ID

VAR-201611-0396


TITLE

Siemens host computer Profinet Discovery Service denial of service vulnerability

Trust: 0.8

sources: IVD: ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1a // CNVD: CNVD-2016-11465

DESCRIPTION

Siemens Totally Integrated Automation Software TIA portal, Chinese name Botu, is a brand new Totally Integrated Automation software released by Siemens Industrial Automation Group, which is widely used in important industrial control sites such as tobacco, petrochemical and water affairs. There is a denial of service vulnerability in the Profinet Discovery service of Siemens host computer. Because the Profinet Discovery service in the TIA portal software of the door windows computer communicates with the ProfinetIO layer 2 network package of a specific structure, the service process will crash, and it needs to be manually restarted to recover. An attacker could exploit the vulnerability to launch a denial of service attack

Trust: 0.72

sources: CNVD: CNVD-2016-11465 // IVD: ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1a

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1a // CNVD: CNVD-2016-11465

AFFECTED PRODUCTS

vendor:siemensmodel:tia portalscope:eqversion:13

Trust: 0.8

sources: IVD: ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1a // CNVD: CNVD-2016-11465

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2016-11465
value: HIGH

Trust: 0.6

IVD: ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1a
value: HIGH

Trust: 0.2

CNVD: CNVD-2016-11465
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1a
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1a // CNVD: CNVD-2016-11465

TYPE

Denial of service

Trust: 0.2

sources: IVD: ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1a

PATCH

title:To be determinedurl:https://www.cnvd.org.cn/patchinfo/show/84251

Trust: 0.6

sources: CNVD: CNVD-2016-11465

EXTERNAL IDS

db:CNVDid:CNVD-2016-11465

Trust: 0.8

db:IVDid:EE5E7F24-6C19-4D8D-B810-F1F86A7C4B1A

Trust: 0.2

sources: IVD: ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1a // CNVD: CNVD-2016-11465

SOURCES

db:IVDid:ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1a
db:CNVDid:CNVD-2016-11465

LAST UPDATE DATE

2022-05-17T01:45:17.994000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2016-11465date:2017-04-05T00:00:00

SOURCES RELEASE DATE

db:IVDid:ee5e7f24-6c19-4d8d-b810-f1f86a7c4b1adate:2016-11-24T00:00:00
db:CNVDid:CNVD-2016-11465date:2017-02-17T00:00:00