VAR-201403-0311
Vulnerability from variot - Updated: 2023-12-18 12:21The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors, a different vulnerability than CVE-2014-2251. This vulnerability CVE-2014-2251 Is a different vulnerability.A third party could break the cryptographic protection mechanism and hijack the session. The SIMATIC S7-1200 is a programmable controller for simple but highly precise automation tasks. The Siemens SIMATIC S7-1200 sends a specially crafted packet to TCP port 443, causing an attacker to exploit the vulnerability to put the device into defect mode. Siemens SIMATIC S7-1200 is prone to an entropy weakness. Exploiting this issue can allow attackers to hijack another user's session and gain unauthorized access to the victim's account on the affected application. Versions prior to SIMATIC S7-1200 4.0 are vulnerable. Siemens SIMATIC S7-1200 CPU PLC is a programmable logic controller (PLC) used in small and medium-sized automation systems developed by Siemens in Germany. The vulnerability is caused by the random number generator not having sufficient entropy
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7 cpu 1200",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.x"
},
{
"model": "simatic s7 cpu 1214c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7 cpu 1215c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7 cpu 1217c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7 cpu 1212c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7 cpu 1200",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.2"
},
{
"model": "simatic s7 cpu-1211c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1211c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1212c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1214c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1215c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu 1217c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "simatic s7 cpu 1200",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "3.0.2"
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.0.1"
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.0.0"
},
{
"model": "simatic s7-1200",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "simatic s7-1200",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.0"
}
],
"sources": [
{
"db": "IVD",
"id": "210f5144-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c7c4e180-1ee2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01910"
},
{
"db": "BID",
"id": "66346"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001768"
},
{
"db": "NVD",
"id": "CVE-2014-2250"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-414"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_s7_cpu_1212c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_s7_cpu_1217c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_s7_cpu-1211c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_s7_cpu_1215c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_s7_cpu_1214c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2250"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Timorin, and Alexey Osipov from Positive Technologies.",
"sources": [
{
"db": "BID",
"id": "66346"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2250",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-2250",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-01910",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "210f5144-2352-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "c7c4e180-1ee2-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-70189",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-2250",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-01910",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201403-414",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "210f5144-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "c7c4e180-1ee2-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-70189",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "210f5144-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c7c4e180-1ee2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01910"
},
{
"db": "VULHUB",
"id": "VHN-70189"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001768"
},
{
"db": "NVD",
"id": "CVE-2014-2250"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-414"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors, a different vulnerability than CVE-2014-2251. This vulnerability CVE-2014-2251 Is a different vulnerability.A third party could break the cryptographic protection mechanism and hijack the session. The SIMATIC S7-1200 is a programmable controller for simple but highly precise automation tasks. The Siemens SIMATIC S7-1200 sends a specially crafted packet to TCP port 443, causing an attacker to exploit the vulnerability to put the device into defect mode. Siemens SIMATIC S7-1200 is prone to an entropy weakness. \nExploiting this issue can allow attackers to hijack another user\u0027s session and gain unauthorized access to the victim\u0027s account on the affected application. \nVersions prior to SIMATIC S7-1200 4.0 are vulnerable. Siemens SIMATIC S7-1200 CPU PLC is a programmable logic controller (PLC) used in small and medium-sized automation systems developed by Siemens in Germany. The vulnerability is caused by the random number generator not having sufficient entropy",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2250"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001768"
},
{
"db": "CNVD",
"id": "CNVD-2014-01910"
},
{
"db": "BID",
"id": "66346"
},
{
"db": "IVD",
"id": "210f5144-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c7c4e180-1ee2-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-70189"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2250",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-14-079-02",
"trust": 2.8
},
{
"db": "SIEMENS",
"id": "SSA-654382",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201403-414",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2014-01910",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001768",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "57441",
"trust": 0.6
},
{
"db": "BID",
"id": "66346",
"trust": 0.4
},
{
"db": "IVD",
"id": "210F5144-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "C7C4E180-1EE2-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-70189",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "210f5144-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c7c4e180-1ee2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01910"
},
{
"db": "VULHUB",
"id": "VHN-70189"
},
{
"db": "BID",
"id": "66346"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001768"
},
{
"db": "NVD",
"id": "CVE-2014-2250"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-414"
}
]
},
"id": "VAR-201403-0311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "210f5144-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c7c4e180-1ee2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01910"
},
{
"db": "VULHUB",
"id": "VHN-70189"
}
],
"trust": 1.766485105
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "210f5144-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c7c4e180-1ee2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01910"
}
]
},
"last_update_date": "2023-12-18T12:21:24.752000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-654382",
"trust": 0.8,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-654382.pdf"
},
{
"title": "Patch for Siemens SIMATIC S7-1200 Denial of Service Vulnerability (CNVD-2014-01910)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/72672"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01910"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001768"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70189"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001768"
},
{
"db": "NVD",
"id": "CVE-2014-2250"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-02"
},
{
"trust": 2.0,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-654382.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-654382.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2250"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2250"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/57441/"
},
{
"trust": 0.3,
"url": "http://support.automation.siemens.com/ww/view/en/86567043"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01910"
},
{
"db": "VULHUB",
"id": "VHN-70189"
},
{
"db": "BID",
"id": "66346"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001768"
},
{
"db": "NVD",
"id": "CVE-2014-2250"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-414"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "210f5144-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c7c4e180-1ee2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01910"
},
{
"db": "VULHUB",
"id": "VHN-70189"
},
{
"db": "BID",
"id": "66346"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001768"
},
{
"db": "NVD",
"id": "CVE-2014-2250"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-414"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-24T00:00:00",
"db": "IVD",
"id": "210f5144-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-03-24T00:00:00",
"db": "IVD",
"id": "c7c4e180-1ee2-11e6-abef-000c29c66e3d"
},
{
"date": "2014-03-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01910"
},
{
"date": "2014-03-24T00:00:00",
"db": "VULHUB",
"id": "VHN-70189"
},
{
"date": "2014-03-20T00:00:00",
"db": "BID",
"id": "66346"
},
{
"date": "2014-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001768"
},
{
"date": "2014-03-24T14:20:39.557000",
"db": "NVD",
"id": "CVE-2014-2250"
},
{
"date": "2014-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-414"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01910"
},
{
"date": "2020-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-70189"
},
{
"date": "2014-03-20T00:00:00",
"db": "BID",
"id": "66346"
},
{
"date": "2014-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001768"
},
{
"date": "2020-02-10T15:15:14.590000",
"db": "NVD",
"id": "CVE-2014-2250"
},
{
"date": "2020-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-414"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-414"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC S7-1200 CPU PLC Vulnerability that breaks cryptographic protection mechanism in random number generation of devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001768"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-414"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…