ET SCADA [nsacyber/ELITEWOLF] Siemens S7-1200 Default X509 Certificate String

SID: 2048686Rev: 23 views
History
Sourceet/open
CreatedOctober 19, 2023
UpdatedApril 25, 2024
Classificationmisc-activity
alert tls $HOME_NET any -> any any (msg:"ET SCADA [nsacyber/ELITEWOLF] Siemens S7-1200 Default X509 Certificate String"; flow:established,to_client; tls.certs; content:"S7-1200 Controller Family"; fast_pattern; reference:url,github.com/nsacyber/ELITEWOLF; classtype:misc-activity; sid:2048686; rev:2; metadata:affected_product Siemens_S7_Series, attack_target ICS, created_at 2023_10_19, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Minor, updated_at 2024_04_25, reviewed_at 2024_10_02; target:src_ip;)

References

urlgithub.com/nsacyber/ELITEWOLF

Metadata

affected productSiemens_S7_Series
attack targetICS
created at2023_10_19
deploymentInternal
performance impactLow
confidenceHigh
signature severityMinor
updated at2024_04_25
reviewed at2024_10_02

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!