ID

VAR-201712-0703


CVE

CVE-2017-12741


TITLE

plural Siemens Data processing vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2017-011798

DESCRIPTION

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually. plural Siemens The product contains data processing vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensSIMATICS7-200Smart and others are products of Siemens AG. The Siemens SIMATICS7-200Smart is a programmable logic controller (PLC) for use in small and medium-sized automation systems. SIMATICWinACRTX2010incl is a software controller for automation solutions. A denial of service vulnerability exists in several Siemens products. Attackers can exploit this issue to crash the affected device, denying service to legitimate users. A vulnerability has been identified in SIMATIC S7-200 Smart (All versions < V2.03.01), SIMATIC S7-400 PN V6 (All versions < V6.0.6), SIMATIC S7-400 H V6 (All versions < V6.0.8), SIMATIC S7-400 PN/DP V7 (All versions < V7.0.2), SIMATIC S7-410 V8 (All versions < V8.2.1), SIMATIC S7-300 (All versions < V3.X.16), SIMATIC S7-1200 (All versions < V4.2.3), SIMATIC S7-1500 (All versions < V2.0), SIMATIC S7-1500 Software Controller (All versions < V2.0), SIMATIC WinAC RTX 2010 incl. F (All versions), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.2), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP IM155-5 PN HF (All versions < V4.2), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN HF (All versions < V4.2.0), SIMATIC ET 200SP IM155-6 PN HA (All versions < V1.1.0), SIMATIC ET 200SP IM155-6 PN BA (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions), SIMATIC ET 200SP IM155-6 PN HS (All versions), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions < V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions < V4.5), SIMOTION D (All versions < V5.1 HF1), SIMOTION C (All versions < V5.1 HF1), SIMOTION P V4.4 and V4.5 (All versions < V4.5 HF5), SIMOTION P V5 (All versions < V5.1 HF1), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF6), SINAMICS DCP w. PN (All versions < V1.2 HF2), SINAMICS G110M w. PN (All versions < V4.7 SP9 HF1), SINAMICS G120 (C/P/D) w. PN (All versions < V4.7 SP9 HF1), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF6), SINAMICS S120 prior to V4.7 w. PN (All versions < V4.7), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS S120 V4.7 SP1 w. PN (All versions), SINAMICS S120 V4.8 w. PN (All versions < V4.8 HF5), SINAMICS S150 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS S150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS V90 w. PN (All versions < V1.02), SINUMERIK 840D sl (All versions), SIMATIC Compact Field Unit (All versions), SIMATIC PN/PN Coupler (All versions < V4.2.0), SIMOCODE pro V PROFINET (All versions < V2.1.1), SIRIUS Soft Starter 3RW44 PN (All versions), SIMOCODE pro V EIP (All versions < V1.0.2). Siemens SIMATIC S7-1500 CPU, etc. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. The following products and versions are affected: Siemens SIMATIC S7-200 Smart prior to V2.03.01; SIMATIC S7-400 PN/DP V7 CPU family (SIPLUS variants); SIMATIC S7-410 V8 CPU family (SIPLUS variants); SIMATIC S7- 300 CPU family (related to ET200 CPUs and SIPLUS variants); SIMATIC S7-1200 CPU family (related to SIPLUS variants); SIMATIC S7-1500 CPU family (related to ET200 CPUs and SIPLUS variants); SIMATIC S7-1500 Software Controller prior to V2.0 wait

Trust: 2.7

sources: NVD: CVE-2017-12741 // JVNDB: JVNDB-2017-011798 // CNVD: CNVD-2017-36884 // BID: 101964 // IVD: e2df32de-39ab-11e9-b092-000c29342cb1 // VULHUB: VHN-103294

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: e2df32de-39ab-11e9-b092-000c29342cb1 // CNVD: CNVD-2017-36884

