Search criteria

12 vulnerabilities found for SIMATIC MV400 family by Siemens

VAR-202103-0198

Vulnerability from variot - Updated: 2023-12-18 11:42

A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions. SIMATIC MV400 The family contains a vulnerability in array index validation.Denial of service (DoS) It may be put into a state. Siemens SIMATIC MV400 is an industrial equipment of Germany's Siemens (Siemens) company. Used for optical identification.

An unspecified vulnerability exists in the Siemens SIMATIC MV400 series TCP protocol stack

Show details on source website
To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0198",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic mv440 ur",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0.6"
      },
      {
        "model": "simatic mv440 sr",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0.6"
      },
      {
        "model": "simatic mv420 sr-p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0.6"
      },
      {
        "model": "simatic mv440 hr",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0.6"
      },
      {
        "model": "simatic mv420 sr-b body",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0.6"
      },
      {
        "model": "simatic mv420 sr-b",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0.6"
      },
      {
        "model": "simatic mv420 sr-p body",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0.6"
      },
      {
        "model": "simatic mv420 sr-b body",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic mv440 ur",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic mv440 sr",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic mv440 hr",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic mv420 sr-p body",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic mv420 sr-p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic mv420 sr-b",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic mv400 family",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.0.6"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16443"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25241"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_mv440_sr_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_mv440_sr:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_mv440_hr_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_mv440_hr:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_mv440_ur_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_mv440_ur:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_mv420_sr-b_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_mv420_sr-b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_mv420_sr-p_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_mv420_sr-p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_mv420_sr-b_body_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_mv420_sr-b_body:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_mv420_sr-p_body_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_mv420_sr-p_body:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-25241"
      }
    ]
  },
  "cve": "CVE-2020-25241",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2020-25241",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-16443",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2020-25241",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-25241",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-16443",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202103-685",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16443"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25241"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202103-685"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions. SIMATIC MV400 The family contains a vulnerability in array index validation.Denial of service (DoS) It may be put into a state. Siemens SIMATIC MV400 is an industrial equipment of Germany\u0027s Siemens (Siemens) company. Used for optical identification. \n\r\n\r\nAn unspecified vulnerability exists in the Siemens SIMATIC MV400 series TCP protocol stack",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-25241"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-16443"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-25241",
        "trust": 3.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-599268",
        "trust": 2.2
      },
      {
        "db": "JVN",
        "id": "JVNVU93441670",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016315",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-16443",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.0852",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-068-07",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202103-685",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16443"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25241"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202103-685"
      }
    ]
  },
  "id": "VAR-202103-0198",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16443"
      }
    ],
    "trust": 1.6
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16443"
      }
    ]
  },
  "last_update_date": "2023-12-18T11:42:55.712000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-599268",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
      },
      {
        "title": "Siemens SIMATIC MV400 Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=144277"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202103-685"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-129",
        "trust": 1.0
      },
      {
        "problemtype": "Improper validation of array indexes (CWE-129) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25241"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25241"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu93441670/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/siemens-simatic-mv400-two-vulnerabilities-via-tcp-stack-34783"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.0852"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-07"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16443"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25241"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202103-685"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16443"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25241"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202103-685"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-03-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-16443"
      },
      {
        "date": "2021-11-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      },
      {
        "date": "2021-03-15T17:15:20.097000",
        "db": "NVD",
        "id": "CVE-2020-25241"
      },
      {
        "date": "2021-03-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202103-685"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-03-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-16443"
      },
      {
        "date": "2021-11-22T09:06:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      },
      {
        "date": "2021-03-18T20:04:09.937000",
        "db": "NVD",
        "id": "CVE-2020-25241"
      },
      {
        "date": "2021-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202103-685"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202103-685"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC\u00a0MV400\u00a0 Array index validation vulnerability in family",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016315"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202103-685"
      }
    ],
    "trust": 0.6
  }
}

VAR-202103-0210

Vulnerability from variot - Updated: 2023-12-18 10:44

In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions. SIMATIC MV400 family Contains an unspecified vulnerability.Information may be tampered with. Siemens SIMATIC MV400 is an industrial equipment of Germany's Siemens (Siemens) company. Used for optical identification.

