CVE-2017-2680 - Vulnerability Details

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.02335.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	S110 Pn Dk Standard Ethernet Controller Dk Standard Ethernet Controller Firmware Ek-ertec 200 Pn Io Ek-ertec 200 Pn Io Firmware Ek-ertec 200p Pn Io Ek-ertec 200p Pn Io Firmware Extension Unit 12 Profinet Extension Unit 12 Profinet Firmware Extension Unit 15 Profinet Extension Unit 15 Profinet Firmware Extension Unit 19 Profinet Extension Unit 19 Profinet Firmware Extension Unit 22 Profinet Extension Unit 22 Profinet Firmware Ie\/as-i Link Pn Io Ie\/as-i Link Pn Io Firmware Ie\/pb-link Ie\/pb-link Firmware Pn\/pn Coupler Pn\/pn Coupler Firmware Scalance M-800 Scalance M-800 Firmware Scalance S615 Scalance S615 Firmware Scalance W700 Scalance W700 Firmware Scalance X200 Scalance X200 Firmware Scalance X200 Irt Scalance X200 Irt Firmware Scalance X300 Scalance X300 Firmware Scalance X408 Scalance X408 Firmware Scalance X414 Scalance X414 Firmware Scalance Xm400 Scalance Xm400 Firmware Scalance Xr500 Scalance Xr500 Firmware Simatic Cm 1542-1 Simatic Cm 1542-1 Firmware Simatic Cp 1242-7 Gprs Simatic Cp 1242-7 Gprs Firmware Simatic Cp 1243-1 Simatic Cp 1243-1 Dnp3 Simatic Cp 1243-1 Dnp3 Firmware Simatic Cp 1243-1 Firmware Simatic Cp 1243-1 Iec Simatic Cp 1243-1 Iec Firmware Simatic Cp 1243-1 Irc Simatic Cp 1243-1 Irc Firmware Simatic Cp 1243-7 Lte\/us Simatic Cp 1243-7 Lte\/us Firmware Simatic Cp 1243-8 Simatic Cp 1243-8 Firmware Simatic Cp 1542sp-1 Simatic Cp 1542sp-1 Firmware Simatic Cp 1542sp-1 Irc Simatic Cp 1542sp-1 Irc Firmware Simatic Cp 1543-1 Simatic Cp 1543-1 Firmware Simatic Cp 1543sp-1 Simatic Cp 1543sp-1 Firmware Simatic Cp 1604 Simatic Cp 1604 Firmware Simatic Cp 1616 Simatic Cp 1616 Firmware Simatic Cp 1626 Simatic Cp 1626 Firmware Simatic Cp 343-1 Adv Simatic Cp 343-1 Adv Firmware Simatic Cp 343-1 Lean Simatic Cp 343-1 Lean Firmware Simatic Cp 343-1 Std Simatic Cp 343-1 Std Firmware Simatic Cp 443-1 Adv Simatic Cp 443-1 Adv Firmware Simatic Cp 443-1 Opc-ua Simatic Cp 443-1 Opc-ua Firmware Simatic Cp 443-1 Std Simatic Cp 443-1 Std Firmware Simatic Dk-1604 Pn Io Simatic Dk-1604 Pn Io Firmware Simatic Dk-1616 Pn Io Simatic Dk-1616 Pn Io Firmware Simatic Et 200al