AFFECTED PRODUCTS

vendor:siemensmodel:sinamics s120scope:eqversion: -

Trust: 1.9

vendor:siemensmodel:sinumerik 840d slscope:eqversion: -

Trust: 1.6

vendor:siemensmodel:simatic compact field unitscope:eqversion: -

Trust: 1.6

vendor:siemensmodel:simatic pn\/pn couplerscope:eqversion: -

Trust: 1.6

vendor:siemensmodel:sinamics v90pnscope:eqversion: -

Trust: 1.6

vendor:siemensmodel:sinamics s150 v4.8scope:eqversion: -

Trust: 1.6

vendor:siemensmodel:simocode pro v profinetscope:eqversion: -

Trust: 1.6

vendor:siemensmodel:sinamics s150 v4.7scope:eqversion: -

Trust: 1.6

vendor:siemensmodel:sinamics s110pnscope:eqversion: -

Trust: 1.6

vendor:siemensmodel:sirius soft starter 3rw44pnscope:eqversion: -

Trust: 1.6

vendor:siemensmodel:simatic s7-300scope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic s7-1200scope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic s7-1500scope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic et 200alscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic et 200ecopnscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic et 200mscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic et 200mpscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic et 200proscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic et 200sscope: - version: -

Trust: 1.4

vendor:siemensmodel:sinamics dcmscope: - version: -

Trust: 1.4

vendor:siemensmodel:sinamics dcpscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic et 200spscope: - version: -

Trust: 1.4

vendor:siemensmodel:dk standard ethernet controllerscope: - version: -

Trust: 1.4

vendor:siemensmodel:sinamics s120scope: - version: -

Trust: 1.4

vendor:siemensmodel:sinumerik 840d slscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic compact field unitscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic pn/pn couplerscope: - version: -

Trust: 1.4

vendor:siemensmodel:sirius soft starter 3rw44 pnscope: - version: -

Trust: 1.4

vendor:siemensmodel:sinamics g150scope:eqversion: -

Trust: 1.3

vendor:siemensmodel:sinamics g130scope:eqversion: -

Trust: 1.3

vendor:siemensmodel:sinamics dcpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-200scope:ltversion:2.03.01

Trust: 1.0

vendor:siemensmodel:simatic et 200spscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:ek-ertec 200pn ioscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic et 200proscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:sinamics dcmscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic et 200mpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-400pn v6scope:ltversion:6.0.6

Trust: 1.0

vendor:siemensmodel:simatic s7-400h v6scope:ltversion:6.0.8

Trust: 1.0

vendor:siemensmodel:simatic et 200alscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simotion pscope:lteversion:5.1

Trust: 1.0

vendor:siemensmodel:simatic s7-410 v8scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simotion cscope:lteversion:5.1

Trust: 1.0

vendor:siemensmodel:simotion dscope:lteversion:5.1

Trust: 1.0

vendor:siemensmodel:simatic winac rtx f 2010scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:dk standard ethernet controllerscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-400pn\/dp v7scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic et 200mscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-300scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 controllerscope:eqversion:2.0

Trust: 1.0

vendor:siemensmodel:simatic et 200ecopnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500scope:ltversion:2.0

Trust: 1.0

vendor:siemensmodel:sinamics g110m\/g120pnscope:lteversion:4.7

Trust: 1.0

vendor:siemensmodel:ek-ertec 200pscope:ltversion:4.5

Trust: 1.0

vendor:siemensmodel:simatic et 200sscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:ek-ertec 200 pn ioscope: - version: -

Trust: 0.8

vendor:siemensmodel:ek-ertec 200p pscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-200 smartscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-400 pn v6scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-400 pn/dp v7scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-400h v6scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-410 v8scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic winac rtx 2010 incl. fscope: - version: -

Trust: 0.8

vendor:siemensmodel:simocode pro v profinetscope: - version: -

Trust: 0.8

vendor:siemensmodel:simotion cscope: - version: -

Trust: 0.8

vendor:siemensmodel:simotion dscope: - version: -

Trust: 0.8

vendor:siemensmodel:simotion pscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics g110mscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics g130scope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics g150scope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics s110 w. pnscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics s150 v4.7 w. pnscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics s150 v4.8 w. pnscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics v90 w. pnscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-200 smartscope:ltversion:v2.03.01

Trust: 0.6

vendor:siemensmodel:simatic s7-400 pnscope:eqversion:v6<v6.0.6

Trust: 0.6

vendor:siemensmodel:simatic s7-400 hscope:eqversion:v6

Trust: 0.6

vendor:siemensmodel:simatic s7-400 pn/dpscope:eqversion:v7

Trust: 0.6

vendor:siemensmodel:simatic s7-410scope:eqversion:v8

Trust: 0.6

vendor:siemensmodel:simatic winac rtx incl.fscope:eqversion:2010

Trust: 0.6

vendor:siemensmodel:ek-ertec pn ioscope:eqversion:200

Trust: 0.6

vendor:siemensmodel:simotion d hf1scope:ltversion:v5.1

Trust: 0.6

vendor:siemensmodel:simotion c hf1scope:ltversion:v5.1

Trust: 0.6

vendor:siemensmodel:simotion p hf1scope:ltversion:v5.1

Trust: 0.6

vendor:siemensmodel:sinamics g110m/g120 w.pn sp9 hf1scope:ltversion:v4.7

Trust: 0.6

vendor:siemensmodel:ek-ertec 200pscope:ltversion:v4.5

Trust: 0.6

vendor:siemensmodel:sinamics s110 w.pnscope: - version: -

Trust: 0.6

vendor:siemensmodel:sinamics s150scope:eqversion:v4.7

Trust: 0.6

vendor:siemensmodel:sinamics s150scope:eqversion:v4.8

Trust: 0.6

vendor:siemensmodel:sinamics w.pnscope:eqversion:v90

Trust: 0.6

vendor:siemensmodel:simocode pro profinetscope:eqversion:v

Trust: 0.6

vendor:siemensmodel:sinamics g130 and g150scope: - version: -

Trust: 0.6

vendor:siemensmodel:softnet profinet ioscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sirius soft starter 3rw44 pnscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sinumerik 840d slscope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinumerik 840dscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sinamics sm150scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics sm120scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics sl150scope:eqversion:4.7.5

Trust: 0.3

vendor:siemensmodel:sinamics sl150scope:eqversion:4.7.4

Trust: 0.3

vendor:siemensmodel:sinamics sl150scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics s150scope:eqversion: -

Trust: 0.3

vendor:siemensmodel:sinamics s120scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sinamics gm150scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics gl150scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics gh150scope:eqversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics g120scope:eqversion: -

Trust: 0.3

vendor:siemensmodel:sinamics dcpscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sinamics dcmscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simotionscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simocode pro eipscope:eqversion:v1.0.1

Trust: 0.3

vendor:siemensmodel:simocode pro eipscope:eqversion:v1.0

Trust: 0.3

vendor:siemensmodel:simatic winac rtxscope:eqversion:20100

Trust: 0.3

vendor:siemensmodel:simatic winac rtx f sp2scope:eqversion:2010

Trust: 0.3

vendor:siemensmodel:simatic winac rtx sp2scope:eqversion:2010

Trust: 0.3

vendor:siemensmodel:simatic s7-410scope:eqversion:8

Trust: 0.3

vendor:siemensmodel:simatic s7-400 pnscope:eqversion:v60

Trust: 0.3

vendor:siemensmodel:simatic s7-400 pnscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic s7-400 hscope:eqversion:v60

Trust: 0.3

vendor:siemensmodel:simatic s7-300scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic s7-200scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.8.3

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.6

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.5.0

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic s7-1200scope:eqversion:4.1.3

Trust: 0.3

vendor:siemensmodel:simatic s7-1200scope:eqversion:4.0

Trust: 0.3

vendor:siemensmodel:simatic s7-1200scope:eqversion:3.0.1

Trust: 0.3

vendor:siemensmodel:simatic s7-1200scope:eqversion:3.0.0

Trust: 0.3

vendor:siemensmodel:simatic s7-1200scope:eqversion:3.0

Trust: 0.3

vendor:siemensmodel:simatic s7-1200scope:eqversion:2.0.3

Trust: 0.3

vendor:siemensmodel:simatic s7-1200scope:eqversion:2.0.2

Trust: 0.3

vendor:siemensmodel:simatic etscope:eqversion:2000

Trust: 0.3

vendor:siemensmodel:simatic compact field unitscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:profinet ioscope:eqversion:1.4.1

Trust: 0.3

vendor:siemensmodel:profinet ioscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sinamics sm120 sp2scope:neversion:4.8

Trust: 0.3

vendor:siemensmodel:sinamics sl150 sp2scope:neversion:4.8

Trust: 0.3

vendor:siemensmodel:sinamics gm150 sp2scope:neversion:4.8

Trust: 0.3

vendor:siemensmodel:sinamics gl150 sp2scope:neversion:4.8

Trust: 0.3

vendor:siemensmodel:sinamics gh150 sp2scope:neversion:4.8

Trust: 0.3

vendor:siemensmodel:sinamics g120pscope:neversion: -

Trust: 0.3

vendor:siemensmodel:sinamics g120dscope:neversion: -

Trust: 0.3

vendor:siemensmodel:sinamics g120cscope:neversion: -

Trust: 0.3

vendor:siemensmodel:sinamics g120 update sp9 hf1scope:neversion:4.7

Trust: 0.3

vendor:siemensmodel:sinamics g110mscope:neversion:0

Trust: 0.3

vendor:siemensmodel:simotion p hf1scope:neversion:5.1

Trust: 0.3

vendor:siemensmodel:simotion c hf1scope:neversion:5.1

Trust: 0.3

vendor:siemensmodel:simocode pro eipscope:neversion:v1.0.2

Trust: 0.3

vendor:siemensmodel:simatic s7-400 pnscope:neversion:v66.0.6

Trust: 0.3

vendor:siemensmodel:simatic s7-200 smartscope:neversion:2.3.1

Trust: 0.3

vendor:simatic s7 200model: - scope:eqversion:*

Trust: 0.2

vendor:simatic winac rtx f 2010model: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200almodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200ecopnmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200mmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200mpmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200promodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200smodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic et 200spmodel: - scope:eqversion: -

Trust: 0.2

vendor:dk standard ethernet controllermodel: - scope:eqversion: -

Trust: 0.2

vendor:ek ertec 200pmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 400pn v6model: - scope:eqversion:*

Trust: 0.2

vendor:ek ertec 200pn iomodel: - scope:eqversion: -

Trust: 0.2

vendor:simotion dmodel: - scope:eqversion:*

Trust: 0.2

vendor:simotion cmodel: - scope:eqversion:*

Trust: 0.2

vendor:simotion pmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics dcmmodel: - scope:eqversion: -

Trust: 0.2

vendor:sinamics dcpmodel: - scope:eqversion: -

Trust: 0.2

vendor:sinamics g110m g120pnmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g130model: - scope:eqversion: -

Trust: 0.2

vendor:sinamics g150model: - scope:eqversion: -

Trust: 0.2

vendor:sinamics s110pnmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 400h v6model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics s120model: - scope:eqversion: -

Trust: 0.2

vendor:sinamics s150 v4 7model: - scope:eqversion: -

Trust: 0.2

vendor:sinamics s150 v4 8model: - scope:eqversion: -

Trust: 0.2

vendor:sinamics v90pnmodel: - scope:eqversion: -

Trust: 0.2

vendor:sinumerik 840d slmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic compact field unitmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic pn pn couplermodel: - scope:eqversion: -

Trust: 0.2

vendor:simocode pro v profinetmodel: - scope:eqversion: -

Trust: 0.2

vendor:sirius soft starter 3rw44pnmodel: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 400pn dp v7model: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 410 v8model: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 300model: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 1200model: - scope:eqversion: -

Trust: 0.2

vendor:simatic s7 1500model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1500 controllermodel: - scope:eqversion:2.0

Trust: 0.2

sources: IVD: e2df32de-39ab-11e9-b092-000c29342cb1 // CNVD: CNVD-2017-36884 // BID: 101964 // JVNDB: JVNDB-2017-011798 // CNNVD: CNNVD-201711-1105 // NVD: CVE-2017-12741

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12741
value: HIGH

Trust: 1.0

productcert@siemens.com: CVE-2017-12741
value: HIGH

Trust: 1.0

NVD: CVE-2017-12741
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-36884
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201711-1105
value: HIGH

Trust: 0.6

IVD: e2df32de-39ab-11e9-b092-000c29342cb1
value: HIGH

Trust: 0.2

VULHUB: VHN-103294
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-12741
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-36884
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2df32de-39ab-11e9-b092-000c29342cb1
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-103294
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12741
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

productcert@siemens.com: CVE-2017-12741
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: IVD: e2df32de-39ab-11e9-b092-000c29342cb1 // CNVD: CNVD-2017-36884 // VULHUB: VHN-103294 // JVNDB: JVNDB-2017-011798 // CNNVD: CNNVD-201711-1105 // NVD: CVE-2017-12741 // NVD: CVE-2017-12741

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-19

Trust: 0.9

sources: VULHUB: VHN-103294 // JVNDB: JVNDB-2017-011798 // NVD: CVE-2017-12741

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-1105

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201711-1105

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-011798

PATCH

title:SSA-346262url:https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-346262.pdf

Trust: 0.8

title:Patches for multiple Siemens product denial of service vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/109849

