Design/Logic Flaw

2017-05-1110:29:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.1%

JSON

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices.

CPENameOperatorVersion
dk_standard_ethernet_controller_firmwarelt4.1.1
dk_standard_ethernet_controller_firmwareeq4.1.1
ek-ertec_200_pn_io_firmwarelt4.2.1
ek-ertec_200_pn_io_firmwareeq4.2.1
ek-ertec_200p_pn_io_firmwarelt4.4.0
ek-ertec_200p_pn_io_firmwareeq4.4.0
ie\\/pb-link_firmwarelt3.0
pn\\/pn_coupler_firmwarelt4.0
scalance_m-800_firmwarelt4.03
scalance_s615_firmwarelt4.03

Name	Operator	Version
dk_standard_ethernet_controller_firmware	lt	4.1.1
dk_standard_ethernet_controller_firmware	eq	4.1.1
ek-ertec_200_pn_io_firmware	lt	4.2.1
ek-ertec_200_pn_io_firmware	eq	4.2.1
ek-ertec_200p_pn_io_firmware	lt	4.4.0
ek-ertec_200p_pn_io_firmware	eq	4.4.0
ie\\/pb-link_firmware	lt	3.0
pn\\/pn_coupler_firmware	lt	4.0
scalance_m-800_firmware	lt	4.03
scalance_s615_firmware	lt	4.03