The Siemens SIMATIC MV400 series TCP protocol stack has security vulnerabilities

Show details on source website
To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0210",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic mv440",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0.6"
      },
      {
        "model": "simatic mv420",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0.6"
      },
      {
        "model": "simatic ident mv440 family",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic ident mv420 family",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic mv400 family",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.0.6"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27632"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_mv420_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_mv420:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_mv440_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_mv440:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-27632"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "and Amine Amri of Forescout Research Labs reported these vulnerabilities to CISA., Stanislav Dashevskyi,Daniel dos Santos, Jos Wetzels",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2020-27632",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2020-27632",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-16442",
            "impactScore": 6.9,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2020-27632",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-27632",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-16442",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202102-1076",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27632"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions. SIMATIC MV400 family Contains an unspecified vulnerability.Information may be tampered with. Siemens SIMATIC MV400 is an industrial equipment of Germany\u0027s Siemens (Siemens) company. Used for optical identification. \n\r\n\r\nThe Siemens SIMATIC MV400 series TCP protocol stack has security vulnerabilities",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-27632"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-16442"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-27632",
        "trust": 3.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-042-01",
        "trust": 2.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-599268",
        "trust": 2.2
      },
      {
        "db": "JVN",
        "id": "JVNVU90767599",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016226",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-16442",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.0852",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.0538",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-068-07",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1076",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27632"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ]
  },
  "id": "VAR-202103-0210",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16442"
      }
    ],
    "trust": 1.3777778
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16442"
      }
    ]
  },
  "last_update_date": "2023-12-18T10:44:21.452000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-599268",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
      },
      {
        "title": "Repair measures for security feature vulnerabilities of multiple products",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=142809"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27632"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27632"
      },
      {
        "trust": 1.4,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-042-01"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01"
      },
      {
        "trust": 1.0,
        "url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu90767599/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/siemens-simatic-mv400-two-vulnerabilities-via-tcp-stack-34783"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.0852"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.0538"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-07"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27632"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-16442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27632"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-03-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-16442"
      },
      {
        "date": "2021-11-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      },
      {
        "date": "2021-03-10T18:15:12.797000",
        "db": "NVD",
        "id": "CVE-2020-27632"
      },
      {
        "date": "2021-02-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-03-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-16442"
      },
      {
        "date": "2021-11-15T08:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      },
      {
        "date": "2023-10-10T17:15:10.510000",
        "db": "NVD",
        "id": "CVE-2020-27632"
      },
      {
        "date": "2021-11-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC\u00a0MV400\u00a0family\u00a0 Vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-016226"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "security feature problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1076"
      }
    ],
    "trust": 0.6
  }
}

CVE-2020-25241 (GCVE-0-2020-25241)

Vulnerability from cvelistv5 – Published: 2021-03-15 17:03 – Updated: 2024-08-04 15:33
VLAI?
Summary
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions.
Severity ?
No CVSS data available.
CWE
  • CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC MV400 family Affected: All Versions < V7.0.6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:33:05.467Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC MV400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c  V7.0.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1285",
              "description": "CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-15T17:03:30",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-25241",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC MV400 family",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All Versions \u003c  V7.0.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-25241",
    "datePublished": "2021-03-15T17:03:30",
    "dateReserved": "2020-09-10T00:00:00",
    "dateUpdated": "2024-08-04T15:33:05.467Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10925 (GCVE-0-2019-10925)

Vulnerability from cvelistv5 – Published: 2019-06-12 13:47 – Updated: 2024-08-04 22:40
VLAI?
Summary
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
Severity ?
No CVSS data available.
CWE
  • CWE-284 - Improper Access Control
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC MV400 family Affected: All Versions < V7.0.6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.426Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "108725",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108725"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC MV400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c  V7.0.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-15T17:03:29",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "108725",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108725"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-10925",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC MV400 family",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All Versions \u003c  V7.0.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284: Improper Access Control"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "108725",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108725"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-10925",
    "datePublished": "2019-06-12T13:47:56",
    "dateReserved": "2019-04-08T00:00:00",
    "dateUpdated": "2024-08-04T22:40:15.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10926 (GCVE-0-2019-10926)

