ID

VAR-201705-3221


CVE

CVE-2017-2681


TITLE

Siemens SIMATIC HMI Denial of service vulnerability

Trust: 0.8

sources: IVD: 33467505-7492-4ae1-b978-12f61201709a // CNVD: CNVD-2017-06153

DESCRIPTION

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. SIMATIC HMI is an industrial device from Siemens AG, Germany. The SIMATIC HMI panels are used for operator control and monitoring of machines and equipment. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions < V3.2.17), SIMATIC CP 443-1 Adv (All versions < V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions < V2.1.82), SIMATIC CP 1243-1 IRC (All versions < V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions < V2.0), SIMATIC CM 1542SP-1 (All versions < V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions < V1.0.15), SIMATIC CP 1543SP-1 (All versions < V1.0.15), SIMATIC CP 1543-1 (All versions < V2.1), SIMATIC RF650R (All versions < V3.0), SIMATIC RF680R (All versions < V3.0), SIMATIC RF685R (All versions < V3.0), SIMATIC CP 1616 (All versions < V2.7), SIMATIC CP 1604 (All versions < V2.7), SIMATIC DK-16xx PN IO (All versions < V2.7), SCALANCE X-200 (All versions < V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions < V4.1.0), SCALANCE X414 (All versions < V3.10.2), SCALANCE XM400 (All versions < V6.1), SCALANCE XR500 (All versions < V6.1), SCALANCE W700 (All versions < V6.1), SCALANCE M-800, S615 (All versions < V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions < V14 SP1), IE/PB-Link (All versions < V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions < V1.2.0), SITOP UPS1600 PROFINET (All versions < V2.2.0), SIMATIC ET 200AL (All versions < V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions < V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions < V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions < V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions < V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions < V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions < V2.3), SIMATIC S7-300 incl. F and T (All versions < V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions < V6.0.6), SIMATIC S7-400-H V6 (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions < V7.0.2), SIMATIC S7-410 (All versions < V8.2), SIMATIC S7-1200 incl. F (All versions < V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions < V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions < V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions < V2.0.0), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions < V1.2 HF 1), SINAMICS G110M w. PN (All versions < V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions < V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions < V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF27), and others. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Siemens SIMATIC S7-300 F, etc. Siemens SIMATIC S7-300 F is a process controller. SIMATIC HMI Comfort Panels are touch screens

Trust: 2.7

sources: NVD: CVE-2017-2681 // JVNDB: JVNDB-2017-004135 // CNVD: CNVD-2017-06153 // BID: 98369 // IVD: 33467505-7492-4ae1-b978-12f61201709a // VULHUB: VHN-110884

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 33467505-7492-4ae1-b978-12f61201709a // CNVD: CNVD-2017-06153

AFFECTED PRODUCTS

vendor:siemensmodel:sinumerik 840d slscope:eqversion:4.7

Trust: 1.6

vendor:siemensmodel:sinumerik 840d slscope:eqversion:4.5

Trust: 1.6

vendor:siemensmodel:sinumerik 828dscope:eqversion:4.7

Trust: 1.6

vendor:siemensmodel:sinumerik 828dscope:eqversion:4.5

Trust: 1.6

vendor:siemensmodel:simatic hmi comfort panelsscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic hmi mobile panelsscope: - version: -

Trust: 1.4

vendor:siemensmodel:sinamics dcpscope:eqversion:1.2

Trust: 1.0

vendor:siemensmodel:simatic cp 343-1 leanscope:ltversion:3.1.3

Trust: 1.0

vendor:siemensmodel:sinamics g150scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics g130scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:scalance s615scope:ltversion:4.03

Trust: 1.0

vendor:siemensmodel:simatic rf685rscope:ltversion:3.0

Trust: 1.0

vendor:siemensmodel:simotionscope:eqversion:4.5

Trust: 1.0

vendor:siemensmodel:simatic et 200mpscope:ltversion:4.0.1

Trust: 1.0

vendor:siemensmodel:simatic cp 1543sp-1scope:ltversion:1.0.15

Trust: 1.0

vendor:siemensmodel:sitop psu8600scope:ltversion:1.2.0

Trust: 1.0

vendor:siemensmodel:softnet profinet ioscope:eqversion:14

Trust: 1.0

vendor:siemensmodel:simatic et 200mscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic hmi comfort panelsscope:ltversion:15.1

