CVE-2016-2846
medium
CVSS v3
6.5
CVSS v2
6.4
VIR risk
6.5
Description
Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote attackers to bypass a "user program block" protection mechanism via unspecified vectors.
Predictions
Exploit likelihood
75%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-833048.pdf
References
- http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-833048.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-833048.pdf
- https://ics-cert.us-cert.gov/advisories/ICSA-16-075-01
- http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-833048.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-833048.pdf
- https://ics-cert.us-cert.gov/advisories/ICSA-16-075-01
CWEs
CWE-254
Verify integrity in audit chain (admin only). AS-IS.