The Siemens CERT has posted a formal response to two CVSS level 7 vulnerabilities found in the SIMATIC S7-1200 CPU
- Replay attack. An attacker can sniff the traffic and then send it again to issue a command to the same controller.
- Denial of service for Firmware Version 02.00.02. Scanning the communication interface causes it to stop.
Workarounds, until the firmware is updated, are to disable unnecessary services and segment the network.
As a temporary measure, it is recommended to disable the web server. The ability to disable the web server is available in TIA Portal Version 11. In addition, it is important to ensure your automation network is protected from unauthorized access using the strategies suggested in this document or isolate the automation network from all other networks using an air gap.