OTPulse
FeedAboutContact

Cross-Site Scripting Vulnerability in SIMATIC S7-1200 CPU V2/V3 Before V3.0.2

Act Now9.6SSA-279823Oct 8, 2012
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

The web server on SIMATIC S7-1200 CPU V2/V3 Before V3.0.2 contains a cross-site scripting (XSS) vulnerability that could allow remote attackers to inject arbitrary web script or HTML via a crafted URI.

What this means
What could happen
An attacker could inject malicious scripts into the PLC's web interface to steal credentials, alter displayed parameters, or trick authorized operators into performing unintended actions on the controller.
Who's at risk
Water utilities, municipal electric systems, and industrial automation managers using Siemens SIMATIC S7-1200 CPU V2 or V3 programmable logic controllers for process control, monitoring, or diagnostics via the built-in web interface.
How it could be exploited
An attacker crafts a malicious URI containing XSS payload and sends it to an operator or administrator of the S7-1200 web interface. When the victim visits the link or views the page, the script executes in their browser with the same privileges as the user, potentially capturing credentials or manipulating controller settings visible through the web interface.
Prerequisites
  • Network access to the web server port on the S7-1200 CPU (typically port 80/443)
  • User interaction required: the attack requires an authorized operator or engineer to click a malicious link or visit a compromised page
Remotely exploitableLow complexity attackUser interaction requiredAffects PLC engineering and operations interfaceV2 family has no patch available
Exploitability
Moderate exploit probability (EPSS 1.2%)
Affected products (2)
1 with fix1 EOL
ProductAffected VersionsFix Status
SIMATIC S7-1200 CPU V3 family (incl. SIPLUS variants)< 3.0.23.0.2
SIMATIC S7-1200 CPU V2 family (incl. SIPLUS variants)All versionsNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/1
WORKAROUNDFor SIMATIC S7-1200 CPU V2 family where no fix is available, restrict network access to the web server port (80/443) using firewall rules, allowing only authorized engineering workstations and control network segments
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIMATIC S7-1200 CPU V3 family (including SIPLUS variants) to firmware version 3.0.2 or later
HARDENINGDisable or restrict access to the web server interface on S7-1200 CPUs if not actively used for operations, monitoring, or diagnostics
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/2301ce48-31e8-4b22-b17a-ff8e5b6f0f35
Cross-Site Scripting Vulnerability in SIMATIC S7-1200 CPU V2/V3 Before V3.0.2 | CVSS 9.6 - OTPulse