ID

VAR-202107-1608


CVE

CVE-2020-28400


TITLE

Vulnerability in limiting or non-slotting resource allocation in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2021-010133

DESCRIPTION

Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. Multiple Siemens products contain vulnerabilities in resource allocation without restrictions or throttling.Service operation interruption (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Siemens SCALANCE S602是德国西门子(Siemens)公司的一款工业安全设备. Siemens多款产品 存在安全漏洞,该漏洞允许攻击者执行拒绝服务攻击。以下产品和版本受到影响:Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions), RUGGEDCOM RM1224 (All Versions < 6.4), SCALANCE M-800 (All Versions < 6.4), SCALANCE S615 (All Versions < 6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2FM (All versions), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2LD TS (All versions), SCALANCE X204-2TS (All versions), SCALANCE X206-1 (All versions), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions), SCALANCE X208 (incl. SIPLUS NET variant) (All versions), SCALANCE X208PRO (All versions), SCALANCE X212-2 (All versions), SCALANCE X212-2LD (All versions), SCALANCE X216 (All versions), SCALANCE X224 (All versions), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M POE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions), SCALANCE XC-200 (All versions), SCALANCE XF-200BA (All versions), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions), SCALANCE XF208 (All versions), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions), SCALANCE XR-300WG (All versions), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M POE (All versions), SCALANCE XR324-4M POE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET CM 1542-1 (All versions), SIMATIC NET CP1616/CP1604 (All Versions >= V2.7), SIMATIC NET CP1626 (All versions), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions)

Trust: 2.79

sources: NVD: CVE-2020-28400 // JVNDB: JVNDB-2021-010133 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-901 // VULMON: CVE-2020-28400

AFFECTED PRODUCTS

vendor:siemensmodel:scalance x206-1scope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance x201-3p irt proscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:softnet-ie pnioscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x310fescope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic net cp1604scope:lteversion:2.7

Trust: 1.0

vendor:siemensmodel:scalance xr324-12mscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x306-1ldfescope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x304-2fescope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simocode prov profinetscope:ltversion:2.1.3

Trust: 1.0

vendor:siemensmodel:simatic net cm 1542-1scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance w1700scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x206-1ldscope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance x308-2m poescope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xf204-2scope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance x202-2p irt proscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:scalance x310scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xr324-4m poe tsscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simocode prov ethernet\/ipscope:ltversion:1.1.3

Trust: 1.0

vendor:siemensmodel:scalance x204 irtscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:dk standard ethernet controller evaluation kitscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x308-2lh\+scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xf204-2ba irtscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:scalance x308-2mscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x204-2scope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance xf204scope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance x307-3ldscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xr324-4m poescope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xf206-1scope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance x204 irt proscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:simatic ie\/pb-link v3scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x308-2lhscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x308-2scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x307-2eecscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:ek-ertec 200 evaulation kitscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x320-1fescope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xr324-12m tsscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic power line booster plbscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic profinet driverscope:ltversion:2.3

Trust: 1.0

vendor:siemensmodel:scalance x201-3p irtscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:scalance x208scope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance m-800scope:ltversion:6.4

Trust: 1.0

vendor:siemensmodel:scalance x308-2ldscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic mv500scope:ltversion:3.0

Trust: 1.0

vendor:siemensmodel:scalance x212-2scope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance xb-200scope:ltversion:4.3

Trust: 1.0

vendor:siemensmodel:scalance xf-200bascope:ltversion:4.3

Trust: 1.0

vendor:siemensmodel:scalance x208proscope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance x204-2tsscope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance x308-2m tsscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xf204 irtscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:scalance w700scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic net dk-16xx pn ioscope:lteversion:2.7

Trust: 1.0

vendor:siemensmodel:scalance xf202-2p irtscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:scalance x307-3scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1200scope:ltversion:4.5

Trust: 1.0

vendor:siemensmodel:simatic cfu pascope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xr500scope:ltversion:6.3.1

Trust: 1.0

vendor:siemensmodel:scalance x302-7eecscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:ek-ertec 200p evaluation kitscope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:scalance xf201-3p irtscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:scalance xc-200scope:ltversion:4.3

Trust: 1.0

vendor:siemensmodel:scalance x200-4 p irtscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:scalance x204-2ld tsscope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance x204-2ldscope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance xr-300wgscope:ltversion:4.3

