CVE-2011-20002
HIGHDescription
A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) (All versions < V2.0.2), SIMATIC S7-1200 CPU V2 family (incl. SIPLUS variants) (All versions < V2.0.2). Affected controllers are vulnerable to capture-replay in the communication with the engineering software. This could allow an on-path attacker between the engineering software and the controller to execute any previously recorded commands at a later time (e.g. set the controller to STOP), regardless whether or not the controller had a password configured.
Is your site exposed to CVE-2011-20002?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2011-20002? +
How severe is CVE-2011-20002? +
How do I check if I'm vulnerable to CVE-2011-20002? +
Related Vulnerabilities
Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key …
Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a …
The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic …
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with …
Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the …
A weakness identified in OpenText Advanced Authentication where a Malicious browser plugin can record and replay the user authentication process …