Unrated severityNVD Advisory· Published Mar 24, 2014· Updated Jun 17, 2026

CVE-2014-2250

Description

The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors, a different vulnerability than CVE-2014-2251.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Siemens Foundation/Simatic S7 CPU 1200 Firmware5 versions
cpe:2.3:h:siemens:simatic_s7_cpu-1211c:-:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:h:siemens:simatic_s7_cpu-1211c:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:simatic_s7_cpu_1212c:-:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:simatic_s7_cpu_1217c:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:*:*:*:*:*:*:*:*range: <=3.0.2
- cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:3.0:*:*:*:*:*:*:*
Siemens Foundation/Simatic S7 1200 CPU 1214c Firmware
cpe:2.3:h:siemens:simatic_s7_cpu_1214c:-:*:*:*:*:*:*:*
Siemens Foundation/Simatic S7 CPU 1215c
cpe:2.3:h:siemens:simatic_s7_cpu_1215c:-:*:*:*:*:*:*:*
Siemens Foundation/SIMATIC S7-1200llm-fuzzy
Range: <4.0

Patches

Vulnerability mechanics

References

www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-654382.pdfnvdVendor Advisory
ics-cert.us-cert.gov/advisories/ICSA-14-079-02nvdUS Government Resource
cert-portal.siemens.com/productcert/pdf/ssa-654382.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000