Details of VAR-201207-0138

ID

VAR-201207-0138

CVE

CVE-2012-3017

TITLE

Siemens SIMATIC S7-400 PN CPU Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-003430

DESCRIPTION

Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote attackers to cause a denial of service (defect-mode transition and service outage) via (1) malformed HTTP traffic or (2) malformed IP packets. Siemens SIMATIC is an automation software in a single engineering environment. There is a security hole in SIEMENS SIMATIC S7-400. Since the Ethernet port on the SIMATIC S7-400 V5 receives a malformed IP or HTTP message, the device enters the Defect mode. The SIMATIC S7-400 V5 CPU defect mode locks the unit, so process control processing cannot be performed and the attacker can use it. This vulnerability is a denial of service attack. SIEMENS SIMATIC S7-400 is prone to multiple denial-of-service vulnerabilities. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. Vulnerabilities exist in Siemens SIMATIC S7-400 PN CPU firmware device version 5.x

Trust: 2.7

sources: NVD: CVE-2012-3017 // JVNDB: JVNDB-2012-003430 // CNVD: CNVD-2012-4032 // BID: 54730 // IVD: 91becd06-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-56298

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 91becd06-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-4032

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic s7-400 cpu	scope:	eq	version:	5.0	Trust: 1.6
vendor:	siemens	model:	simatic s7-400 cpu 416-3 pn\/dp	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-400 cpu 416f-3 pn\/dp	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-400 cpu 414-3 pn\/dp	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-400 cpu 414-3 pn/dp	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic s7-400 cpu 416-3 pn/dp	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic s7-400 cpu 416f-3 pn/dp	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic s7-400 cpu	scope:	eq	version:	5.x	Trust: 0.8
vendor:	siemens	model:	simatic s7-400	scope:	eq	version:	v66.0.2	Trust: 0.6
vendor:	siemens	model:	simatic s7-400	scope:	eq	version:	v66.0.1	Trust: 0.6
vendor:	siemens	model:	simatic s7-400	scope:	eq	version:	v56.0.2	Trust: 0.6
vendor:	siemens	model:	simatic s7-400	scope:	eq	version:	v56.0.1	Trust: 0.6
vendor:	simatic s7 400 cpu	model:	-	scope:	eq	version:	5.0	Trust: 0.2
vendor:	simatic s7 400 cpu 414 3 pn dp	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic s7 400 cpu 416 3 pn dp	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic s7 400 cpu 416f 3 pn dp	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 91becd06-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-4032 // JVNDB: JVNDB-2012-003430 // CNNVD: CNNVD-201207-597 // NVD: CVE-2012-3017

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3017
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-3017
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201207-597
value:	HIGH
Trust: 0.6
IVD:	91becd06-2353-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
VULHUB:	VHN-56298
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-3017
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
IVD:	91becd06-2353-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-56298
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 91becd06-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-56298 // JVNDB: JVNDB-2012-003430 // CNNVD: CNNVD-201207-597 // NVD: CVE-2012-3017

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-56298 // JVNDB: JVNDB-2012-003430 // NVD: CVE-2012-3017

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201207-597

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201207-597

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-003430

PATCH

title:	Top Page	url:	http://www.siemens.com/	Trust: 0.8
title:	SSA-617264: Multiple security vulnerabilities in SIMATIC S7-400 V5 PN CPUs	url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-617264.pdf	Trust: 0.8
title:	シーメンスソリューションパートナー	url:	http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx	Trust: 0.8
title:	シーメンス・ジャパン株式会社	url:	http://www.siemens.com/entry/jp/ja/	Trust: 0.8
title:	Patch for SIEMENS SIMATIC S7-400 Denial of Service Vulnerability (CNVD-2012-4032)	url:	https://www.cnvd.org.cn/patchInfo/show/19397	Trust: 0.6
title:	SIEMENS SIMATIC S7-400 Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113682	Trust: 0.6

sources: CNVD: CNVD-2012-4032 // JVNDB: JVNDB-2012-003430 // CNNVD: CNNVD-201207-597

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3017	Trust: 3.6
db:	ICS CERT	id:	ICSA-12-212-02	Trust: 3.1
db:	SIEMENS	id:	SSA-617264	Trust: 1.7
db:	CNNVD	id:	CNNVD-201207-597	Trust: 0.9
db:	CNVD	id:	CNVD-2012-4032	Trust: 0.8
db:	JVNDB	id:	JVNDB-2012-003430	Trust: 0.8
db:	BID	id:	54730	Trust: 0.3
db:	IVD	id:	91BECD06-2353-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-56298	Trust: 0.1

sources: IVD: 91becd06-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-4032 // VULHUB: VHN-56298 // BID: 54730 // JVNDB: JVNDB-2012-003430 // CNNVD: CNNVD-201207-597 // NVD: CVE-2012-3017

REFERENCES

url:	http://www.us-cert.gov/control_systems/pdf/icsa-12-212-02.pdf	Trust: 3.1
url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-617264.pdf	Trust: 1.7
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-617264.pdf	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3017	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3017	Trust: 0.8
url:	http://subscriber.communications.siemens.com/	Trust: 0.3

sources: CNVD: CNVD-2012-4032 // VULHUB: VHN-56298 // BID: 54730 // JVNDB: JVNDB-2012-003430 // CNNVD: CNNVD-201207-597 // NVD: CVE-2012-3017

CREDITS

Reported by the vendor

Trust: 0.3

sources: BID: 54730

SOURCES

db:	IVD	id:	91becd06-2353-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2012-4032
db:	VULHUB	id:	VHN-56298
db:	BID	id:	54730
db:	JVNDB	id:	JVNDB-2012-003430
db:	CNNVD	id:	CNNVD-201207-597
db:	NVD	id:	CVE-2012-3017

LAST UPDATE DATE

2024-11-23T22:49:42.272000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-4032	date:	2012-08-01T00:00:00
db:	VULHUB	id:	VHN-56298	date:	2020-04-13T00:00:00
db:	BID	id:	54730	date:	2012-07-30T00:00:00
db:	JVNDB	id:	JVNDB-2012-003430	date:	2012-08-01T00:00:00
db:	CNNVD	id:	CNNVD-201207-597	date:	2020-04-14T00:00:00
db:	NVD	id:	CVE-2012-3017	date:	2024-11-21T01:40:07.843

SOURCES RELEASE DATE

db:	IVD	id:	91becd06-2353-11e6-abef-000c29c66e3d	date:	2012-08-01T00:00:00
db:	CNVD	id:	CNVD-2012-4032	date:	2012-08-01T00:00:00
db:	VULHUB	id:	VHN-56298	date:	2012-07-31T00:00:00
db:	BID	id:	54730	date:	2012-07-30T00:00:00
db:	JVNDB	id:	JVNDB-2012-003430	date:	2012-08-01T00:00:00
db:	CNNVD	id:	CNNVD-201207-597	date:	2012-07-30T00:00:00
db:	NVD	id:	CVE-2012-3017	date:	2012-07-31T10:45:42.403