Trust: 0.6

title:Multiple Siemens Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76771

Trust: 0.6

sources: CNVD: CNVD-2017-36884 // JVNDB: JVNDB-2017-011798 // CNNVD: CNNVD-201711-1105

EXTERNAL IDS

db:NVDid:CVE-2017-12741

Trust: 3.6

db:BIDid:101964

Trust: 2.6

db:ICS CERTid:ICSA-17-339-01

Trust: 2.3

db:SIEMENSid:SSA-346262

Trust: 2.0

db:SIEMENSid:SSA-546832

Trust: 2.0

db:SIEMENSid:SSA-141614

Trust: 1.7

db:ICS CERTid:ICSA-18-128-01

Trust: 1.7

db:ICS CERTid:ICSA-19-099-01

Trust: 1.7

db:CNNVDid:CNNVD-201711-1105

Trust: 0.9

db:CNVDid:CNVD-2017-36884

Trust: 0.8

db:JVNDBid:JVNDB-2017-011798

Trust: 0.8

db:AUSCERTid:ESB-2019.1206

Trust: 0.6

db:IVDid:E2DF32DE-39AB-11E9-B092-000C29342CB1

Trust: 0.2

db:VULHUBid:VHN-103294

Trust: 0.1

sources: IVD: e2df32de-39ab-11e9-b092-000c29342cb1 // CNVD: CNVD-2017-36884 // VULHUB: VHN-103294 // BID: 101964 // JVNDB: JVNDB-2017-011798 // CNNVD: CNNVD-201711-1105 // NVD: CVE-2017-12741

REFERENCES

url:https://www.securityfocus.com/bid/101964

Trust: 2.9

url:https://ics-cert.us-cert.gov/advisories/icsa-17-339-01

Trust: 2.3

url:https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf

Trust: 1.7

url:https://ics-cert.us-cert.gov/advisories/icsa-18-128-01

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/html/ssa-141614.html

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-346262.html

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-546832.html

Trust: 1.0

url:http://www.siemens.com/

Trust: 0.9

url:https://ics-cert.us-cert.gov/advisories/icsa-19-099-01

Trust: 0.9

url:https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-346262.pdf

Trust: 0.9

url:https://cert-portal.siemens.com/productcert/txt/ssa-546832.txt

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12741

Trust: 0.8

url:https://www.us-cert.gov/ics/advisories/icsa-19-099-01

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-12741

Trust: 0.8

url:https://www.auscert.org.au/bulletins/78750

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-17-339-01

Trust: 0.6

sources: CNVD: CNVD-2017-36884 // VULHUB: VHN-103294 // BID: 101964 // JVNDB: JVNDB-2017-011798 // CNNVD: CNNVD-201711-1105 // NVD: CVE-2017-12741

CREDITS

Siemens ProductCERT reported this vulnerability to NCCIC.

Trust: 0.6

sources: CNNVD: CNNVD-201711-1105

SOURCES

db:IVDid:e2df32de-39ab-11e9-b092-000c29342cb1
db:CNVDid:CNVD-2017-36884
db:VULHUBid:VHN-103294
db:BIDid:101964
db:JVNDBid:JVNDB-2017-011798
db:CNNVDid:CNNVD-201711-1105
db:NVDid:CVE-2017-12741

LAST UPDATE DATE

2024-08-14T14:33:18.821000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2017-36884date:2017-12-12T00:00:00
db:VULHUBid:VHN-103294date:2020-08-14T00:00:00
db:BIDid:101964date:2019-04-10T07:00:00
db:JVNDBid:JVNDB-2017-011798date:2019-07-08T00:00:00
db:CNNVDid:CNNVD-201711-1105date:2022-02-11T00:00:00
db:NVDid:CVE-2017-12741date:2024-07-09T12:15:03.287

SOURCES RELEASE DATE

db:IVDid:e2df32de-39ab-11e9-b092-000c29342cb1date:2017-12-12T00:00:00
db:CNVDid:CNVD-2017-36884date:2017-12-12T00:00:00
db:VULHUBid:VHN-103294date:2017-12-26T00:00:00
db:BIDid:101964date:2017-11-23T00:00:00
db:JVNDBid:JVNDB-2017-011798date:2018-01-26T00:00:00
db:CNNVDid:CNNVD-201711-1105date:2017-11-28T00:00:00
db:NVDid:CVE-2017-12741date:2017-12-26T04:29:13.707