Vulnerability from cvelistv5 – Published: 2019-06-12 13:47 – Updated: 2024-08-04 22:40
VLAI?
Summary
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted.
Severity ?
No CVSS data available.
CWE
  • CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC MV400 family Affected: All Versions < V7.0.6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "108725",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108725"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC MV400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c  V7.0.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-319",
              "description": "CWE-319: Cleartext Transmission of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-15T17:03:29",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "108725",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108725"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-10926",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC MV400 family",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All Versions \u003c  V7.0.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-319: Cleartext Transmission of Sensitive Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "108725",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108725"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-10926",
    "datePublished": "2019-06-12T13:47:56",
    "dateReserved": "2019-04-08T00:00:00",
    "dateUpdated": "2024-08-04T22:40:15.135Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-2681 (GCVE-0-2017-2681)

Vulnerability from cvelistv5 – Published: 2017-05-11 10:00 – Updated: 2024-09-10 09:33
VLAI?
Summary
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High)
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Siemens Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller Affected: All versions < V4.1.1 Patch04
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 Affected: All versions < V4.2.1 Patch03
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P Affected: All versions < V4.4.0 Patch01
Create a notification for this product.
    Siemens IE/AS-i Link PN IO Affected: All versions
Create a notification for this product.
    Siemens IE/PB-Link (incl. SIPLUS NET variants) Affected: All versions < V3.0
Create a notification for this product.
    Siemens SCALANCE M-800 family (incl. S615, MUM-800 and RM1224) Affected: All versions < V4.03
Create a notification for this product.
    Siemens SCALANCE W-700 IEEE 802.11n family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SCALANCE X-200 family (incl. SIPLUS NET variants) Affected: All versions < V5.2.2
Create a notification for this product.
    Siemens SCALANCE X-200IRT family (incl. SIPLUS NET variants) Affected: All versions < V5.4.0
Create a notification for this product.
    Siemens SCALANCE X-300 family (incl. X408 and SIPLUS NET variants) Affected: All versions < V4.1.0
Create a notification for this product.
    Siemens SCALANCE X408 family Affected: All versions < V4.1.0
Create a notification for this product.
    Siemens SCALANCE X414 Affected: All versions < V3.10.2
Create a notification for this product.
    Siemens SCALANCE XM-400 family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SCALANCE XR-500 family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SIMATIC CM 1542-1 Affected: All versions < V2.0
Create a notification for this product.
    Siemens SIMATIC CM 1542SP-1 Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 (incl. SIPLUS variants) Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 1243-8 IRC Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants) Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1543-1 (incl. SIPLUS variants) Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC CP 1543SP-1 (incl. SIPLUS variants) Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1604 Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC CP 1616 Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC CP 343-1 (incl. SIPLUS variants) Affected: All versions < V3.1.3
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Lean (incl. SIPLUS variants) Affected: All versions < V3.1.3
Create a notification for this product.
    Siemens SIMATIC CP 443-1 (incl. SIPLUS variants) Affected: All versions < V3.2.17
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) Affected: All versions < V3.2.17
Create a notification for this product.
    Siemens SIMATIC CP 443-1 OPC UA Affected: All versions
Create a notification for this product.
    Siemens SIMATIC DK-16xx PN IO Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC ET 200AL IM 157-1 PN Affected: 0 , < V1.0.2 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200M (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN BA Affected: 0 , < V4.0.1 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-3 PN HF Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-4 PN HF Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN BA Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN HS Affected: 0 , < V4.0.1 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 4AO U/I 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN: IO-Link Master Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200S (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants) Affected: All versions < V15.1
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 HR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 SR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 UR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) Affected: All versions < V4.0
Create a notification for this product.
    Siemens SIMATIC RF650R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC RF680R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC RF685R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC S7-1200 CPU family (incl. SIPLUS variants) Affected: All versions < V4.2.1
Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC S7-1500 Software Controller Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC S7-200 SMART Affected: All versions < V2.3
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) Affected: 0 , < V3.X.14 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) Affected: 0 , < V6.0.7 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) Affected: 0 , < V6.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) Affected: 0 , < V7.0.2 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-410 CPU family (incl. SIPLUS variants) Affected: All versions < V8.2
Create a notification for this product.
    Siemens SIMATIC TDC CP51M1 Affected: 0 , < V1.1.8 (custom)
Create a notification for this product.
    Siemens SIMATIC TDC CPU555 Affected: 0 , < V1.1.1 (custom)
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Advanced Affected: All versions
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Basic Affected: All versions
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Standard Affected: All versions
Create a notification for this product.
    Siemens SIMATIC WinAC RTX 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SIMATIC WinAC RTX F 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SIMOCODE pro V PROFINET (incl. SIPLUS variants) Affected: All versions < V2.0.0
Create a notification for this product.
    Siemens SIMOTION Affected: All versions < V4.5 HF1
Create a notification for this product.
    Siemens SINAMICS DCM w. PN Affected: All versions < V1.4 SP1 HF5
Create a notification for this product.
    Siemens SINAMICS DCP w. PN Affected: All versions < V1.2 HF1
Create a notification for this product.
    Siemens SINAMICS G110M w. PN Affected: All versions < V4.7 SP6 HF3
