66190
- http://www.securityfocus.com/bid/66190
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf