Lucene search
HistoryMay 11, 2017 - 1:29 a.m.
CVE-2017-2680
cve-2017-2680
profinet
dcp
broadcast packets
denial of service
nvd
6.1 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
66.3%
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
Affected configurations
Node
siemenssimatic_cp_343-1_stdMatch-
siemenssimatic_cp_343-1_std_firmwareRange<3.1.3
Node
siemenssimatic_cp_343-1_leanMatch-
siemenssimatic_cp_343-1_lean_firmwareRange<3.1.3
Node
siemenssimatic_cp_343-1_advMatch-
siemenssimatic_cp_343-1_adv_firmware
Node
siemenssimatic_cp_443-1_stdMatch-
siemenssimatic_cp_443-1_std_firmwareRange<3.2.17
Node
siemenssimatic_cp_443-1_advMatch-
siemenssimatic_cp_443-1_adv_firmwareRange<3.2.17
Node
siemenssimatic_cp_443-1_opc-uaMatch-
siemenssimatic_cp_443-1_opc-ua_firmware
Node
siemenssimatic_cp_1243-1Match-
siemenssimatic_cp_1243-1_firmwareRange<2.1.82
Node
siemenssimatic_cm_1542-1_firmwareRange<2.0
siemenssimatic_cm_1542-1Match-
Node
siemenssimatic_cp_1542sp-1_firmwareRange<1.0.15
siemenssimatic_cp_1542sp-1Match-
Node
siemenssimatic_cp_1542sp-1_irc_firmwareRange<1.0.15
siemenssimatic_cp_1542sp-1_ircMatch-
Node
siemenssimatic_cp_1543sp-1_firmwareRange<1.0.15
siemenssimatic_cp_1543sp-1Match-
Node
siemenssimatic_cp_1543-1_firmwareRange<2.1
siemenssimatic_cp_1543-1Match-
Node
siemenssimatic_rf650r_firmwareRange<3.0
siemenssimatic_rf650rMatch-
Node
siemenssimatic_rf680r_firmwareRange<3.0
siemenssimatic_rf680rMatch-
Node
siemenssimatic_rf685r_firmwareRange<3.0
siemenssimatic_rf685rMatch-
Node
siemenssimatic_cp_1616_firmwareRange<2.7
siemenssimatic_cp_1616Match-
Node
siemenssimatic_cp_1604_firmwareRange<2.7
siemenssimatic_cp_1604Match-
Node
siemenssimatic_dk-1616_pn_io_firmwareRange<2.7
siemenssimatic_dk-1616_pn_ioMatch-
Node
siemensscalance_x200_firmwareRange<5.2.2
siemensscalance_x200Match-
Node
siemensscalance_x200_irt_firmwareRange<5.4.0
siemensscalance_x200_irtMatch-
Node
siemensscalance_x300_firmwareRange<4.1.0
siemensscalance_x300Match-
Node
siemensscalance_x408_firmwareRange<4.1.0
siemensscalance_x408Match-
Node
siemensscalance_x414_firmwareRange<3.10.2
siemensscalance_x414Match-
Node
siemensscalance_xm400_firmwareRange<6.1
siemensscalance_xm400Match-
Node
siemensscalance_xr500_firmwareRange<6.1
siemensscalance_xr500Match-
Node
siemensscalance_w700_firmwareRange<6.1
siemensscalance_w700Match-
Node
siemensscalance_m-800_firmwareRange<4.03
siemensscalance_m-800Match-
Node
siemensscalance_s615_firmwareRange<4.03
siemensscalance_s615Match-
Node
siemenssoftnet_profinet_io_firmwareRange<14
ORsiemenssoftnet_profinet_io_firmwareMatch14-
siemenssoftnet_profinet_ioMatch-
Node
siemensie\/pb-link_firmwareRange<3.0
siemensie\/pb-linkMatch-
Node
siemensie\/as-i_link_pn_io_firmware
siemensie\/as-i_link_pn_ioMatch-
Node
siemenssimatic_teleservice_adapter_ie_standard_firmware
siemenssimatic_teleservice_adapter_ie_standardMatch-
Node
siemenssimatic_teleservice_adapter_ie_basic_firmware
siemenssimatic_teleservice_adapter_ie_basicMatch-
Node
siemenssimatic_teleservice_adapter_ie_advanced_firmware
siemenssimatic_teleservice_adapter_ie_advanced_modemMatch-
Node
siemenssitop_psu8600_firmwareRange<1.2.0
siemenssitop_psu8600Match-
Node
siemensups1600_profinet_firmwareRange<2.2.0
siemensups1600_profinetMatch-
Node
siemenssimatic_et_200al_firmwareRange<1.0.2
siemenssimatic_et_200alMatch-
Node
siemenssimatic_et_200ecopn_firmware
siemenssimatic_et_200ecopnMatch-
Node
siemenssimatic_et_200m_firmware
siemenssimatic_et_200mMatch-
Node
siemenssimatic_et_200mp_firmwareRange<4.0.1
siemenssimatic_et_200mpMatch-
Node
siemenssimatic_et_200pro_firmware
siemenssimatic_et_200proMatch-
Node
siemenssimatic_et_200s_firmware
siemenssimatic_et_200sMatch-
Node
siemenssimatic_et_200sp_firmwareRange<4.1.0
siemenssimatic_et_200spMatch-
Node
siemenspn\/pn_coupler_firmwareRange<4.0
siemenspn\/pn_couplerMatch-
Node
siemensdk_standard_ethernet_controller_firmwareRange<4.1.1
ORsiemensdk_standard_ethernet_controller_firmwareMatch4.1.1-
siemensdk_standard_ethernet_controllerMatch-
Node
siemensek-ertec_200p_pn_io_firmwareRange<4.4.0
ORsiemensek-ertec_200p_pn_io_firmwareMatch4.4.0-
siemensek-ertec_200p_pn_ioMatch-
Node
siemensek-ertec_200_pn_io_firmwareRange<4.2.1
ORsiemensek-ertec_200_pn_io_firmwareMatch4.2.1-
siemensek-ertec_200_pn_ioMatch-
Node
siemenssimatic_s7-200_smart_firmwareRange<2.3
siemenssimatic_s7-200_smartMatch-
Node
siemenssimatic_s7-300_firmwareMatch-
siemenssimatic_s7-300Match-
Node
siemenssimatic_s7-400_firmwareRange<6.0.6
siemenssimatic_s7-400Match-
Node
siemenssimatic_s7-1200_firmwareRange<4.2.1
siemenssimatic_s7-1200Match-
Node
siemenssimatic_s7-1500_firmwareRange<2.1
siemenssimatic_s7-1500Match-
Node
siemenssimatic_s7-1500_software_controller_firmwareRange<2.1
siemenssimatic_s7-1500_software_controllerMatch-
Node
siemenssimatic_winac_rtx_firmwareRange<2010
ORsiemenssimatic_winac_rtx_firmwareMatch2010-
siemenssimatic_winac_rtxMatch-
Node
siemenssirius_act_3su1_firmwareRange<1.1.0
siemenssirius_act_3su1Match-
Node
siemenssirius_soft_starter_3rw44_pn_firmware
siemenssirius_soft_starter_3rw44_pnMatch-
Node
siemenssirius_motor_starter_m200d_profinet_firmware
siemenssirius_motor_starter_m200d_profinetMatch-
Node
siemenssimocode_pro_v_profinet_firmwareRange<2.0.0
siemenssimocode_pro_v_profinetMatch-
Node
siemenssinamics_dcm_firmwareRange<1.4
ORsiemenssinamics_dcm_firmwareMatch1.4-
ORsiemenssinamics_dcm_firmwareMatch1.4sp1
siemenssinamics_dcmMatch-
Node
siemenssinamics_dcp_firmwareRange<1.2
ORsiemenssinamics_dcp_firmwareMatch1.2-
siemenssinamics_dcpMatch-
Node
siemenssinamics_g110m_firmwareRange<4.7
ORsiemenssinamics_g110m_firmwareMatch4.7-
siemenssinamics_g110mMatch-
Node
siemenssinamics_g120\(c\/p\/d\)_w._pn_firmwareRange<4.7
ORsiemenssinamics_g120\(c\/p\/d\)_w._pn_firmwareMatch4.7-
siemenssinamics_g120\(c\/p\/d\)_w._pnMatch-
Node
siemenssinamics_g130_firmwareRange<4.7
ORsiemenssinamics_g130_firmwareMatch4.7-
siemenssinamics_g130Match-
Node
siemenssinamics_g150_firmwareRange<4.7
ORsiemenssinamics_g150_firmwareMatch4.7-
siemenssinamics_g150Match-
Node
siemenssinamics__s110_pn_firmwareRange<4.4
ORsiemenssinamics__s110_pn_firmwareMatch4.4-
siemens_s110_pnMatch-
Node
siemenssinamics_s120_firmwareRange<4.7
ORsiemenssinamics_s120_firmwareMatch4.7-
siemenssinamics_s120Match-
Node
siemenssinamics_s150_firmwareRange<4.7
ORsiemenssinamics_s150_firmwareMatch4.7-
siemenssinamics_s150Match-
Node
siemenssinamics_v90_pn_firmwareRange<1.01
siemenssinamics_v90_pnMatch-
Node
siemenssimotion_firmwareRange<4.5
ORsiemenssimotion_firmwareMatch4.5-
siemenssimotionMatch-
Node
siemenssinumerik_828d_firmwareRange<4.5
ORsiemenssinumerik_828d_firmwareMatch4.5-
siemenssinumerik_828dMatch-
Node
siemenssinumerik_840d_sl_firmwareRange<4.5
ORsiemenssinumerik_840d_sl_firmwareMatch4.5-
siemenssinumerik_840d_slMatch-
Node
siemenssimatic_hmi_comfort_panelsRange<15.1
siemenssimatic_hmi_comfort_panelsMatch-
Node
siemenssimatic_hmi_multi_panelsRange<15.1
siemenssimatic_hmi_multi_panelsMatch-
Node
siemenssimatic_hmi_mobile_panelsMatch-
siemenssimatic_hmi_mobile_panelsRange<15.1
Node
siemenssimatic_cp_1243-1_irc_firmwareRange<2.1.82
siemenssimatic_cp_1243-1_ircMatch-
Node
siemenssimatic_cp_1243-1_iec_firmware
siemenssimatic_cp_1243-1_iecMatch-
Node
siemenssimatic_cp_1243-1_dnp3_firmware
siemenssimatic_cp_1243-1_dnp3Match-
Node
siemenssimatic_dk-1604_pn_io_firmwareRange<2.7
siemenssimatic_dk-1604_pn_ioMatch-
Node
siemenssimatic_tdc_cpu555_firmwareRange<1.1.1
siemenssimatic_tdc_cpu555Match-
Node
siemenssimatic_tdc_cp51m1_firmwareRange<1.1.8
siemenssimatic_tdc_cp51m1Match-
Node
siemenssinamics_gh150_firmwareRange<4.7
ORsiemenssinamics_gh150_firmwareMatch4.7-
siemenssinamics_gh150Match-
Node
siemenssinamics_gl150_firmwareRange<4.8
ORsiemenssinamics_gl150_firmwareMatch4.8-
siemenssinamics_gl150Match-
Node
siemenssinamics_gm150_firmwareRange<4.7
ORsiemenssinamics_gm150_firmwareMatch4.7-
siemenssinamics_gm150Match-
Node
siemenssinamics_sl150_firmwareRange<4.8
ORsiemenssinamics_sl150_firmwareMatch4.8-
siemenssinamics_sl150Match-
Node
siemenssinamics_sm120_firmwareRange<4.8
ORsiemenssinamics_sm120_firmwareMatch4.8-
siemenssinamics_sm120Match-
Node
siemensextension_unit_12_profinet_firmwareRange<01.01.01
siemensextension_unit_12_profinetMatch-
Node
siemensextension_unit_15_profinet_firmwareRange<01.01.01
siemensextension_unit_15_profinetMatch-
Node
siemensextension_unit_19_profinet_firmwareRange<01.01.01
siemensextension_unit_19_profinetMatch-
Node
siemensextension_unit_22_profinet_firmwareRange<01.01.01
siemensextension_unit_22_profinetMatch-
Node
siemenssimatic_cp_1242-7_gprs_firmwareRange<2.1.82
siemenssimatic_cp_1242-7_gprsMatch-
Node
siemenssimatic_cp_1243-7_lte\/us_firmwareRange<2.1.82
siemenssimatic_cp_1243-7_lte\/usMatch-
Node
siemenssimatic_cp_1243-8_firmwareRange<2.1.82
siemenssimatic_cp_1243-8Match-
Node
siemenssimatic_cp_1626_firmwareRange<1.1
siemenssimatic_cp_1626Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| siemens:simatic_cp_343-1_std_firmware | siemens simatic cp 343-1 std firmware | lt | 3.1.3 |
CNA Affected
[
{
"product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.1.1 Patch04"
}
]
},
{
"product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.2.1 Patch03"
}
]
},
{
"product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.4.0 Patch01"
}
]
},
{
"product": "Extension Unit 12\" PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V01.01.01"
}
]
},
{
"product": "Extension Unit 15\" PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V01.01.01"
}
]
},
{
"product": "Extension Unit 19\" PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V01.01.01"
}
]
},
{
"product": "Extension Unit 22\" PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V01.01.01"
}
]
},
{
"product": "IE/AS-i Link PN IO",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "IE/PB-Link (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.0"
}
]
},
{
"product": "SCALANCE M-800 / S615",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.03"
}
]
},
{
"product": "SCALANCE W700",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V6.1"
}
]
},
{
"product": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V5.2.2"
}
]
},
{
"product": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V5.4.0"
}
]
},
{
"product": "SCALANCE X-300 switch family (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.1.0"
}
]
},
{
"product": "SCALANCE X408",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.1.0"
}
]
},
{
"product": "SCALANCE X414",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.10.2"
}
]
},
{
"product": "SCALANCE XM-400 Family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V6.1"
}
]
},
{
"product": "SCALANCE XR-500 Family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V6.1"
}
]
},
{
"product": "SIMATIC CM 1542-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.0"
}
]
},
{
"product": "SIMATIC CM 1542SP-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.0.15"
}
]
},
{
"product": "SIMATIC CP 1242-7 GPRS V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.1.82"
}
]
},
{
"product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.1.82"
}
]
},
{
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC CP 1243-1 IRC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.1.82"
}
]
},
{
"product": "SIMATIC CP 1243-7 LTE/US",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.1.82"
}
]
},
{
"product": "SIMATIC CP 1243-8",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.1.82"
}
]
},
{
"product": "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.0.15"
}
]
},
{
"product": "SIMATIC CP 1543-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.1"
}
]
},
{
"product": "SIMATIC CP 1543SP-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.0.15"
}
]
},
{
"product": "SIMATIC CP 1604",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.7"
}
]
},
{
"product": "SIMATIC CP 1616",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.7"
}
]
},
{
"product": "SIMATIC CP 1626",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.1"
}
]
},
{
"product": "SIMATIC CP 343-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.1.3"
}
]
},
{
"product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.1.3"
}
]
},
{
"product": "SIMATIC CP 443-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.2.17"
}
]
},
{
"product": "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.2.17"
}
]
},
{
"product": "SIMATIC CP 443-1 OPC UA",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC DK-16xx PN IO",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.7"
}
]
},
{
"product": "SIMATIC ET200AL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.0.2"
}
]
},
{
"product": "SIMATIC ET200M (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.0.1"
}
]
},
{
"product": "SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.2"
}
]
},
{
"product": "SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.1"
}
]
},
{
"product": "SIMATIC ET200S (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200SP (incl. SIPLUS variants, except IM155-6 PN ST and IM155-6 PN HF)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < 4.2.0"
}
]
},
{
"product": "SIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.0.1"
}
]
},
{
"product": "SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.1.0"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200ecoPN: IO-Link Master",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET200pro",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V15.1"
}
]
},
{
"product": "SIMATIC MV400 family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions < V7.0.6"
}
]
},
{
"product": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.0"
}
]
},
{
"product": "SIMATIC RF650R",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.0"
}
]
},
{
"product": "SIMATIC RF680R",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.0"
}
]
},
{
"product": "SIMATIC RF685R",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.0"
}
]
},
{
"product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.2.1"
}
]
},
{
"product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.1"
}
]
},
{
"product": "SIMATIC S7-1500 Software Controller (incl. F)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.1"
}
]
},
{
"product": "SIMATIC S7-200 SMART",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.3"
}
]
},
{
"product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.X.14"
}
]
},
{
"product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V6.0.7"
}
]
},
{
"product": "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V6.0.6"
}
]
},
{
"product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V7.0.2"
}
]
},
{
"product": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V8.2"
}
]
},
{
"product": "SIMATIC TDC CP51M1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.1.8"
}
]
},
{
"product": "SIMATIC TDC CPU555",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.1.1"
}
]
},
{
"product": "SIMATIC Teleservice Adapter IE Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC Teleservice Adapter IE Basic",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC Teleservice Adapter IE Standard",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC WinAC RTX (F) 2010",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < SIMATIC WinAC RTX 2010 SP3"
}
]
},
{
"product": "SIMOCODE pro V PN (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.0.0"
}
]
},
{
"product": "SIMOTION (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.5 HF1"
}
]
},
{
"product": "SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.4 HF26"
}
]
},
{
"product": "SINAMICS DCM w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.4 SP1 HF5"
}
]
},
{
"product": "SINAMICS DCP w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.2 HF1"
}
]
},
{
"product": "SINAMICS G110M w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7 SP6 HF3"
}
]
},
{
"product": "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7 SP6 HF3"
}
]
},
{
"product": "SINAMICS G130 V4.7 w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7 HF27"
}
]
},
{
"product": "SINAMICS G130 V4.8 w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.8 HF4"
}
]
},
{
"product": "SINAMICS G150 V4.7 w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "V4.7: All versions < V4.7 HF27"
}
]
},
{
"product": "SINAMICS G150 V4.8 w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.8 HF4"
}
]
},
{
"product": "SINAMICS GH150 V4.7 w. PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7 SP5 HF7"
}
]
},
{
"product": "SINAMICS GL150 V4.7 w. PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.8 SP2"
}
]
},
{
"product": "SINAMICS GM150 V4.7 w. PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7 HF31"
}
]
},
{
"product": "SINAMICS S110 w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.4 SP3 HF5"
}
]
},
{
"product": "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7 HF27"
}
]
},
{
"product": "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.8 HF4"
}
]
},
{
"product": "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7"
}
]
},
{
"product": "SINAMICS S150 V4.7 w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7 HF27"
}
]
},
{
"product": "SINAMICS S150 V4.8 w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.8 HF4"
}
]
},
{
"product": "SINAMICS SL150 V4.7.0 w. PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7 HF30"
}
]
},
{
"product": "SINAMICS SL150 V4.7.4 w. PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.8 SP2"
}
]
},
{
"product": "SINAMICS SL150 V4.7.5 w. PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.8 SP2"
}
]
},
{
"product": "SINAMICS SM120 V4.7 w. PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.8 SP2"
}
]
},
{
"product": "SINAMICS V90 w. PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.01"
}
]
},
{
"product": "SINUMERIK 828D V4.5 and prior",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.5 SP6 HF2"
}
]
},
{
"product": "SINUMERIK 828D V4.7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7 SP4 HF1"
}
]
},
{
"product": "SINUMERIK 840D sl V4.5 and prior",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.5 SP6 HF2"
}
]
},
{
"product": "SINUMERIK 840D sl V4.7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.7 SP4 HF1"
}
]
},
{
"product": "SIRIUS ACT 3SU1 interface module PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.1.0"
}
]
},
{
"product": "SIRIUS Motor Starter M200D PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIRIUS Soft Starter 3RW44 PN",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SITOP PSU8600 PROFINET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V1.2.0"
}
]
},
{
"product": "SITOP UPS1600 PROFINET (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.2.0"
}
]
},
{
"product": "Softnet PROFINET IO for PC-based Windows systems",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V14 SP1"
}
]
}
]References
www.securityfocus.com/bid/98369
www.securitytracker.com/id/1038463
cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf
cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf
cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf
ics-cert.us-cert.gov/advisories/ICSA-18-023-02
www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf
Related
nessus
nessus
Siemens PROFINET DCP Uncontrolled Resource Consumption (CVE-2017-2680)
2022-02-07 00:00:00
Siemens Simatic Improper Input Validation
2019-11-08 00:00:00
ics
ics
Siemens Industrial Products (Update A)
2019-02-12 12:00:00
prion
prion
Design/Logic Flaw
2017-05-11 01:29:00
cvelist
cvelist
CVE-2017-2680
2017-05-11 01:00:00
nvd
nvd
CVE-2017-2680
2017-05-11 01:29:05
openvas
openvas
Siemens SIMATIC S7 PLC Multiple Vulnerabilities (SSA-293562)
2017-08-18 00:00:00
6.1 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
66.3%
Related for CVE-2017-2680