Trust: 1.0

vendor:siemensmodel:scalance xp-200scope:ltversion:4.3

Trust: 1.0

vendor:siemensmodel:scalance x320-3ldfescope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance s615scope:ltversion:6.4

Trust: 1.0

vendor:siemensmodel:scalance x224scope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:simatic net cp1626scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xr324-4m eecscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xf208scope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance x216scope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:scalance x212-2ldscope:ltversion:5.2.5

Trust: 1.0

vendor:siemensmodel:simatic net cp1616scope:lteversion:2.7

Trust: 1.0

vendor:siemensmodel:scalance xm400scope:ltversion:6.3.1

Trust: 1.0

vendor:siemensmodel:ruggedcom rm1224scope:ltversion:6.4

Trust: 1.0

vendor:siemensmodel:scalance x202-2 irtscope:ltversion:5.5.0

Trust: 1.0

vendor:siemensmodel:scalance x204-2fmscope:ltversion:5.2.5

Trust: 1.0

vendor:シーメンスmodel:scalance x200-4p irtscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:dk standard ethernet controller evaluation kitscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance w1700scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance s615scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:ek-ertec 200p evaluation kitscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance x201-3p irtscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:ek-ertec 200 evaluation kitscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance w700scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance m-800scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:ruggedcom rm1224scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-010133 // NVD: CVE-2020-28400

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-28400
value: HIGH

Trust: 1.0

productcert@siemens.com: CVE-2020-28400
value: HIGH

Trust: 1.0

NVD: CVE-2020-28400
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202107-901
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-28400
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2020-28400
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2020-28400
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2021-010133 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-901 // NVD: CVE-2020-28400 // NVD: CVE-2020-28400

PROBLEMTYPE DATA

problemtype:CWE-770

Trust: 1.0

problemtype:Allocation of resources without limits or throttling (CWE-770) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-010133 // NVD: CVE-2020-28400

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202107-901

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-901

PATCH

title:SSA-599968url:https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf

Trust: 0.8

title:Siemens Various product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=156594

Trust: 0.6

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=77fc0ba2dcd8966c9a1f7eb47b8603ca

Trust: 0.1

sources: VULMON: CVE-2020-28400 // JVNDB: JVNDB-2021-010133 // CNNVD: CNNVD-202107-901

EXTERNAL IDS

db:NVDid:CVE-2020-28400

Trust: 3.3

db:ICS CERTid:ICSA-21-194-03

Trust: 2.4

db:SIEMENSid:SSA-599968

Trust: 1.7

db:JVNDBid:JVNDB-2021-010133

Trust: 0.8

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:AUSCERTid:ESB-2021.2401

Trust: 0.6

db:CS-HELPid:SB2021071416

Trust: 0.6

db:CNNVDid:CNNVD-202107-901

Trust: 0.6

db:VULMONid:CVE-2020-28400

Trust: 0.1

sources: VULMON: CVE-2020-28400 // JVNDB: JVNDB-2021-010133 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-901 // NVD: CVE-2020-28400

REFERENCES

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03

Trust: 2.2

url:https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/html/ssa-599968.html

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2020-28400

Trust: 0.8

url:https://www.cisa.gov/uscert/ics/advisories/icsa-21-194-03

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://vigilance.fr/vulnerability/siemens-ruggedcom-simatic-denial-of-service-via-profinet-dcp-reset-35890

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021071416

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2401

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/770.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://cert-portal.siemens.com/productcert/txt/ssa-599968.txt

Trust: 0.1

sources: VULMON: CVE-2020-28400 // JVNDB: JVNDB-2021-010133 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-901 // NVD: CVE-2020-28400

CREDITS

Siemens reported this vulnerability to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202107-901

SOURCES

db:VULMONid:CVE-2020-28400
db:JVNDBid:JVNDB-2021-010133
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202107-901
db:NVDid:CVE-2020-28400

LAST UPDATE DATE

2024-08-14T12:06:49.974000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2020-28400date:2021-07-13T00:00:00
db:JVNDBid:JVNDB-2021-010133date:2022-06-22T02:38:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202107-901date:2022-04-13T00:00:00
db:NVDid:CVE-2020-28400date:2024-06-11T09:15:09.487

SOURCES RELEASE DATE

db:VULMONid:CVE-2020-28400date:2021-07-13T00:00:00
db:JVNDBid:JVNDB-2021-010133date:2022-06-22T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202107-901date:2021-07-13T00:00:00
db:NVDid:CVE-2020-28400date:2021-07-13T11:15:08.960