Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SIMATIC S7-1200 CPU family version 4 (All versions < V4.2.3). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by a legitimate user, who must be authenticated to the web interface. A successful attack could allow an attacker to trigger actions via the web interface that the legitimate user is allowed to perform. This could allow the attacker to read or modify parts of the device configuration.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Siemens SIMATIC S7-1200 CPU family 跨站请求伪造漏洞
Vulnerability Description
Siemens SIMATIC S7-1200 CPU系列4.2.3之前的4版本中存在跨站请求伪造漏洞。远程攻击者可通过诱使用户访问恶意的链接利用该漏洞执行该合法用户可允许的操作(读取或修改部分设备配置)。
CVSS Information
N/A
Vulnerability Type
N/A