Simatic Et 200al Firmware Simatic Et 200ecopn Simatic Et 200ecopn Firmware Simatic Et 200m Simatic Et 200m Firmware Simatic Et 200mp Simatic Et 200mp Firmware Simatic Et 200pro Simatic Et 200pro Firmware Simatic Et 200s Simatic Et 200s Firmware Simatic Et 200sp Simatic Et 200sp Firmware Simatic Hmi Comfort Panels Simatic Hmi Mobile Panels Simatic Hmi Multi Panels Simatic Rf650r Simatic Rf650r Firmware Simatic Rf680r Simatic Rf680r Firmware Simatic Rf685r Simatic Rf685r Firmware Simatic S7-1200 Simatic S7-1200 Firmware Simatic S7-1500 Simatic S7-1500 Firmware Simatic S7-1500 Software Controller Simatic S7-1500 Software Controller Firmware Simatic S7-200 Smart Simatic S7-200 Smart Firmware Simatic S7-300 Simatic S7-300 Firmware Simatic S7-400 Simatic S7-400 Firmware Simatic Tdc Cp51m1 Simatic Tdc Cp51m1 Firmware Simatic Tdc Cpu555 Simatic Tdc Cpu555 Firmware Simatic Teleservice Adapter Ie Advanced Firmware Simatic Teleservice Adapter Ie Advanced Modem Simatic Teleservice Adapter Ie Basic Simatic Teleservice Adapter Ie Basic Firmware Simatic Teleservice Adapter Ie Standard Simatic Teleservice Adapter Ie Standard Firmware Simatic Winac Rtx Simatic Winac Rtx Firmware Simocode Pro V Profinet Simocode Pro V Profinet Firmware Simotion Simotion Firmware Sinamics S110 Pn Firmware Sinamics Dcm Sinamics Dcm Firmware Sinamics Dcp Sinamics Dcp Firmware Sinamics G110m Sinamics G110m Firmware Sinamics G120\(c\/p\/d\) W. Pn Sinamics G120\(c\/p\/d\) W. Pn Firmware Sinamics G130 Sinamics G130 Firmware Sinamics G150 Sinamics G150 Firmware Sinamics Gh150 Sinamics Gh150 Firmware Sinamics Gl150 Sinamics Gl150 Firmware Sinamics Gm150 Sinamics Gm150 Firmware Sinamics S120 Sinamics S120 Firmware Sinamics S150 Sinamics S150 Firmware Sinamics Sl150 Sinamics Sl150 Firmware Sinamics Sm120 Sinamics Sm120 Firmware Sinamics V90 Pn Sinamics V90 Pn Firmware Sinumerik 828d Sinumerik 828d Firmware Sinumerik 840d Sl Sinumerik 840d Sl Firmware Sirius Act 3su1 Sirius Act 3su1 Firmware Sirius Motor Starter M200d Profinet Sirius Motor Starter M200d Profinet Firmware Sirius Soft Starter 3rw44 Pn Sirius Soft Starter 3rw44 Pn Firmware Sitop Psu8600 Sitop Psu8600 Firmware Softnet Profinet Io Softnet Profinet Io Firmware Ups1600 Profinet Ups1600 Profinet Firmware