Trust: 1.0

vendor:siemensmodel:ek-ertec 200 pn ioscope:ltversion:4.2.1

Trust: 1.0

vendor:siemensmodel:simatic cm 1542sp-1scope:ltversion:1.0.15

Trust: 1.0

vendor:siemensmodel:sinamics g120\ pnscope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic cp 1616scope:ltversion:2.7

Trust: 1.0

vendor:siemensmodel:simatic cp 443-1 stdscope:ltversion:3.2.17

Trust: 1.0

vendor:siemensmodel:ie\/as-i link pn ioscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics dcmscope:eqversion:1.4

Trust: 1.0

vendor:siemensmodel:simatic s7-300scope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:simatic s7-200 smartscope:ltversion:2.3

Trust: 1.0

vendor:siemensmodel:ups1600 profinetscope:ltversion:2.2.0

Trust: 1.0

vendor:siemensmodel:sinamics dcpscope:ltversion:1.2

Trust: 1.0

vendor:siemensmodel:pn\/pn couplerscope:ltversion:4.0

Trust: 1.0

vendor:siemensmodel:simatic winac rtxscope:ltversion:2010

Trust: 1.0

vendor:siemensmodel:simatic cp 1543sp-1scope:ltversion:2.1

Trust: 1.0

vendor:siemensmodel:sinumerik 840d slscope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic cp 443-1 advscope:ltversion:3.2.17

Trust: 1.0

vendor:siemensmodel:dk standard ethernet controllerscope:ltversion:4.1.1

Trust: 1.0

vendor:siemensmodel:simatic cp 343-1 stdscope:ltversion:3.1.3

Trust: 1.0

vendor:siemensmodel:scalance x408scope:ltversion:4.1.0

Trust: 1.0

vendor:siemensmodel:sinamics g150scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:ek-ertec 200p pn ioscope:eqversion:4.4.0

Trust: 1.0

vendor:siemensmodel:simatic cp 1243-1 iecscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic cp 343-1 advscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:softnet profinet ioscope:ltversion:14

Trust: 1.0

vendor:siemensmodel:sinumerik 840d slscope:ltversion:4.5

Trust: 1.0

vendor:siemensmodel:simatic hmi multi panelsscope:ltversion:15.1

Trust: 1.0

vendor:siemensmodel:simatic cm 1542-1scope:ltversion:2.0

Trust: 1.0

vendor:siemensmodel:sinamics s120scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic teleservice adapter ie basic modemscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics v90 pnscope:ltversion:1.01

Trust: 1.0

vendor:siemensmodel:simatic cp 443-1 opc-uascope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xm400scope:ltversion:6.1

Trust: 1.0

vendor:siemensmodel:simatic winac rtxscope:eqversion:2010

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 software controllerscope:ltversion:2.1

Trust: 1.0

vendor:siemensmodel:simatic teleservice adapter standard modemscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic teleservice adapter ie advanced modemscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic hmi mobile panelsscope:ltversion:15.1

Trust: 1.0

vendor:siemensmodel:sinamics g110mscope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic et 200proscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1200scope:ltversion:4.2.1

Trust: 1.0

vendor:siemensmodel:simatic tdc cpu555scope:ltversion:1.1.1

Trust: 1.0

vendor:siemensmodel:scalance xr500scope:ltversion:6.1

Trust: 1.0

vendor:siemensmodel:simatic cp 1604scope:ltversion:2.7

Trust: 1.0

vendor:siemensmodel:sinamics s110 pnscope:ltversion:4.4

Trust: 1.0

vendor:siemensmodel:dk standard ethernet controllerscope:eqversion:4.1.1

Trust: 1.0

vendor:siemensmodel:simatic cp 1243-1 ircscope:ltversion:2.1.82

Trust: 1.0

vendor:siemensmodel:simatic cp 1542sp-1 ircscope:ltversion:1.0.15

Trust: 1.0

vendor:siemensmodel:simatic s7-400scope:ltversion:6.0.6

Trust: 1.0

vendor:siemensmodel:sirius act 3su1scope:ltversion:1.1.0

Trust: 1.0

vendor:siemensmodel:sinamics s150scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:scalance x200scope:ltversion:5.2.2

Trust: 1.0

vendor:siemensmodel:sinamics dcmscope:ltversion:1.4

Trust: 1.0

vendor:siemensmodel:simatic et 200alscope:ltversion:1.0.2

Trust: 1.0

vendor:siemensmodel:simatic rf650rscope:ltversion:3.0

Trust: 1.0

vendor:siemensmodel:ek-ertec 200p pn ioscope:ltversion:4.4.0

Trust: 1.0

vendor:siemensmodel:simatic dk-16xx pn ioscope:ltversion:2.7

Trust: 1.0

vendor:siemensmodel:sinamics s120scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:sinumerik 828dscope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:scalance x300scope:ltversion:4.1.0

Trust: 1.0

vendor:siemensmodel:ie\/pb-linkscope:ltversion:3.0

Trust: 1.0

vendor:siemensmodel:sinamics s110 pnscope:eqversion:4.4

Trust: 1.0

vendor:siemensmodel:scalance m-800scope:ltversion:4.03

Trust: 1.0

vendor:siemensmodel:simatic et 200spscope:ltversion:4.2.0

Trust: 1.0

vendor:siemensmodel:sinumerik 828dscope:ltversion:4.5

Trust: 1.0

vendor:siemensmodel:scalance x200 irtscope:ltversion:5.4.0

Trust: 1.0

vendor:siemensmodel:sirius motor starter m200d profinetscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic et 200ecopnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics g130scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:scalance x414scope:ltversion:3.10.2

Trust: 1.0

vendor:siemensmodel:simatic tdc cp51m1scope:ltversion:1.1.8

Trust: 1.0

vendor:siemensmodel:sinamics g110mscope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic s7-1500scope:ltversion:2.1

Trust: 1.0

vendor:siemensmodel:ek-ertec 200 pn ioscope:eqversion:4.2.1

Trust: 1.0

vendor:siemensmodel:simatic rf680rscope:ltversion:3.0

Trust: 1.0

vendor:siemensmodel:simotionscope:ltversion:4.5

Trust: 1.0

vendor:siemensmodel:sirius soft starter 3rw44 pnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics s150scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic cp 1243-1scope:ltversion:2.1.82

Trust: 1.0

vendor:siemensmodel:simatic cp 1243-1 dnp3scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance w700scope:ltversion:6.1

Trust: 1.0

vendor:siemensmodel:simatic cp 1543-1scope:ltversion:1.0.15

Trust: 1.0

vendor:siemensmodel:simatic et 200sscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simocode pro v profinetscope:ltversion:2.0.0

Trust: 1.0

vendor:siemensmodel:dk standard ethernet controllerscope: - version: -

Trust: 0.8

vendor:siemensmodel:ek-ertec 200 pn ioscope: - version: -

Trust: 0.8

vendor:siemensmodel:ek-ertec 200p pn ioscope: - version: -

Trust: 0.8

vendor:siemensmodel:ie/as-i link pn ioscope: - version: -

Trust: 0.8

vendor:siemensmodel:ie/pb-linkscope: - version: -

Trust: 0.8

vendor:siemensmodel:pn/pn couplerscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance m-800scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance s615scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance w700scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x200 irtscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x200scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x300scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x408scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x414scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance xm400scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance xr500scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cm 1542-1scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 1243-1scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 1542sp-1 ircscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 1542sp-1scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 1543-1scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 1543sp-1scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 1604scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 1616scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 343-1 advscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 343-1 leanscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 343-1 stdscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 443-1 advscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 443-1 opc-uascope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic cp 443-1 stdscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic dk-16xx pn ioscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200alscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200ecopnscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200mscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200mpscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200proscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200sscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200spscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic hmi multi panelsscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic rf650rscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic rf680rscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic rf685rscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1200scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-200 smartscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-300scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-400scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic teleservice adapter ie advancedscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic teleservice adapter ie basicscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic teleservice adapter standard modemscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic winac rtx 2010scope: - version: -

