![siemens simatic s7-1200 lldp siemens simatic s7-1200 lldp](https://i.ytimg.com/vi/mQIXsHnNU2w/maxresdefault.jpg)
The integrated web server (Port 80/TCP and Port 443/TCP) of the affected devices could allow an attacker to redirect users to untrusted web sites if unsuspecting users are tricked to click on a malicious link. VULNERABILITY CHARACTERIZATION VULNERABILITY OVERVIEW Products in the Siemens SIMATIC S7-1200 CPU family have been designed for discrete and continuous control in critical infrastructure sectors such as Chemical, Critical Manufacturing, and Food and Agriculture. Siemens is a multinational company headquartered in Munich, Germany. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Impact to individual organizations depends on many factors that are unique to each organization. This vulnerability could allow an attacker to redirect users to untrusted sites under certain conditions. SIMATIC S7-1200 CPU family: All versions prior to V4.1.
![siemens simatic s7-1200 lldp siemens simatic s7-1200 lldp](https://live.staticflickr.com/65535/51215529098_3f7d8c3974_b.jpg)
The following Siemens SIMATIC S7-1200 CPU family versions are affected: This vulnerability could be exploited remotely.
Siemens simatic s7 1200 lldp update#
Siemens has produced an update that mitigates this vulnerability. This vulnerability was reported directly to Siemens by Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training. Siemens has identified an open redirect vulnerability in the SIMATIC S7-1200 CPU family.