Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2014-2250
HistoryMar 24, 2014 - 2:20 p.m.

CVE-2014-2250

2014-03-2414:20:39
CWE-310
[email protected]
web.nvd.nist.gov
1

CVSS2

8.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:P/I:P/A:C

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

77.7%

JSON

The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors, a different vulnerability than CVE-2014-2251.

Affected configurations

Nvd
Node
siemenssimatic_s7_cpu_1200_firmwareRange≀3.0.2
OR
siemenssimatic_s7_cpu_1200_firmwareMatch3.0
AND
siemenssimatic_s7_cpu-1211cMatch-
OR
siemenssimatic_s7_cpu_1212cMatch-
OR
siemenssimatic_s7_cpu_1214cMatch-
OR
siemenssimatic_s7_cpu_1215cMatch-
OR
siemenssimatic_s7_cpu_1217cMatch-
VendorProductVersionCPE
siemenssimatic_s7_cpu_1200_firmware*cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:*:*:*:*:*:*:*:*
siemenssimatic_s7_cpu_1200_firmware3.0cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:3.0:*:*:*:*:*:*:*
siemenssimatic_s7_cpu-1211c-cpe:2.3:h:siemens:simatic_s7_cpu-1211c:-:*:*:*:*:*:*:*
siemenssimatic_s7_cpu_1212c-cpe:2.3:h:siemens:simatic_s7_cpu_1212c:-:*:*:*:*:*:*:*
siemenssimatic_s7_cpu_1214c-cpe:2.3:h:siemens:simatic_s7_cpu_1214c:-:*:*:*:*:*:*:*
siemenssimatic_s7_cpu_1215c-cpe:2.3:h:siemens:simatic_s7_cpu_1215c:-:*:*:*:*:*:*:*
siemenssimatic_s7_cpu_1217c-cpe:2.3:h:siemens:simatic_s7_cpu_1217c:-:*:*:*:*:*:*:*

Related

prion 2
nessus 5
cve 2
cvelist 2
ptsecurity 2
nvd 1
seebug 1
ics 2
prion
prion
Code injection
2014-03-24 14:20:00
Code injection
2014-03-16 14:06:00
nessus
nessus
Siemens SIMATIC S7-1200 Insufficient Entropy in PRNG (CVE-2014-2250)
2022-02-07 00:00:00
Siemens Simatic Unspecified Vulnerability
2019-11-08 00:00:00
Siemens SIMATIC S7-1200 PLCs < 4.0 Random Number Generator Insufficient Entropy
2019-05-08 00:00:00
cve
cve
CVE-2014-2250
2014-03-24 14:20:39
CVE-2014-2251
2014-03-16 14:06:45
cvelist
cvelist
CVE-2014-2250
2014-03-22 01:00:00
CVE-2014-2251
2014-03-16 10:00:00
ptsecurity
ptsecurity
PT-2013-87: Insuffient Entropy in Siemens SIMATIC S7-1200 CPU PLC
2013-05-08 00:00:00
PT-2013-84: Insuffient Entropy in Siemens SIMATIC S7-1500 CPU PLC
2013-05-08 00:00:00
nvd
nvd
CVE-2014-2251
2014-03-16 14:06:45
seebug
seebug
Siemens SIMATIC S7-1200倚δΈͺ漏洞
2014-03-21 00:00:00
ics
ics
Siemens SIMATIC S7-1200 Vulnerabilities
2018-08-23 12:00:00
Siemens SIMATIC S7-1500 CPU Firmware Vulnerabilities
2018-09-06 12:00:00

CVSS2

8.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:P/I:P/A:C

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

77.7%

JSON
Related for NVD:CVE-2014-2250
prion2nessus5cve2cvelist2ptsecurity2nvd1seebug1ics2