Create a notification for this product.
    Siemens SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants) Affected: All versions < V4.7 SP6 HF3
Create a notification for this product.
    Siemens SINAMICS G130 V4.7 w. PN Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS G130 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS G150 V4.7 w. PN Affected: V4.7: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS G150 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS S110 w. PN Affected: All versions < V4.4 SP3 HF5
Create a notification for this product.
    Siemens SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants) Affected: All versions < V4.7
Create a notification for this product.
    Siemens SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants) Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants) Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS S150 V4.7 w. PN Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS S150 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS V90 w. PN Affected: All versions < V1.01
Create a notification for this product.
    Siemens SINUMERIK 828D V4.5 and prior Affected: All versions < V4.5 SP6 HF2
Create a notification for this product.
    Siemens SINUMERIK 828D V4.7 Affected: All versions < V4.7 SP4 HF1
Create a notification for this product.
    Siemens SINUMERIK 840D sl V4.5 and prior Affected: All versions < V4.5 SP6 HF2
Create a notification for this product.
    Siemens SINUMERIK 840D sl V4.7 Affected: All versions < V4.7 SP4 HF1
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIRIUS ACT 3SU1 interface module PROFINET Affected: All versions < V1.1.0
Create a notification for this product.
    Siemens SIRIUS Motor Starter M200D PROFINET Affected: All versions
Create a notification for this product.
    Siemens SIRIUS Soft Starter 3RW44 PN Affected: All versions
Create a notification for this product.
    Siemens SITOP PSU8600 PROFINET Affected: All versions < V1.2.0
Create a notification for this product.
    Siemens SITOP UPS1600 PROFINET (incl. SIPLUS variants) Affected: All versions < V2.2.0
Create a notification for this product.
    Siemens Softnet PROFINET IO for PC-based Windows systems Affected: All versions < V14 SP1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2017-2681",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-23T20:22:19.045364Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-23T20:22:26.181Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.386Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1038463",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038463"
          },
          {
            "name": "98369",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98369"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.1 Patch04"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.2.1 Patch03"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4.0 Patch01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "IE/AS-i Link PN IO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "IE/PB-Link (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.03"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W-700 IEEE 802.11n family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-200 family (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-200IRT family (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.4.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X408 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X414",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM-400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR-500 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CM 1542-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CM 1542SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1604",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1616",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.17"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.17"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 OPC UA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC DK-16xx PN IO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200AL IM 157-1 PN",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.0.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200M (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-3 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-4 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN HS",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN: IO-Link Master",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200S (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 HR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 SR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 UR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF650R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF680R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF685R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-200 SMART",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.X.14",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.0.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V8.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC TDC CP51M1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC TDC CPU555",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Basic",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Standard",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX F 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS DCM w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.4 SP1 HF5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS DCP w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.2 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G110M w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP6 HF3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP6 HF3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "V4.7: All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S110 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4 SP3 HF5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS V90 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 828D V4.5 and prior",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 SP6 HF2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 828D V4.7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP4 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 840D sl V4.5 and prior",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 SP6 HF2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 840D sl V4.7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP4 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS ACT 3SU1 interface module PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS Motor Starter M200D PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS Soft Starter 3RW44 PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP PSU8600 PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP UPS1600 PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Softnet PROFINET IO for PC-based Windows systems",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:33:20.658Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "1038463",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038463"
        },
        {
          "name": "98369",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98369"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2017-2681",
    "datePublished": "2017-05-11T10:00:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-09-10T09:33:20.658Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-2680 (GCVE-0-2017-2680)

