ID

VAR-201712-0701


CVE

CVE-2017-12736


TITLE

plural Siemens Vulnerabilities related to authorization, authority, and access control in products

Trust: 0.8

sources: JVNDB: JVNDB-2017-011797

DESCRIPTION

A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0.1), RUGGEDCOM ROS for all other devices (All versions < ROS V4.3.4), SCALANCE XB-200/XC-200/XP-200/XR300-WG (All versions between V3.0 (including) and V3.0.2 (excluding)), SCALANCE XR-500/XM-400 (All versions between V6.1 (including) and V6.1.1 (excluding)). After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to writeto the device under certain conditions, potentially allowing users located in the adjacentnetwork of the targeted device to perform unauthorized administrative actions. plural Siemens The product contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens RuggedCom ROS is a ROX-based device for connecting devices in harsh environments, such as substations, traffic management chassis, etc. The SCALANCE XB-200 is an industrial Ethernet switch. Siemens Ruggedcom ROS and SCALANCE are not authorized to exploit the vulnerability. Multiple Siemens Products are prone to a remote security bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. RUGGEDCOM ROS prior to 4.3.4 for all other devices. SCALANCE XB-200/XC-200/XP-200/XR300-WG 3.0 and later. SCALANCE XR-500/XM-400 6.1 and later

Trust: 2.61

sources: NVD: CVE-2017-12736 // JVNDB: JVNDB-2017-011797 // CNVD: CNVD-2017-28656 // BID: 101041 // IVD: 8e5e8cb8-d4ee-4ad5-9084-3bf21bbbdb6b

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 8e5e8cb8-d4ee-4ad5-9084-3bf21bbbdb6b // CNVD: CNVD-2017-28656

AFFECTED PRODUCTS

vendor:siemensmodel:ruggedcom rosscope:ltversion:4.3.4

Trust: 1.6

vendor:siemensmodel:scalance xc-200scope:gteversion:3.0

Trust: 1.0

vendor:siemensmodel:scalance xr-500scope:gteversion:6.1

Trust: 1.0

vendor:siemensmodel:ruggedcom rosscope:ltversion:5.0.1

Trust: 1.0

vendor:siemensmodel:scalance xp-200scope:gteversion:3.0

Trust: 1.0

vendor:siemensmodel:scalance xr300-wgscope:gteversion:3.0

Trust: 1.0

vendor:siemensmodel:scalance xm-400scope:gteversion:6.1

Trust: 1.0

vendor:siemensmodel:scalance xb-200scope:gteversion:3.0

Trust: 1.0

vendor:siemensmodel:ruggedcom rosscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance xb-200scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance xc-200scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance xm400scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance xp-200scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance xr-300-wgscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance xr500scope: - version: -

Trust: 0.8

vendor:siemensmodel:ruggedcom ros for rsl910scope:ltversion:5.0.1

Trust: 0.6

vendor:siemensmodel:scalance xb-200scope:gtversion:3.0

Trust: 0.6

vendor:siemensmodel:scalance xc-200scope:gtversion:3.0

Trust: 0.6

vendor:siemensmodel:scalance xp-200scope:gtversion:3.0

Trust: 0.6

vendor:siemensmodel:scalance xr300-wgscope:gtversion:3.0

Trust: 0.6

vendor:siemensmodel:scalance xr-500scope:gtversion:6.1

Trust: 0.6

vendor:siemensmodel:scalance xm-400scope:gtversion:6.1

Trust: 0.6

vendor:ruggedcom rosmodel: - scope:eqversion:*

Trust: 0.4

vendor:siemensmodel:scalance xr300-wgscope:eqversion:3.0

Trust: 0.3

vendor:siemensmodel:scalance xr-500scope:eqversion:6.1

Trust: 0.3

vendor:siemensmodel:scalance xp-200scope:eqversion:3.0

Trust: 0.3

vendor:siemensmodel:scalance xm-400scope:eqversion:6.1

Trust: 0.3

vendor:siemensmodel:scalance xc-200scope:eqversion:3.0

Trust: 0.3

vendor:siemensmodel:scalance xb-200scope:eqversion:3.0

Trust: 0.3

vendor:siemensmodel:ruggedcom rosscope:eqversion:4.2.1

Trust: 0.3

vendor:siemensmodel:ruggedcom rosscope:eqversion:5.0.0

Trust: 0.3

vendor:siemensmodel:ruggedcom rosscope:eqversion:4.3.3

Trust: 0.3

vendor:siemensmodel:ruggedcom rosscope:eqversion:4.2.0

Trust: 0.3

vendor:siemensmodel:ruggedcom rosscope:eqversion:4.1.0

Trust: 0.3

vendor:siemensmodel:rsl910scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:ruggedcom rosscope:neversion:5.0.1

Trust: 0.3

vendor:siemensmodel:ruggedcom rosscope:neversion:4.3.4

Trust: 0.3

vendor:scalance xb 200model: - scope:eqversion:*

Trust: 0.2

vendor:scalance xc 200model: - scope:eqversion:*

Trust: 0.2

vendor:scalance xp 200model: - scope:eqversion:*

Trust: 0.2

vendor:scalance xr300 wgmodel: - scope:eqversion:*

Trust: 0.2

vendor:scalance xr 500model: - scope:eqversion:*

Trust: 0.2

vendor:scalance xm 400model: - scope:eqversion:*

Trust: 0.2

sources: IVD: 8e5e8cb8-d4ee-4ad5-9084-3bf21bbbdb6b // CNVD: CNVD-2017-28656 // BID: 101041 // JVNDB: JVNDB-2017-011797 // NVD: CVE-2017-12736

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12736
value: HIGH

Trust: 1.0

NVD: CVE-2017-12736
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-28656
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201709-1396
value: HIGH

Trust: 0.6

IVD: 8e5e8cb8-d4ee-4ad5-9084-3bf21bbbdb6b
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2017-12736
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-28656
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 8e5e8cb8-d4ee-4ad5-9084-3bf21bbbdb6b
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2017-12736
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: 8e5e8cb8-d4ee-4ad5-9084-3bf21bbbdb6b // CNVD: CNVD-2017-28656 // JVNDB: JVNDB-2017-011797 // CNNVD: CNNVD-201709-1396 // NVD: CVE-2017-12736

PROBLEMTYPE DATA

problemtype:CWE-665

Trust: 1.0

problemtype:CWE-20

Trust: 1.0

problemtype:CWE-264

Trust: 0.8

sources: JVNDB: JVNDB-2017-011797 // NVD: CVE-2017-12736

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201709-1396

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201709-1396

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-011797

PATCH

title:SSA-856721url:https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf

Trust: 0.8

title:Siemens Ruggedcom ROS and SCALANCE Unauthorized Patch for Operational Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/103044

Trust: 0.6

title:Multiple Siemens Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75254

Trust: 0.6

sources: CNVD: CNVD-2017-28656 // JVNDB: JVNDB-2017-011797 // CNNVD: CNNVD-201709-1396

EXTERNAL IDS

db:NVDid:CVE-2017-12736

Trust: 3.5

db:SIEMENSid:SSA-856721

Trust: 2.5

db:BIDid:101041

Trust: 1.9

db:SECTRACKid:1039464

Trust: 1.6

db:SECTRACKid:1039463

Trust: 1.6

db:CNVDid:CNVD-2017-28656

Trust: 0.8

db:CNNVDid:CNNVD-201709-1396

Trust: 0.8

db:ICS CERTid:ICSA-17-271-01B

Trust: 0.8

db:JVNDBid:JVNDB-2017-011797

Trust: 0.8

db:ICS CERTid:ICSA-17-271-01

Trust: 0.6

db:IVDid:8E5E8CB8-D4EE-4AD5-9084-3BF21BBBDB6B

Trust: 0.2

sources: IVD: 8e5e8cb8-d4ee-4ad5-9084-3bf21bbbdb6b // CNVD: CNVD-2017-28656 // BID: 101041 // JVNDB: JVNDB-2017-011797 // CNNVD: CNNVD-201709-1396 // NVD: CVE-2017-12736

REFERENCES

url:https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf

Trust: 2.5

url:http://www.securityfocus.com/bid/101041

Trust: 1.6

url:http://www.securitytracker.com/id/1039463

Trust: 1.6

url:http://www.securitytracker.com/id/1039464

Trust: 1.6

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12736

Trust: 0.8

url:https://ics-cert.us-cert.gov/advisories/icsa-17-271-01b

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-12736

Trust: 0.8

url:https://ics-cert.us-cert.gov/advisories/icsa-17-271-01

Trust: 0.6

url:http://www.siemens.com/

Trust: 0.3

sources: CNVD: CNVD-2017-28656 // BID: 101041 // JVNDB: JVNDB-2017-011797 // CNNVD: CNNVD-201709-1396 // NVD: CVE-2017-12736

CREDITS

Siemens

Trust: 0.9

sources: BID: 101041 // CNNVD: CNNVD-201709-1396

SOURCES

db:IVDid:8e5e8cb8-d4ee-4ad5-9084-3bf21bbbdb6b
db:CNVDid:CNVD-2017-28656
db:BIDid:101041
db:JVNDBid:JVNDB-2017-011797
db:CNNVDid:CNNVD-201709-1396
db:NVDid:CVE-2017-12736

LAST UPDATE DATE

2024-08-14T15:39:24.583000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2017-28656date:2017-09-29T00:00:00
db:BIDid:101041date:2017-09-28T00:00:00
db:JVNDBid:JVNDB-2017-011797date:2018-03-05T00:00:00
db:CNNVDid:CNNVD-201709-1396date:2019-10-23T00:00:00
db:NVDid:CVE-2017-12736date:2019-10-03T00:03:26.223

SOURCES RELEASE DATE

db:IVDid:8e5e8cb8-d4ee-4ad5-9084-3bf21bbbdb6bdate:2017-09-29T00:00:00
db:CNVDid:CNVD-2017-28656date:2017-09-29T00:00:00
db:BIDid:101041date:2017-09-28T00:00:00
db:JVNDBid:JVNDB-2017-011797date:2018-01-26T00:00:00
db:CNNVDid:CNNVD-201709-1396date:2017-09-28T00:00:00
db:NVDid:CVE-2017-12736date:2017-12-26T04:29:13.643