Missing Authentication Vulnerability in S7-1200 Devices
Plan Patch8.1SSA-830194Aug 10, 2021
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary
SIMATIC S7-1200 PLC firmware V4.5.0 fails to properly authenticate configured passwords when provisioned using TIA Portal V13. This authentication bypass allows an attacker using TIA Portal V13 or later to download arbitrary programs to the affected device, gaining control over the PLC's operations.
What this means
What could happen
An attacker could bypass password authentication and upload malicious programs to the PLC, gaining full control over manufacturing processes including machine behavior, safety interlocks, and production operations.
Who's at risk
Manufacturing facilities operating SIEMENS SIMATIC S7-1200 PLCs (including SIPLUS industrial variants) should be concerned. This affects all CPU models in the S7-1200 family running V4.5.0 that control machinery, production lines, assembly equipment, and safety-critical processes.
How it could be exploited
An attacker with network access to the S7-1200 PLC can connect using TIA Portal (Siemens' engineering software) and bypass the configured authentication to download arbitrary programs. The attack requires TIA Portal V13 or later, which is commonly available on engineering workstations and can be accessed remotely if the workstation is exposed.
Prerequisites
- Network access to the S7-1200 CPU (typically port 102 for S7 communication)
- TIA Portal V13 or later installed on attacker's machine or accessible remotely
- S7-1200 running firmware V4.5.0 that was initially configured with TIA Portal V13
remotely exploitableno authentication required (password bypass)high complexity attackaffects safety systemsactively exploited in the wild (KEV)
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
SIMATIC S7-1200 CPU family (incl. SIPLUS variants)V4.5.04.5.1
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate SIMATIC S7-1200 firmware to version 4.5.1 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/c57f6e63-74d9-4ec6-9e5e-f4594886d27d