Trust: 0.8

vendor:siemensmodel:simocode pro v profinetscope: - version: -

Trust: 0.8

vendor:siemensmodel:simotionscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics dcmscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics dcpscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics g110mscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics g120 w. pnscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics g130scope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics g150scope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics s110 w. pnscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics s120scope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics s150scope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics v90 w. pnscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinumerik 828dscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinumerik 840d slscope: - version: -

Trust: 0.8

vendor:siemensmodel:sirius act 3su1 interface module profinetscope: - version: -

Trust: 0.8

vendor:siemensmodel:sirius motor starter m200d profinetscope: - version: -

Trust: 0.8

vendor:siemensmodel:sirius soft starter 3rw44 pnscope: - version: -

Trust: 0.8

vendor:siemensmodel:sitop psu8600scope: - version: -

Trust: 0.8

vendor:siemensmodel:sitop ups1600 profinetscope: - version: -

Trust: 0.8

vendor:siemensmodel:softnet profinet ioscope:eqversion:for pc-based windows systems firmware

Trust: 0.8

vendor:siemensmodel:simatic hmi multi panelsscope:eqversion: -

Trust: 0.6

vendor:siemensmodel:sinamics g150scope:eqversion:4.8

Trust: 0.6

vendor:siemensmodel:simatic hmi mobile panelsscope:eqversion: -

Trust: 0.6

vendor:siemensmodel:sinamics s120scope:eqversion:4.8

Trust: 0.6

vendor:siemensmodel:simatic hmi comfort panelsscope:eqversion: -

Trust: 0.6

vendor:siemensmodel:sinamics s110 w. pnscope:eqversion: -

Trust: 0.6

vendor:sinumerik 828dmodel: - scope:eqversion:*

Trust: 0.4

vendor:sinumerik 840d slmodel: - scope:eqversion:*

Trust: 0.4

vendor:siemensmodel:ups1600 profinetscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:softnet profinet ioscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sitop psu8600scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sirius soft starter 3rw44 pnscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sirius act 3su1scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sinumerik 840dscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sinumerik 828dscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sinamics sm150scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics sm120scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics sl150scope:eqversion:4.7.5

Trust: 0.3

vendor:siemensmodel:sinamics sl150scope:eqversion:4.7.4

Trust: 0.3

vendor:siemensmodel:sinamics sl150scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics gm150scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics gl150scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics gh150scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamicsscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simotionscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic winac rtxscope:eqversion:20100

Trust: 0.3

vendor:siemensmodel:simatic teleservice adapter standard modemscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic s7-400scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic s7-300scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic s7-200 smartscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic rf685rscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic rf680rscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic rf650rscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic etscope:eqversion:2000

Trust: 0.3

vendor:siemensmodel:simatic cpscope:eqversion:443-10

Trust: 0.3

vendor:siemensmodel:simatic cpscope:eqversion:343-10

Trust: 0.3

vendor:siemensmodel:simatic cpscope:eqversion:16260

Trust: 0.3

vendor:siemensmodel:simatic cpscope:eqversion:16160

Trust: 0.3

vendor:siemensmodel:simatic cpscope:eqversion:16040

Trust: 0.3

vendor:siemensmodel:simatic cpscope:eqversion:1543-12.0.28

Trust: 0.3

vendor:siemensmodel:simatic cpscope:eqversion:1543-10

Trust: 0.3

vendor:siemensmodel:simatic cp 1542sp-1scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic cp ircscope:eqversion:1243-80

Trust: 0.3

vendor:siemensmodel:simatic cp lte eu/usscope:eqversion:1243-70

Trust: 0.3

vendor:siemensmodel:simatic cpscope:eqversion:1243-10

Trust: 0.3

vendor:siemensmodel:simatic cp gprsscope:eqversion:1242-7v20

Trust: 0.3

vendor:siemensmodel:scalance xr500scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalance xm400scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x4140