Vulnerability from cvelistv5 – Published: 2017-05-11 01:00 – Updated: 2024-09-10 09:33
VLAI?
Summary
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High)
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Siemens Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller Affected: All versions < V4.1.1 Patch04
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 Affected: All versions < V4.2.1 Patch03
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P Affected: All versions < V4.4.0 Patch01
Create a notification for this product.
    Siemens Extension Unit 12" PROFINET Affected: All versions < V01.01.01
Create a notification for this product.
    Siemens Extension Unit 15" PROFINET Affected: All versions < V01.01.01
Create a notification for this product.
    Siemens Extension Unit 19" PROFINET Affected: All versions < V01.01.01
Create a notification for this product.
    Siemens Extension Unit 22" PROFINET Affected: All versions < V01.01.01
Create a notification for this product.
    Siemens IE/AS-i Link PN IO Affected: All versions
Create a notification for this product.
    Siemens IE/PB-Link (incl. SIPLUS NET variants) Affected: All versions < V3.0
Create a notification for this product.
    Siemens SCALANCE M-800 family (incl. S615, MUM-800 and RM1224) Affected: All versions < V4.03
Create a notification for this product.
    Siemens SCALANCE W-700 IEEE 802.11n family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SCALANCE X-200 family (incl. SIPLUS NET variants) Affected: All versions < V5.2.2
Create a notification for this product.
    Siemens SCALANCE X-200IRT family (incl. SIPLUS NET variants) Affected: All versions < V5.4.0
Create a notification for this product.
    Siemens SCALANCE X-300 family (incl. X408 and SIPLUS NET variants) Affected: All versions < V4.1.0
Create a notification for this product.
    Siemens SCALANCE X408 family Affected: All versions < V4.1.0
Create a notification for this product.
    Siemens SCALANCE X414 Affected: All versions < V3.10.2
Create a notification for this product.
    Siemens SCALANCE XM-400 family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SCALANCE XR-500 family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SIMATIC CM 1542-1 Affected: All versions < V2.0
Create a notification for this product.
    Siemens SIMATIC CM 1542SP-1 Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 (incl. SIPLUS variants) Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 1243-7 LTE US Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1243-8 IRC Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1243-8 IRC Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants) Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1543-1 (incl. SIPLUS variants) Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC CP 1543SP-1 (incl. SIPLUS variants) Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1604 Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC CP 1616 Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC CP 1626 Affected: All versions < V1.1
Create a notification for this product.
    Siemens SIMATIC CP 343-1 (incl. SIPLUS variants) Affected: All versions < V3.1.3
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Lean (incl. SIPLUS variants) Affected: All versions < V3.1.3
Create a notification for this product.
    Siemens SIMATIC CP 443-1 (incl. SIPLUS variants) Affected: All versions < V3.2.17
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) Affected: All versions < V3.2.17
Create a notification for this product.
    Siemens SIMATIC CP 443-1 OPC UA Affected: All versions
Create a notification for this product.
    Siemens SIMATIC DK-16xx PN IO Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC ET 200AL IM 157-1 PN Affected: 0 , < V1.0.2 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200M (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN BA Affected: 0 , < V4.0.1 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-3 PN HF Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-4 PN HF Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN BA Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN HS Affected: 0 , < V4.0.1 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 4AO U/I 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN: IO-Link Master Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200S (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants) Affected: All versions < V15.1
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 HR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 SR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 UR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) Affected: All versions < V4.0
Create a notification for this product.
    Siemens SIMATIC RF650R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC RF680R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC RF685R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC S7-1200 CPU family (incl. SIPLUS variants) Affected: All versions < V4.2.1
Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC S7-1500 Software Controller Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC S7-200 SMART Affected: All versions < V2.3
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) Affected: 0 , < V3.X.14 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) Affected: 0 , < V6.0.7 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) Affected: 0 , < V6.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) Affected: 0 , < V7.0.2 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-410 CPU family (incl. SIPLUS variants) Affected: All versions < V8.2
Create a notification for this product.
    Siemens SIMATIC TDC CP51M1 Affected: 0 , < V1.1.8 (custom)
Create a notification for this product.
    Siemens SIMATIC TDC CPU555 Affected: 0 , < V1.1.1 (custom)
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Advanced Affected: All versions
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Basic Affected: All versions
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Standard Affected: All versions
Create a notification for this product.
    Siemens SIMATIC WinAC RTX 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SIMATIC WinAC RTX F 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SIMOCODE pro V PROFINET (incl. SIPLUS variants) Affected: All versions < V2.0.0
Create a notification for this product.
    Siemens SIMOTION Affected: All versions < V4.5 HF1
Create a notification for this product.
    Siemens SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants) Affected: All versions < V4.4 HF26
Create a notification for this product.
    Siemens SINAMICS DCM w. PN Affected: All versions < V1.4 SP1 HF5
Create a notification for this product.
    Siemens SINAMICS DCP w. PN Affected: All versions < V1.2 HF1
Create a notification for this product.
    Siemens SINAMICS G110M w. PN Affected: All versions < V4.7 SP6 HF3
Create a notification for this product.
    Siemens SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants) Affected: All versions < V4.7 SP6 HF3
Create a notification for this product.
    Siemens SINAMICS G130 V4.7 w. PN Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS G130 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS G150 V4.7 w. PN Affected: V4.7: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS G150 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS GH150 V4.7 w. PROFINET Affected: All versions < V4.7 SP5 HF7
Create a notification for this product.
    Siemens SINAMICS GL150 V4.7 w. PROFINET Affected: All versions < V4.8 SP2
Create a notification for this product.
    Siemens SINAMICS GM150 V4.7 w. PROFINET Affected: All versions < V4.7 HF31
Create a notification for this product.
    Siemens SINAMICS S110 w. PN Affected: All versions < V4.4 SP3 HF5
Create a notification for this product.
    Siemens SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants) Affected: All versions < V4.7
Create a notification for this product.
    Siemens SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants) Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants) Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS S150 V4.7 w. PN Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS S150 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS SL150 V4.7.0 w. PROFINET Affected: All versions < V4.7 HF30
Create a notification for this product.
