Description
A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0), SIMATIC S7-1200 CPU 1212C AC/DC/Rly (6ES7212-1BE40-0XB0), SIMATIC S7-1200 CPU 1212C DC/DC/DC (6ES7212-1AE40-0XB0), SIMATIC S7-1200 CPU 1212C DC/DC/Rly (6ES7212-1HE40-0XB0), SIMATIC S7-1200 CPU 1212FC DC/DC/DC (6ES7212-1AF40-0XB0), SIMATIC S7-1200 CPU 1212FC DC/DC/Rly (6ES7212-1HF40-0XB0), SIMATIC S7-1200 CPU 1214C AC/DC/Rly (6ES7214-1BG40-0XB0), SIMATIC S7-1200 CPU 1214C DC/DC/DC (6ES7214-1AG40-0XB0), SIMATIC S7-1200 CPU 1214C DC/DC/Rly (6ES7214-1HG40-0XB0), SIMATIC S7-1200 CPU 1214FC DC/DC/DC (6ES7214-1AF40-0XB0), SIMATIC S7-1200 CPU 1214FC DC/DC/Rly (6ES7214-1HF40-0XB0), SIMATIC S7-1200 CPU 1215C AC/DC/Rly (6ES7215-1BG40-0XB0), SIMATIC S7-1200 CPU 1215C DC/DC/DC (6ES7215-1AG40-0XB0), SIMATIC S7-1200 CPU 1215C DC/DC/Rly (6ES7215-1HG40-0XB0), SIMATIC S7-1200 CPU 1215FC DC/DC/DC (6ES7215-1AF40-0XB0), SIMATIC S7-1200 CPU 1215FC DC/DC/Rly (6ES7215-1HF40-0XB0), SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-2XB0), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-4XB0), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-2XB0), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-4XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-2XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-4XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL (6AG2212-1AE40-1XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-2XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-4XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-5XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-2XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-4XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-5XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-2XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-4XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-5XB0), SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL (6AG2214-1AG40-1XB0), SIPLUS S7-1200 CPU 1214FC DC/DC/DC (6AG1214-1AF40-5XB0), SIPLUS S7-1200 CPU 1214FC DC/DC/RLY (6AG1214-1HF40-5XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-2XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-4XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-5XB0), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-2XB0), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-4XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-2XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-4XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-5XB0), SIPLUS S7-1200 CPU 1215C DC/DC/DC (6AG1215-1AG40-5XB0), SIPLUS S7-1200 CPU 1215FC DC/DC/DC (6AG1215-1AF40-5XB0). The web interface of the affected devices is vulnerable to Cross-Site Request Forgery (CSRF) attacks. This could allow an unauthenticated attacker to change the CPU mode by tricking a legitimate and authenticated user with sufficient permissions on the target CPU to click on a malicious link.
CVSS breakdown
Affected products
- Siemens / SIMATIC S7-1200 CPU 1211C AC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1211C DC/DC/DC0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1211C DC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1212C AC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1212C DC/DC/DC0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1212C DC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1212FC DC/DC/DC0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1212FC DC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1214C AC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1214C DC/DC/DC0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1214C DC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1214FC DC/DC/DC0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1214FC DC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1215C AC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1215C DC/DC/DC0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1215C DC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1215FC DC/DC/DC0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1215FC DC/DC/Rly0 – V4.7
- Siemens / SIMATIC S7-1200 CPU 1217C DC/DC/DC0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1212 AC/DC/RLY0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1212C DC/DC/DC0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1212 DC/DC/RLY0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1214 AC/DC/RLY0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1214 DC/DC/DC0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1214 DC/DC/RLY0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1214FC DC/DC/DC0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1214FC DC/DC/RLY0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1215 AC/DC/RLY0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1215C DC/DC/DC0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1215 DC/DC/DC0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1215 DC/DC/RLY0 – V4.7
- Siemens / SIPLUS S7-1200 CPU 1215FC DC/DC/DC0 – V4.7