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x4084.0

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x4083.0

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x3000

Trust: 0.3

vendor:siemensmodel:scalance irtscope:eqversion:x2000

Trust: 0.3

vendor:siemensmodel:scalancescope:eqversion:x2000

Trust: 0.3

vendor:siemensmodel:scalance w700 seriesscope:eqversion:4.4

Trust: 0.3

vendor:siemensmodel:scalance w700 seriesscope:eqversion:4.5.4

Trust: 0.3

vendor:siemensmodel:scalance s615scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalance m-800scope:eqversion:4.02

Trust: 0.3

vendor:siemensmodel:scalance m-800scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:ie/as-i link pn ioscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:extension unit profinetscope:eqversion:22?0

Trust: 0.3

vendor:siemensmodel:extension unit profinetscope:eqversion:19?0

Trust: 0.3

vendor:siemensmodel:extension unit profinetscope:eqversion:15?0

Trust: 0.3

vendor:siemensmodel:extension unit profinetscope:eqversion:12?0

Trust: 0.3

vendor:siemensmodel:e/pb-linkscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sinumerik 840d slscope:neversion:4.7

Trust: 0.3

vendor:siemensmodel:sinumerik 828dscope:neversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics sm120 sp2scope:neversion:4.8

Trust: 0.3

vendor:siemensmodel:sinamics sl150 sp2scope:neversion:4.8

Trust: 0.3

vendor:siemensmodel:sinamics gm150 sp2scope:neversion:4.8

Trust: 0.3

vendor:siemensmodel:sinamics gl150 sp2scope:neversion:4.8

Trust: 0.3

vendor:siemensmodel:sinamics gh150 sp2scope:neversion:4.8

Trust: 0.3

vendor:siemensmodel:simatic rf685rscope:neversion:3.0

Trust: 0.3

vendor:siemensmodel:simatic rf680rscope:neversion:3.0

Trust: 0.3

vendor:siemensmodel:simatic cpscope:neversion:16162.7

Trust: 0.3

vendor:siemensmodel:simatic cp 1604dscope:neversion:2.7

Trust: 0.3

vendor:siemensmodel:simatic cp ircscope:neversion:1243-82.1.82

Trust: 0.3

vendor:siemensmodel:simatic cp lte eu/usscope:neversion:1243-72.1.82

Trust: 0.3

vendor:siemensmodel:simatic cp gprsscope:neversion:1242-7v22.1.82

Trust: 0.3

vendor:siemensmodel:simatic rf650rscope:neversion:3.0

Trust: 0.3

vendor:siemensmodel:simatic cpscope:neversion:443-13.2.17

Trust: 0.3

vendor:siemensmodel:simatic cpscope:neversion:15431.2.1

Trust: 0.3

vendor:siemensmodel:simatic cm1542scope:neversion:1.2

Trust: 0.3

vendor:siemensmodel:scalance w700scope:neversion:6.1

Trust: 0.3

vendor:siemensmodel:extension unit profinetscope:neversion:22?1.1.1

Trust: 0.3

vendor:siemensmodel:extension unit profinetscope:neversion:19?1.1.1

Trust: 0.3

vendor:siemensmodel:extension unit profinetscope:neversion:15?1.1.1

Trust: 0.3

vendor:siemensmodel:extension unit profinetscope:neversion:12?1.1.1

Trust: 0.3

vendor:simatic cp 343 1 stdmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 1542sp 1 ircmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 1543sp 1model: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 1543 1model: - scope:eqversion: -

Trust: 0.2

vendor:simatic rf650rmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic rf680rmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic rf685rmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 1616model: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 1604model: - scope:eqversion: -

Trust: 0.2

vendor:simatic dk 16xx pn iomodel: - scope:eqversion: -

Trust: 0.2

vendor:scalance x200model: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 343 1 leanmodel: - scope:eqversion: -