    Siemens SINAMICS SL150 V4.7.4 w. PROFINET Affected: All versions < V4.8 SP2
Create a notification for this product.
    Siemens SINAMICS SL150 V4.7.5 w. PROFINET Affected: All versions < V4.8 SP2
Create a notification for this product.
    Siemens SINAMICS SM120 V4.7 w. PROFINET Affected: All versions < V4.8 SP2
Create a notification for this product.
    Siemens SINAMICS V90 w. PN Affected: All versions < V1.01
Create a notification for this product.
    Siemens SINUMERIK 828D V4.5 and prior Affected: All versions < V4.5 SP6 HF2
Create a notification for this product.
    Siemens SINUMERIK 828D V4.7 Affected: All versions < V4.7 SP4 HF1
Create a notification for this product.
    Siemens SINUMERIK 840D sl V4.5 and prior Affected: All versions < V4.5 SP6 HF2
Create a notification for this product.
    Siemens SINUMERIK 840D sl V4.7 Affected: All versions < V4.7 SP4 HF1
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIRIUS ACT 3SU1 interface module PROFINET Affected: All versions < V1.1.0
Create a notification for this product.
    Siemens SIRIUS Motor Starter M200D PROFINET Affected: All versions
Create a notification for this product.
    Siemens SIRIUS Soft Starter 3RW44 PN Affected: All versions
Create a notification for this product.
    Siemens SITOP PSU8600 PROFINET Affected: All versions < V1.2.0
Create a notification for this product.
    Siemens SITOP UPS1600 PROFINET (incl. SIPLUS variants) Affected: All versions < V2.2.0
Create a notification for this product.
    Siemens Softnet PROFINET IO for PC-based Windows systems Affected: All versions < V14 SP1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2017-2680",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-09T13:26:04.237652Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-09T13:26:15.327Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.270Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1038463",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038463"
          },
          {
            "name": "98369",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98369"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-284673.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.1 Patch04"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.2.1 Patch03"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4.0 Patch01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Extension Unit 12\" PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V01.01.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Extension Unit 15\" PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V01.01.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Extension Unit 19\" PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V01.01.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Extension Unit 22\" PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V01.01.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "IE/AS-i Link PN IO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "IE/PB-Link (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.03"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W-700 IEEE 802.11n family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-200 family (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-200IRT family (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.4.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X408 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X414",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM-400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR-500 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CM 1542-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CM 1542SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE US",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1604",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1616",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1626",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.17"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.17"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 OPC UA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC DK-16xx PN IO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200AL IM 157-1 PN",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.0.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200M (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-3 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-4 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN HS",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN: IO-Link Master",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200S (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 HR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 SR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 UR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF650R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF680R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF685R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-200 SMART",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.X.14",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.0.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V8.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC TDC CP51M1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC TDC CPU555",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Basic",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Standard",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX F 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4 HF26"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS DCM w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.4 SP1 HF5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS DCP w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.2 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G110M w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP6 HF3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP6 HF3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "V4.7: All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GH150 V4.7 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP5 HF7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GL150 V4.7 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GM150 V4.7 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF31"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S110 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4 SP3 HF5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SL150 V4.7.0 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF30"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SL150 V4.7.4 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SL150 V4.7.5 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SM120 V4.7 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS V90 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 828D V4.5 and prior",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 SP6 HF2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 828D V4.7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP4 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 840D sl V4.5 and prior",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 SP6 HF2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 840D sl V4.7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP4 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS ACT 3SU1 interface module PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS Motor Starter M200D PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS Soft Starter 3RW44 PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP PSU8600 PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP UPS1600 PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Softnet PROFINET IO for PC-based Windows systems",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:33:18.492Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "1038463",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038463"
        },
        {
          "name": "98369",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98369"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-284673.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2017-2680",
    "datePublished": "2017-05-11T01:00:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-09-10T09:33:18.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-25241 (GCVE-0-2020-25241)

