high
7.1
CWE
1286
EPSS
0.044%
Advisory Published
Updated

CVE-2025-24812

First published: Tue Feb 11 2025(Updated: )

A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1212C AC/DC/Rly (6ES7212-1BE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1212C DC/DC/DC (6ES7212-1AE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1212C DC/DC/Rly (6ES7212-1HE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1212FC DC/DC/DC (6ES7212-1AF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1212FC DC/DC/Rly (6ES7212-1HF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1214C AC/DC/Rly (6ES7214-1BG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1214C DC/DC/DC (6ES7214-1AG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1214C DC/DC/Rly (6ES7214-1HG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1214FC DC/DC/DC (6ES7214-1AF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1214FC DC/DC/Rly (6ES7214-1HF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1215C AC/DC/Rly (6ES7215-1BG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1215C DC/DC/DC (6ES7215-1AG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1215C DC/DC/Rly (6ES7215-1HG40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1215FC DC/DC/DC (6ES7215-1AF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1215FC DC/DC/Rly (6ES7215-1HF40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212 AC/DC/RLY (6AG1212-1BE40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL (6AG2212-1AE40-1XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL (6AG2214-1AG40-1XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214FC DC/DC/DC (6AG1214-1AF40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1214FC DC/DC/RLY (6AG1214-1HF40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-2XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-4XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215C DC/DC/DC (6AG1215-1AG40-5XB0) (All versions < V4.7), SIPLUS S7-1200 CPU 1215FC DC/DC/DC (6AG1215-1AF40-5XB0) (All versions < V4.7). Affected devices do not process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

Credit: productcert@siemens.com

Affected SoftwareAffected VersionHow to fix
Siemens SIMATIC S7-1200 CPU 1211C AC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1211C DC/DC/DC<4.7
Siemens SIMATIC S7-1200 CPU 1211C DC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1212C AC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1212C DC/DC/DC<4.7
Siemens SIMATIC S7-1200 CPU 1212C DC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1212FC DC/DC/DC<4.7
Siemens SIMATIC S7-1200 CPU 1212FC DC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1214C AC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1214C DC/DC/DC<4.7
Siemens SIMATIC S7-1200 CPU 1214C DC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1214FC DC/DC/DC<4.7
Siemens SIMATIC S7-1200 CPU 1214FC DC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1215C AC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1215C DC/DC/DC<4.7
Siemens SIMATIC S7-1200 CPU 1215C DC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1215FC DC/DC/DC<4.7
Siemens SIMATIC S7-1200 CPU 1215FC DC/DC/Rly<4.7
Siemens SIMATIC S7-1200 CPU 1217C DC/DC/DC<4.7
Siemens SIPLUS S7-1200 CPU 1212 AC/DC/RLY<4.7
Siemens SIPLUS S7-1200 CPU 1212 DC/DC/RLY<4.7
Siemens SIPLUS S7-1200 CPU 1212C DC/DC/DC<4.7
Siemens SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL<4.7
Siemens SIPLUS S7-1200 CPU 1214 AC/DC/RLY<4.7
Siemens SIPLUS S7-1200 CPU 1214 DC/DC/DC<4.7
Siemens SIPLUS S7-1200 CPU 1214FC DC/DC/RLY<4.7
Siemens SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL<4.7
Siemens SIPLUS S7-1200 CPU 1214FC DC/DC/DC<4.7
Siemens SIPLUS S7-1200 CPU 1214FC DC/DC/RLY<4.7
Siemens SIPLUS S7-1200 CPU 1215 AC/DC/RLY<4.7
Siemens SIPLUS S7-1200 CPU 1215C DC/DC/DC<4.7
Siemens SIPLUS S7-1200 CPU 1215 DC/DC/RLY<4.7
Siemens SIPLUS S7-1200 CPU 1215C DC/DC/DC<4.7
Siemens SIPLUS S7-1200 CPU 1215FC DC/DC/DC<4.7

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2025-24812?

    CVE-2025-24812 is classified as a high-severity vulnerability affecting various Siemens SIMATIC S7-1200 CPU models.

  • How do I fix CVE-2025-24812?

    To fix CVE-2025-24812, you should update your Siemens SIMATIC S7-1200 CPU firmware to version 4.7 or later.

  • Which versions are affected by CVE-2025-24812?

    CVE-2025-24812 affects all versions of the Siemens SIMATIC S7-1200 CPU 1211C and 1212C models prior to version 4.7.

  • Is CVE-2025-24812 remote exploit accessible?

    Yes, CVE-2025-24812 allows remote exploitation due to inadequate authentication protections.

  • What products are impacted by CVE-2025-24812?

    The impacted products include various models of Siemens SIMATIC S7-1200 CPUs, specifically 1211C, 1212C, and associated variants.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203