Cross-Site Request Forgery (CSRF) Vulnerability in SIMATIC S7-1200 CPUs before V4.7
Plan Patch7.1SSA-717113Jan 14, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
The web interface of SIMATIC S7-1200 CPUs before V4.7 contains a cross-site request forgery (CSRF) vulnerability that allows an attacker to perform unauthorized actions on the PLC if an authenticated engineer can be tricked into clicking a malicious link while logged into the device. This could result in modification of control logic, process parameters, or safety settings.
What this means
What could happen
An attacker could trick an authenticated engineer into performing unwanted actions on the PLC through a malicious web link, such as changing program setpoints, disabling safety interlocks, or stopping production equipment.
Who's at risk
Transportation and critical infrastructure operators using Siemens SIMATIC S7-1200 PLCs for equipment control, process automation, or safety systems. This includes rail transit, traffic signals, and industrial control applications where engineers access PLC configuration through the web interface.
How it could be exploited
An attacker crafts a malicious web link or HTML page that, when clicked by an authorized engineer already logged into the PLC's web interface, sends unauthorized commands to the PLC. The PLC executes these commands without the engineer's knowledge because the browser automatically includes their session credentials.
Prerequisites
- Engineer or technician must be actively logged into the PLC's web interface
- Attacker must trick the logged-in user to click a malicious link or visit a compromised website while the session is active
- Web interface must be reachable from the network segment where the engineer is working
remotely exploitablerequires user interaction (engineer click)low complexityaffects control logic and process setpointsaffects safety system configuration
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (34)
34 with fix
ProductAffected VersionsFix Status
SIMATIC S7-1200 CPU 1211C AC/DC/Rly< V4.74.7
SIMATIC S7-1200 CPU 1211C DC/DC/DC< V4.74.7
SIMATIC S7-1200 CPU 1211C DC/DC/Rly< V4.74.7
SIMATIC S7-1200 CPU 1212C AC/DC/Rly< V4.74.7
SIMATIC S7-1200 CPU 1212C DC/DC/DC< V4.74.7
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate SIMATIC S7-1200 CPU firmware to version 4.7 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/6a0b8081-5256-4953-8adb-ee74939a8324