Vulnerability from nvd – Published: 2021-03-15 17:03 – Updated: 2024-08-04 15:33
VLAI?
Summary
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions.
Severity ?
No CVSS data available.
CWE
  • CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC MV400 family Affected: All Versions < V7.0.6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:33:05.467Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC MV400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c  V7.0.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1285",
              "description": "CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-15T17:03:30",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-25241",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC MV400 family",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All Versions \u003c  V7.0.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-25241",
    "datePublished": "2021-03-15T17:03:30",
    "dateReserved": "2020-09-10T00:00:00",
    "dateUpdated": "2024-08-04T15:33:05.467Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10925 (GCVE-0-2019-10925)

Vulnerability from nvd – Published: 2019-06-12 13:47 – Updated: 2024-08-04 22:40
VLAI?
Summary
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
Severity ?
No CVSS data available.
CWE
  • CWE-284 - Improper Access Control
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC MV400 family Affected: All Versions < V7.0.6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.426Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "108725",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108725"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC MV400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c  V7.0.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-15T17:03:29",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "108725",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108725"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-10925",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC MV400 family",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All Versions \u003c  V7.0.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284: Improper Access Control"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "108725",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108725"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-10925",
    "datePublished": "2019-06-12T13:47:56",
    "dateReserved": "2019-04-08T00:00:00",
    "dateUpdated": "2024-08-04T22:40:15.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10926 (GCVE-0-2019-10926)