Configuration 1 [-]

AND

cpe:2.3:o:siemens:simatic_cp_343-1_std_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_343-1_std:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:siemens:simatic_cp_343-1_adv_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_343-1_adv:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:siemens:simatic_cp_443-1_std_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_443-1_std:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:siemens:simatic_cp_443-1_adv_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_443-1_adv:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:siemens:simatic_cp_443-1_opc-ua_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_443-1_opc-ua:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:siemens:simatic_cm_1542-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cm_1542-1:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:siemens:simatic_rf650r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf650r:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:siemens:simatic_rf680r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf680r:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:siemens:simatic_rf685r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf685r:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1616_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1604_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:siemens:simatic_dk-1616_pn_io_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_dk-1616_pn_io:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:siemens:scalance_x200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:siemens:scalance_x200_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:siemens:scalance_x300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:siemens:scalance_x408_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:siemens:scalance_x414_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

OR	cpe:2.3:o:siemens:softnet_profinet_io_firmware::::::::
	cpe:2.3:o:siemens:softnet_profinet_io_firmware:14:-::::::

cpe:2.3:h:siemens:softnet_profinet_io:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:siemens:ie\/pb-link_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ie\/pb-link:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:siemens:ie\/as-i_link_pn_io_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ie\/as-i_link_pn_io:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_standard_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_standard:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced_modem:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:siemens:sitop_psu8600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:siemens:ups1600_profinet_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ups1600_profinet:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:siemens:simatic_et_200al_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200al:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:siemens:simatic_et_200ecopn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200ecopn:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:siemens:simatic_et_200m_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200m:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:siemens:simatic_et_200mp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200mp:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:siemens:simatic_et_200pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200pro:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:siemens:simatic_et_200s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200s:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:siemens:simatic_et_200sp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200sp:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:siemens:pn\/pn_coupler_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:pn\/pn_coupler:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

OR	cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware::::::::
	cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:4.1.1:-::::::

cpe:2.3:h:siemens:dk_standard_ethernet_controller:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

OR	cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware::::::::
	cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware:4.4.0:-::::::

cpe:2.3:h:siemens:ek-ertec_200p_pn_io:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

OR	cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware::::::::
	cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware:4.2.1:-::::::

cpe:2.3:h:siemens:ek-ertec_200_pn_io:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:siemens:simatic_s7-200_smart_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-200_smart:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1500_software_controller_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500_software_controller:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND

OR	cpe:2.3:o:siemens:simatic_winac_rtx_firmware::::::::
	cpe:2.3:o:siemens:simatic_winac_rtx_firmware:2010:-::::::

cpe:2.3:h:siemens:simatic_winac_rtx:-:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:siemens:sirius_act_3su1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sirius_act_3su1:-:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:siemens:sirius_soft_starter_3rw44_pn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sirius_soft_starter_3rw44_pn:-:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:siemens:sirius_motor_starter_m200d_profinet_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sirius_motor_starter_m200d_profinet:-:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:siemens:simocode_pro_v_profinet_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simocode_pro_v_profinet:-:*:*:*:*:*:*:*

Configuration 59 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_dcm_firmware::::::::
	cpe:2.3:o:siemens:sinamics_dcm_firmware:1.4:-::::::
	cpe:2.3:o:siemens:sinamics_dcm_firmware:1.4:sp1::::::

cpe:2.3:h:siemens:sinamics_dcm:-:*:*:*:*:*:*:*

Configuration 60 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_dcp_firmware::::::::
	cpe:2.3:o:siemens:sinamics_dcp_firmware:1.2:-::::::

cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:*

Configuration 61 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_g110m_firmware::::::::
	cpe:2.3:o:siemens:sinamics_g110m_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_g110m:-:*:*:*:*:*:*:*

Configuration 62 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_g120\(c\/p\/d\)_w._pn_firmware::::::::
	cpe:2.3:o:siemens:sinamics_g120\(c\/p\/d\)_w._pn_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_g120\(c\/p\/d\)_w._pn:-:*:*:*:*:*:*:*

Configuration 63 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_g130_firmware::::::::
	cpe:2.3:o:siemens:sinamics_g130_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*

Configuration 64 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_g150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_g150_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*

Configuration 65 [-]

AND

OR	cpe:2.3:o:siemens:sinamics__s110_pn_firmware::::::::
	cpe:2.3:o:siemens:sinamics__s110_pn_firmware:4.4:-::::::

cpe:2.3:h:siemens:_s110_pn:-:*:*:*:*:*:*:*

Configuration 66 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_s120_firmware::::::::
	cpe:2.3:o:siemens:sinamics_s120_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*

Configuration 67 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_s150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_s150_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*

Configuration 68 [-]

AND

cpe:2.3:o:siemens:sinamics_v90_pn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_v90_pn:-:*:*:*:*:*:*:*

Configuration 69 [-]

AND

OR	cpe:2.3:o:siemens:simotion_firmware::::::::
	cpe:2.3:o:siemens:simotion_firmware:4.5:-::::::

cpe:2.3:h:siemens:simotion:-:*:*:*:*:*:*:*

Configuration 70 [-]

