Vulnerability: Spoofing of Siemens SIMATIC S7-1200 Web Server via Forged Certificate

Vulnerability: Spoofing of Siemens SIMATIC S7-1200 Web Server via Forged Certificate

CVE-2012-3037 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.

Learn more about our Web App Pen Testing.