CVE-2017-12741 - Vulnerability Details

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.05261.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens Subscribe	Dk Standard Ethernet Controller Subscribe Dk Standard Ethernet Controller Firmware Subscribe Ek-ertec 200p Subscribe Ek-ertec 200p Firmware Subscribe Ek-ertec 200pn Io Subscribe Ek-ertec 200pn Io Firmware Subscribe Simatic Compact Field Unit Subscribe Simatic Compact Field Unit Firmware Subscribe Simatic Et 200al Subscribe Simatic Et 200al Firmware Subscribe Simatic Et 200ecopn Subscribe Simatic Et 200ecopn Firmware Subscribe Simatic Et 200m Subscribe Simatic Et 200m Firmware Subscribe Simatic Et 200mp Subscribe Simatic Et 200mp Firmware Subscribe Simatic Et 200pro Subscribe Simatic Et 200pro Firmware Subscribe Simatic Et 200s Subscribe Simatic Et 200s Firmware Subscribe Simatic Et 200sp Subscribe Simatic Et 200sp Firmware Subscribe Simatic Pn\/pn Coupler Subscribe Simatic Pn\/pn Coupler Firmware Subscribe Simatic S7-1200 Subscribe Simatic S7-1200 Firmware Subscribe Simatic S7-1500 Subscribe Simatic S7-1500 Controller Subscribe Simatic S7-1500 Controller Firmware Subscribe Simatic S7-1500 Firmware Subscribe Simatic S7-200 Subscribe Simatic S7-200 Firmware Subscribe Simatic S7-300 Subscribe Simatic S7-300 Firmware Subscribe Simatic S7-400h V6 Subscribe Simatic S7-400h V6 Firmware Subscribe Simatic S7-400pn\/dp V7 Subscribe Simatic S7-400pn\/dp V7 Firmware Subscribe Simatic S7-400pn V6 Subscribe Simatic S7-400pn V6 Firmware Subscribe Simatic S7-410 V8 Subscribe Simatic S7-410 V8 Firmware Subscribe Simatic Winac Rtx F 2010 Subscribe Simatic Winac Rtx F 2010 Firmware Subscribe Simocode Pro V Profinet Subscribe Simocode Pro V Profinet Firmware Subscribe Simotion C Subscribe Simotion C Firmware Subscribe Simotion D Subscribe Simotion D Firmware Subscribe Simotion P Subscribe Simotion P Firmware Subscribe Sinamics Dcm Subscribe Sinamics Dcm Firmware Subscribe Sinamics Dcp Subscribe Sinamics Dcp Firmware Subscribe Sinamics G110m\/g120pn Subscribe Sinamics G110m\/g120pn Firmware Subscribe Sinamics G130 Subscribe Sinamics G130 Firmware Subscribe Sinamics G150 Subscribe Sinamics G150 Firmware Subscribe Sinamics S110pn Subscribe Sinamics S110pn Firmware Subscribe Sinamics S120 Subscribe Sinamics S120 Firmware Subscribe Sinamics S150 V4.7 Subscribe Sinamics S150 V4.7 Firmware Subscribe Sinamics S150 V4.8 Subscribe Sinamics S150 V4.8 Firmware Subscribe Sinamics V90pn Subscribe Sinamics V90pn Firmware Subscribe Sinumerik 840d Sl Subscribe Sinumerik 840d Sl Firmware Subscribe Sirius Soft Starter 3rw44pn Subscribe Sirius Soft Starter 3rw44pn Firmware Subscribe

Configuration 1 [-]

AND

cpe:2.3:o:siemens:simatic_s7-200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-200:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400pn_v6_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400pn_v6:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400h_v6_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400h_v6:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400pn\/dp_v7_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400pn\/dp_v7:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:siemens:simatic_s7-410_v8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-410_v8:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1500_controller_firmware:2.0:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500_controller:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:siemens:simatic_winac_rtx_f_2010_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_winac_rtx_f_2010:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:siemens:simatic_et_200al_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200al:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:siemens:simatic_et_200ecopn_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200ecopn:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:siemens:simatic_et_200m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200m:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:siemens:simatic_et_200mp_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200mp:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:siemens:simatic_et_200pro_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200pro:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:siemens:simatic_et_200s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200s:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:siemens:simatic_et_200sp_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200sp:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:dk_standard_ethernet_controller:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:siemens:ek-ertec_200p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ek-ertec_200p:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:siemens:ek-ertec_200pn_io_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ek-ertec_200pn_io:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:siemens:simotion_d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simotion_d:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:siemens:simotion_c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simotion_c:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:siemens:simotion_p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simotion_p:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:siemens:sinamics_dcm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_dcm:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:siemens:sinamics_dcp_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:siemens:sinamics_g110m\/g120pn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_g110m\/g120pn:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:siemens:sinamics_g130_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:siemens:sinamics_g150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:siemens:sinamics_s110pn_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_s110pn:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:siemens:sinamics_s120_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:siemens:sinamics_s150_v4.7_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_s150_v4.7:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:siemens:sinamics_s150_v4.8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_s150_v4.8:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:siemens:sinamics_v90pn_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_v90pn:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:siemens:simatic_compact_field_unit_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_compact_field_unit:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:siemens:simatic_pn\/pn_coupler_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_pn\/pn_coupler:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:siemens:simocode_pro_v_profinet_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simocode_pro_v_profinet:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:siemens:sirius_soft_starter_3rw44pn_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sirius_soft_starter_3rw44pn:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2017-4280	Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://cert-portal.siemens.com/productcert/html/ssa-141614.html
https://cert-portal.siemens.com/productcert/html/ssa-346262.html
https://cert-portal.siemens.com/productcert/html/ssa-546832.html
https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf
https://www.securityfocus.com/bid/101964

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2017-12-26T04:00:00

Updated: 2024-08-05T18:51:06.315Z

Reserved: 2017-08-09T00:00:00

Link: CVE-2017-12741

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2017-12-26T04:29:13.707

Modified: 2025-04-20T01:37:25.860

Link: CVE-2017-12741

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Projects

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object