CVE-2024-47100
Published: Jan 14, 2025
Modified: Jan 14, 2025
CVSS v3.1
7.1
Description
A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0), SIMATIC S7-1200 CPU 1212C AC/DC/Rly (6ES7212-1BE40-0XB0), SIMATIC S7-1200 CPU 1212C DC/DC/DC (6ES7212-1AE40-0XB0), SIMATIC S7-1200 CPU 1212C DC/DC/Rly (6ES7212-1HE40-0XB0), SIMATIC S7-1200 CPU 1212FC DC/DC/DC (6ES7212-1AF40-0XB0), SIMATIC S7-1200 CPU 1212FC DC/DC/Rly (6ES7212-1HF40-0XB0), SIMATIC S7-1200 CPU 1214C AC/DC/Rly (6ES7214-1BG40-0XB0), SIMATIC S7-1200 CPU 1214C DC/DC/DC (6ES7214-1AG40-0XB0), SIMATIC S7-1200 CPU 1214C DC/DC/Rly (6ES7214-1HG40-0XB0), SIMATIC S7-1200 CPU 1214FC DC/DC/DC (6ES7214-1AF40-0XB0), SIMATIC S7-1200 CPU 1214FC DC/DC/Rly (6ES7214-1HF40-0XB0), SIMATIC S7-1200 CPU 1215C AC/DC/Rly (6ES7215-1BG40-0XB0), SIMATIC S7-1200 CPU 1215C DC/DC/DC (6ES7215-1AG40-0XB0), SIMATIC S7-1200 CPU 1215C DC/DC/Rly (6ES7215-1HG40-0XB0), SIMATIC S7-1200 CPU 1215FC DC/DC/DC (6ES7215-1AF40-0XB0), SIMATIC S7-1200 CPU 1215FC DC/DC/Rly (6ES7215-1HF40-0XB0), SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-2XB0), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-4XB0), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-2XB0), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-4XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-2XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-4XB0), SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL (6AG2212-1AE40-1XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-2XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-4XB0), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-5XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-2XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-4XB0), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-5XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-2XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-4XB0), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-5XB0), SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL (6AG2214-1AG40-1XB0), SIPLUS S7-1200 CPU 1214FC DC/DC/DC (6AG1214-1AF40-5XB0), SIPLUS S7-1200 CPU 1214FC DC/DC/RLY (6AG1214-1HF40-5XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-2XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-4XB0), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-5XB0), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-2XB0), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-4XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-2XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-4XB0), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-5XB0), SIPLUS S7-1200 CPU 1215C DC/DC/DC (6AG1215-1AG40-5XB0), SIPLUS S7-1200 CPU 1215FC DC/DC/DC (6AG1215-1AF40-5XB0). The web interface of the affected devices is vulnerable to Cross-Site Request Forgery (CSRF) attacks. This could allow an unauthenticated attacker to change the CPU mode by tricking a legitimate and authenticated user with sufficient permissions on the target CPU to click on a malicious link.
| Vendor | Product | Versions |
|---|---|---|
Siemens | SIMATIC S7-1200 CPU 1211C AC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1211C DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1211C DC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1212C AC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1212C DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1212C DC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1212FC DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1212FC DC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1214C AC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1214C DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1214C DC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1214FC DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1214FC DC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1215C AC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1215C DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1215C DC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1215FC DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1215FC DC/DC/Rly | affected 0 - < V4.7 |
Siemens | SIMATIC S7-1200 CPU 1217C DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1212 AC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1212 AC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1212 DC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1212 DC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1212C DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1212C DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214 AC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214 AC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214 AC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214 DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214 DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214 DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214 DC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214 DC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214 DC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214FC DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1214FC DC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1215 AC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1215 AC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1215 AC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1215 DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1215 DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1215 DC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1215 DC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1215 DC/DC/RLY | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1215C DC/DC/DC | affected 0 - < V4.7 |
Siemens | SIPLUS S7-1200 CPU 1215FC DC/DC/DC | affected 0 - < V4.7 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now