SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-483967349] Siemens SIMATIC S7-1200 CPU Protection Mechanism Failure

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2016-03-15PLCSiemens SIMATIC S7-1200 CPU family: All versions < V4.0Maik Bruggemann and Ralf SpennebergN/A2016-2846N/AN/AN/A


# Siemens SIMATIC S7-1200 CPU Protection Mechanism Failure


Siemens has identified a protection mechanism failure vulnerability in old firmware versions of SIMATIC S7-1200. Maik Bruggemann and Ralf Spenneberg from Open Source Training reported this issue directly to Siemens. Siemens provides SIMATIC S7-1200 CPU product, release V4.0 or newer, to mitigate this vulnerability and recommends keeping the firmware up to date.

This vulnerability could be exploited remotely.


Siemens reports that the vulnerability affects the following SIMATIC products:

SIMATIC S7-1200 CPU family: All versions prior to V4.0


An attacker who exploits this vulnerability could circumvent user program block protection.

Impact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.


Siemens is a multinational company headquartered in Munich, Germany.

The affected products, the Siemens SIMATIC S7-1200 CPU family, are designed for discrete and continuous control in industrial environments. According to Siemens, the Siemens SIMATIC S7-1200 CPU family is deployed across several sectors including Chemical, Critical Manufacturing, and Food and Agriculture. Siemens estimates that these products are used worldwide.




SIMATIC S7-1200 CPU firmware prior to Version 4.0 could possibly allow an attacker to circumvent user program block protection under certain circumstances.

CVE-2016-2846 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).



This vulnerability could be exploited remotely.


No known public exploits specifically target this vulnerability.


An attacker with a low skill would be able to exploit this vulnerability.


Siemens recommends firmware release Version 4.0 or later for SIMATIC S7-1200 CPUs. Siemens recommends to keep firmware up to date and to set the PLC functionality "Access protection" to read/write protection. The latest firmware releases can be found here: (link is external)

For more information on these vulnerabilities and detailed instructions, please see Siemens Security Advisory SSA-833048 at the following location: (link is external)

As a general security measure Siemens strongly recommends to protect network access to the web interface of S7-1200 CPUs with appropriate mechanisms. Siemens advises to configure the environment according to Siemens operational guidelines in order to run the devices in a protected IT environment.