Trust: 0.2

vendor:scalance x200 irtmodel: - scope:eqversion: -

Trust: 0.2

vendor:scalance x300model: - scope:eqversion: -

Trust: 0.2

vendor:scalance x408model: - scope:eqversion: -

Trust: 0.2

vendor:scalance x414model: - scope:eqversion: -

Trust: 0.2

vendor:scalance xm400model: - scope:eqversion: -

Trust: 0.2

vendor:scalance xr500model: - scope:eqversion: -

Trust: 0.2

vendor:scalance w700model: - scope:eqversion: -

Trust: 0.2

vendor:scalance m 800model: - scope:eqversion: -

Trust: 0.2

vendor:scalance s615model: - scope:eqversion: -

Trust: 0.2

vendor:softnet profinet iomodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 343 1 advmodel: - scope:eqversion: -

Trust: 0.2

vendor:ie pb linkmodel: - scope:eqversion: -

Trust: 0.2

vendor:ie as i link pn iomodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic teleservice adapter standard modemmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic teleservice adapter ie basic modemmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic teleservice adapter ie advanced modemmodel: - scope:eqversion: -

Trust: 0.2

vendor:sitop psu8600model: - scope:eqversion: -

Trust: 0.2

vendor:ups1600 profinetmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200almodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200ecopnmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200mmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 443 1 stdmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200mpmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200promodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200smodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200spmodel: - scope:eqversion: -

Trust: 0.2

vendor:pn pn couplermodel: - scope:eqversion: -

Trust: 0.2

vendor:dk standard ethernet controllermodel: - scope:eqversion:*

Trust: 0.2

vendor:ek ertec 200p pn iomodel: - scope:eqversion:*

Trust: 0.2

vendor:ek ertec 200 pn iomodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 200 smartmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 300model: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 443 1 advmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 400model: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 1200model: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 1500model: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 1500 controllermodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic winac rtx 2010model: - scope:eqversion: -

Trust: 0.2

vendor:sirius act 3su1model: - scope:eqversion: -

Trust: 0.2

vendor:sirius soft starter 3rw44 pnmodel: - scope:eqversion: -

Trust: 0.2

vendor:sirius motor starter m200d profinetmodel: - scope:eqversion: -

Trust: 0.2

vendor:simocode pro v profinetmodel: - scope:eqversion: -

Trust: 0.2

vendor:sinamics dcmmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 443 1 opc uamodel: - scope:eqversion: -

Trust: 0.2

vendor:sinamics dcpmodel: - scope:eqversion: -

Trust: 0.2

vendor:sinamics g110mmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g120 c p d w pnmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g130model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics s110 w pnmodel: - scope:eqversion: -

Trust: 0.2

vendor:sinamics s120model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics s150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics v90 w pnmodel: - scope:eqversion: -

Trust: 0.2

vendor:simotionmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic cp 1243 1model: - scope:eqversion: -

Trust: 0.2

vendor:simatic hmi comfort panelsmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic hmi multi panelsmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic hmi mobile panelsmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic cm 1542 1model: - scope:eqversion: -

Trust: 0.2

vendor:simatic cp 1542sp 1model: - scope:eqversion: -

Trust: 0.2

sources: IVD: 33467505-7492-4ae1-b978-12f61201709a // CNVD: CNVD-2017-06153 // BID: 98369 // JVNDB: JVNDB-2017-004135 // CNNVD: CNNVD-201705-639 // NVD: CVE-2017-2681

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-2681
value: MEDIUM

Trust: 1.0

productcert@siemens.com: CVE-2017-2681
value: HIGH

Trust: 1.0

NVD: CVE-2017-2681
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2017-06153
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201705-639
value: MEDIUM

Trust: 0.6

IVD: 33467505-7492-4ae1-b978-12f61201709a
value: MEDIUM

Trust: 0.2

VULHUB: VHN-110884
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-2681
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-06153
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 33467505-7492-4ae1-b978-12f61201709a
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-110884
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-2681
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2017-2681
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 33467505-7492-4ae1-b978-12f61201709a // CNVD: CNVD-2017-06153 // VULHUB: VHN-110884 // JVNDB: JVNDB-2017-004135 // CNNVD: CNNVD-201705-639 // NVD: CVE-2017-2681 // NVD: CVE-2017-2681

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.0

problemtype:CWE-20

Trust: 0.9

sources: VULHUB: VHN-110884 // JVNDB: JVNDB-2017-004135 // NVD: CVE-2017-2681

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201705-639

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201705-639

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-004135

PATCH

title:SSA-293562url:https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf

Trust: 0.8

title:Patch for Siemens SIMATIC HMI Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/93365

