← Volver a CVEs
CVE-2012-3037
N/ADescripcion
The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado9/25/2012
Ultima modificacion4/29/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
siemens:simatic_s7-1200siemens:simatic_s7-1200_cpu_1211csiemens:simatic_s7-1200_cpu_1211c_firmwaresiemens:simatic_s7-1200_cpu_1212csiemens:simatic_s7-1200_cpu_1212c_firmwaresiemens:simatic_s7-1200_cpu_1212fcsiemens:simatic_s7-1200_cpu_1212fc_firmwaresiemens:simatic_s7-1200_cpu_1214_fcsiemens:simatic_s7-1200_cpu_1214_fc_firmwaresiemens:simatic_s7-1200_cpu_1214csiemens:simatic_s7-1200_cpu_1214c_firmwaresiemens:simatic_s7-1200_cpu_1215_fcsiemens:simatic_s7-1200_cpu_1215_fc_firmwaresiemens:simatic_s7-1200_cpu_1215csiemens:simatic_s7-1200_cpu_1215c_firmwaresiemens:simatic_s7-1200_cpu_1217csiemens:simatic_s7-1200_cpu_1217c_firmwaresiemens:simatic_s7-1200_firmware
Debilidades (CWE)
CWE-295
Referencias
http://en.securitylab.ru/lab/PT-2012-48(ics-cert@hq.dhs.gov)
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-240718.pdf(ics-cert@hq.dhs.gov)
http://www.us-cert.gov/control_systems/pdf/ICSA-12-263-01.pdf(ics-cert@hq.dhs.gov)
http://en.securitylab.ru/lab/PT-2012-48(af854a3a-2127-422b-91ae-364da2661108)
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-240718.pdf(af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/control_systems/pdf/ICSA-12-263-01.pdf(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.