VYPR
Unrated severityNVD Advisory· Published Oct 10, 2012· Updated Jun 16, 2026

CVE-2012-3040

CVE-2012-3040

Description

Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*range: >=2.0.0,<3.0.2
    • cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*range: >=2.0.0,<3.0.2
    • cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*range: >=2.0.0,<3.0.2
    • cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215_fc_firmware:*:*:*:*:*:*:*:*range: >=2.0.0,<3.0.2
    • cpe:2.3:o:siemens:simatic_s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*range: >=2.0.0,<3.0.2
    • cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:*range: >=2.0.0,<3.0.2
  • cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212fc_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212fc_firmware:*:*:*:*:*:*:*:*range: >=2.0.0,<3.0.2
    • cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*range: >=2.0.0,<3.0.2
  • cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*
    Range: >=2.0.0,<3.0.2
  • Range: >=2.0, <=3.0.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.