|Number of vulnerabilities||1|
|CVE ID|| CVE-2018-13800
|Vulnerable software versions||
SIMATIC S7-1200 4.1.2
SIMATIC S7-1200 4.1.1
SIMATIC S7-1200 4.1
SIMATIC S7-1200 4.0
The vulnerability allows a remote unauthenticated attacker to perform CSRF attack.
The weakness exists due to insufficient CSRF protections. A remote attacker can create a specially crafted HTML page or URL, trick the victim into visiting it, gain access to the system and perform arbitrary actions.
Update to version 4.2.3.External links