← Back to CVEs
CVE-2012-3037
N/ADescription
The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.
CVE Details
CVSS v3.1 ScoreN/A
Published9/25/2012
Last Modified4/29/2026
Sourcenvd
Honeypot Sightings0
Affected Products
siemens:simatic_s7-1200siemens:simatic_s7-1200_cpu_1211csiemens:simatic_s7-1200_cpu_1211c_firmwaresiemens:simatic_s7-1200_cpu_1212csiemens:simatic_s7-1200_cpu_1212c_firmwaresiemens:simatic_s7-1200_cpu_1212fcsiemens:simatic_s7-1200_cpu_1212fc_firmwaresiemens:simatic_s7-1200_cpu_1214_fcsiemens:simatic_s7-1200_cpu_1214_fc_firmwaresiemens:simatic_s7-1200_cpu_1214csiemens:simatic_s7-1200_cpu_1214c_firmwaresiemens:simatic_s7-1200_cpu_1215_fcsiemens:simatic_s7-1200_cpu_1215_fc_firmwaresiemens:simatic_s7-1200_cpu_1215csiemens:simatic_s7-1200_cpu_1215c_firmwaresiemens:simatic_s7-1200_cpu_1217csiemens:simatic_s7-1200_cpu_1217c_firmwaresiemens:simatic_s7-1200_firmware
Weaknesses (CWE)
CWE-295
References
http://en.securitylab.ru/lab/PT-2012-48(ics-cert@hq.dhs.gov)
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-240718.pdf(ics-cert@hq.dhs.gov)
http://www.us-cert.gov/control_systems/pdf/ICSA-12-263-01.pdf(ics-cert@hq.dhs.gov)
http://en.securitylab.ru/lab/PT-2012-48(af854a3a-2127-422b-91ae-364da2661108)
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-240718.pdf(af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/control_systems/pdf/ICSA-12-263-01.pdf(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.