Signature Detail

Short Name	SCADA:SIEMENS-SIMATIC-CPU-RCE
Severity	Medium
Recommended	No
Recommended Action	Drop
Category	SCADA
Keywords	Siemens Simatic S7-300/400/1200 CPU START/STOP Module Command Execution
Release Date	2012/08/13
Update Number	2172
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SCADA: Siemens Simatic S7-300/400/1200 CPU START/STOP Module Command Execution

This signature detects attempts to exploit a known vulnerability in the Siemens Simatic S7-300, 400 and 1200 Programmable Logic Controller. A malicious attacker can execute administrative commands without authentication.

References

URL: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-186-01.pdf
URL: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-161-01.pdf

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

SCADA: Siemens Simatic S7-300/400/1200 CPU START/STOP Module Command Execution

References