Trust: 0.6

title:Multiple Siemens Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70109

Trust: 0.6

sources: CNVD: CNVD-2017-06153 // JVNDB: JVNDB-2017-004135 // CNNVD: CNNVD-201705-639

EXTERNAL IDS

db:NVDid:CVE-2017-2681

Trust: 3.6

db:SIEMENSid:SSA-293562

Trust: 2.6

db:BIDid:98369

Trust: 2.0

db:SECTRACKid:1038463

Trust: 1.7

db:ICS CERTid:ICSA-17-129-02

Trust: 1.7

db:CNVDid:CNVD-2017-06153

Trust: 0.8

db:CNNVDid:CNNVD-201705-639

Trust: 0.8

db:JVNDBid:JVNDB-2017-004135

Trust: 0.8

db:ICS CERTid:ICSA-18-023-02

Trust: 0.3

db:SIEMENSid:SSA-284673

Trust: 0.3

db:IVDid:33467505-7492-4AE1-B978-12F61201709A

Trust: 0.2

db:VULHUBid:VHN-110884

Trust: 0.1

sources: IVD: 33467505-7492-4ae1-b978-12f61201709a // CNVD: CNVD-2017-06153 // VULHUB: VHN-110884 // BID: 98369 // JVNDB: JVNDB-2017-004135 // CNNVD: CNNVD-201705-639 // NVD: CVE-2017-2681

REFERENCES

url:https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf

Trust: 2.6

url:http://www.securityfocus.com/bid/98369

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf

Trust: 1.7

url:http://www.securitytracker.com/id/1038463

Trust: 1.7

url:https://ics-cert.us-cert.gov/advisories/icsa-17-129-02

Trust: 1.1

url:https://cert-portal.siemens.com/productcert/html/ssa-293562.html

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2681

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-2681

Trust: 0.8

url:https://us-cert.cisa.gov/ics/advisories/icsa-17-129-02

Trust: 0.6

url:http://subscriber.communications.siemens.com/

Trust: 0.3

url:https://ics-cert.us-cert.gov/advisories/icsa-18-023-02

Trust: 0.3

url:https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf

Trust: 0.3

sources: CNVD: CNVD-2017-06153 // VULHUB: VHN-110884 // BID: 98369 // JVNDB: JVNDB-2017-004135 // CNNVD: CNNVD-201705-639 // NVD: CVE-2017-2681

CREDITS

Duan JinTong, Ma ShaoShuai, and Cheng Lei from NSFOCUS Security Team.

Trust: 0.3

sources: BID: 98369

SOURCES

db:IVDid:33467505-7492-4ae1-b978-12f61201709a
db:CNVDid:CNVD-2017-06153
db:VULHUBid:VHN-110884
db:BIDid:98369
db:JVNDBid:JVNDB-2017-004135
db:CNNVDid:CNNVD-201705-639
db:NVDid:CVE-2017-2681

LAST UPDATE DATE

2024-09-10T22:44:00.340000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2017-06153date:2017-05-09T00:00:00
db:VULHUBid:VHN-110884date:2020-09-29T00:00:00
db:BIDid:98369date:2018-05-09T14:00:00
db:JVNDBid:JVNDB-2017-004135date:2017-09-11T00:00:00
db:CNNVDid:CNNVD-201705-639date:2022-03-10T00:00:00
db:NVDid:CVE-2017-2681date:2024-09-10T10:15:03.063

SOURCES RELEASE DATE

db:IVDid:33467505-7492-4ae1-b978-12f61201709adate:2017-05-09T00:00:00
db:CNVDid:CNVD-2017-06153date:2017-05-09T00:00:00
db:VULHUBid:VHN-110884date:2017-05-11T00:00:00
db:BIDid:98369date:2017-05-08T00:00:00
db:JVNDBid:JVNDB-2017-004135date:2017-06-16T00:00:00
db:CNNVDid:CNNVD-201705-639date:2017-05-12T00:00:00
db:NVDid:CVE-2017-2681date:2017-05-11T10:29:00.180