ET SCADA [nsacyber/ELITEWOLF] Possible Siemens S7-1200 Unauthorized Access Attempt - Request for /Images/CPU1200/ - Suricata Rule 2048684 (et/open)

ET SCADA [nsacyber/ELITEWOLF] Possible Siemens S7-1200 Unauthorized Access Attempt - Request for /Images/CPU1200/

SID: 2048684Rev: 13 viewsHistory

Sourceet/open

CreatedOctober 19, 2023

UpdatedOctober 19, 2023

Classificationweb-application-activity

alert http any any -> $HOME_NET any (msg:"ET SCADA [nsacyber/ELITEWOLF] Possible Siemens S7-1200 Unauthorized Access Attempt - Request for /Images/CPU1200/"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/Images/CPU1200/"; fast_pattern; reference:url,github.com/nsacyber/ELITEWOLF; classtype:web-application-activity; sid:2048684; rev:1; metadata:affected_product Siemens_S7_Series, attack_target ICS, created_at 2023_10_19, deployment Perimeter, deployment Internal, performance_impact Low, confidence Low, signature_severity Minor, updated_at 2023_10_19; target:dest_ip;)

References

url	github.com/nsacyber/ELITEWOLF

Metadata

affected productSiemens_S7_Series

attack targetICS

created at2023_10_19

deploymentInternal

performance impactLow

confidenceLow

signature severityMinor

updated at2023_10_19

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!