AND

OR	cpe:2.3:o:siemens:sinumerik_828d_firmware::::::::
	cpe:2.3:o:siemens:sinumerik_828d_firmware:4.5:-::::::

cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*

Configuration 71 [-]

AND

OR	cpe:2.3:o:siemens:sinumerik_840d_sl_firmware::::::::
	cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:4.5:-::::::

cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*

Configuration 72 [-]

AND

cpe:2.3:o:siemens:simatic_hmi_comfort_panels:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*

Configuration 73 [-]

AND

cpe:2.3:o:siemens:simatic_hmi_multi_panels:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_hmi_multi_panels:-:*:*:*:*:*:*:*

Configuration 74 [-]

AND

cpe:2.3:o:siemens:simatic_hmi_mobile_panels:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_hmi_mobile_panels:-:*:*:*:*:*:*:*

Configuration 75 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1243-1_irc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1243-1_irc:-:*:*:*:*:*:*:*

Configuration 76 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1243-1_iec_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1243-1_iec:-:*:*:*:*:*:*:*

Configuration 77 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1243-1_dnp3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:-:*:*:*:*:*:*:*

Configuration 78 [-]

AND

cpe:2.3:o:siemens:simatic_dk-1604_pn_io_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_dk-1604_pn_io:-:*:*:*:*:*:*:*

Configuration 79 [-]

AND

cpe:2.3:o:siemens:simatic_tdc_cpu555_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_tdc_cpu555:-:*:*:*:*:*:*:*

Configuration 80 [-]

AND

cpe:2.3:o:siemens:simatic_tdc_cp51m1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_tdc_cp51m1:-:*:*:*:*:*:*:*

Configuration 81 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_gh150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_gh150_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*

Configuration 82 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_gl150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_gl150_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*

Configuration 83 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_gm150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_gm150_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*

Configuration 84 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_sl150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_sl150_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*

Configuration 85 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_sm120_firmware::::::::
	cpe:2.3:o:siemens:sinamics_sm120_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*

Configuration 86 [-]

AND

cpe:2.3:o:siemens:extension_unit_12_profinet_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:extension_unit_12_profinet:-:*:*:*:*:*:*:*

Configuration 87 [-]

AND

cpe:2.3:o:siemens:extension_unit_15_profinet_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:extension_unit_15_profinet:-:*:*:*:*:*:*:*

Configuration 88 [-]

AND

cpe:2.3:o:siemens:extension_unit_19_profinet_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:extension_unit_19_profinet:-:*:*:*:*:*:*:*

Configuration 89 [-]

AND

cpe:2.3:o:siemens:extension_unit_22_profinet_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:extension_unit_22_profinet:-:*:*:*:*:*:*:*

Configuration 90 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1242-7_gprs:-:*:*:*:*:*:*:*

Configuration 91 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1243-7_lte\/us_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1243-7_lte\/us:-:*:*:*:*:*:*:*

Configuration 92 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1243-8_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1243-8:-:*:*:*:*:*:*:*

Configuration 93 [-]

AND

cpe:2.3:o:siemens:simatic_cp_1626_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1626:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2017-11823	Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://www.securityfocus.com/bid/98369
http://www.securitytracker.com/id/1038463
https://cert-portal.siemens.com/productcert/html/ssa-284673.html
https://cert-portal.siemens.com/productcert/html/ssa-293562.html
https://cert-portal.siemens.com/productcert/html/ssa-546832.html
https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf

History

Tue, 10 Sep 2024 09:45:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C'}`	cvssV4_0 `{'score': 7.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}` cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2017-05-11T01:00:00

Updated: 2024-09-10T09:33:18.492Z

Reserved: 2016-12-01T00:00:00

Link: CVE-2017-2680

Vulnrichment

Updated: 2024-08-05T14:02:07.270Z

NVD

Status : Deferred

Published: 2017-05-11T01:29:05.400

Modified: 2025-04-20T01:37:25.860

Link: CVE-2017-2680

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object