Vulnerability from nvd – Published: 2019-06-12 13:47 – Updated: 2024-08-04 22:40
VLAI?
Summary
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted.
Severity ?
No CVSS data available.
CWE
  • CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC MV400 family Affected: All Versions < V7.0.6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "108725",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108725"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC MV400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c  V7.0.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-319",
              "description": "CWE-319: Cleartext Transmission of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-15T17:03:29",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "108725",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108725"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-10926",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC MV400 family",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All Versions \u003c  V7.0.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-319: Cleartext Transmission of Sensitive Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "108725",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108725"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-10926",
    "datePublished": "2019-06-12T13:47:56",
    "dateReserved": "2019-04-08T00:00:00",
    "dateUpdated": "2024-08-04T22:40:15.135Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-2681 (GCVE-0-2017-2681)

Vulnerability from nvd – Published: 2017-05-11 10:00 – Updated: 2024-09-10 09:33
VLAI?
Summary
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High)
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Siemens Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller Affected: All versions < V4.1.1 Patch04
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 Affected: All versions < V4.2.1 Patch03
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P Affected: All versions < V4.4.0 Patch01
Create a notification for this product.
    Siemens IE/AS-i Link PN IO Affected: All versions
Create a notification for this product.
    Siemens IE/PB-Link (incl. SIPLUS NET variants) Affected: All versions < V3.0
Create a notification for this product.
    Siemens SCALANCE M-800 family (incl. S615, MUM-800 and RM1224) Affected: All versions < V4.03
Create a notification for this product.
    Siemens SCALANCE W-700 IEEE 802.11n family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SCALANCE X-200 family (incl. SIPLUS NET variants) Affected: All versions < V5.2.2
Create a notification for this product.
    Siemens SCALANCE X-200IRT family (incl. SIPLUS NET variants) Affected: All versions < V5.4.0
Create a notification for this product.
    Siemens SCALANCE X-300 family (incl. X408 and SIPLUS NET variants) Affected: All versions < V4.1.0
Create a notification for this product.
    Siemens SCALANCE X408 family Affected: All versions < V4.1.0
Create a notification for this product.
    Siemens SCALANCE X414 Affected: All versions < V3.10.2
Create a notification for this product.
    Siemens SCALANCE XM-400 family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SCALANCE XR-500 family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SIMATIC CM 1542-1 Affected: All versions < V2.0
Create a notification for this product.
    Siemens SIMATIC CM 1542SP-1 Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 (incl. SIPLUS variants) Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 1243-8 IRC Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants) Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1543-1 (incl. SIPLUS variants) Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC CP 1543SP-1 (incl. SIPLUS variants) Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1604 Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC CP 1616 Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC CP 343-1 (incl. SIPLUS variants) Affected: All versions < V3.1.3
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Lean (incl. SIPLUS variants) Affected: All versions < V3.1.3
Create a notification for this product.
    Siemens SIMATIC CP 443-1 (incl. SIPLUS variants) Affected: All versions < V3.2.17
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) Affected: All versions < V3.2.17
Create a notification for this product.
    Siemens SIMATIC CP 443-1 OPC UA Affected: All versions
Create a notification for this product.
    Siemens SIMATIC DK-16xx PN IO Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC ET 200AL IM 157-1 PN Affected: 0 , < V1.0.2 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200M (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN BA Affected: 0 , < V4.0.1 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-3 PN HF Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-4 PN HF Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN BA Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN HS Affected: 0 , < V4.0.1 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 4AO U/I 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN: IO-Link Master Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200S (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants) Affected: All versions < V15.1
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 HR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 SR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 UR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) Affected: All versions < V4.0
Create a notification for this product.
    Siemens SIMATIC RF650R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC RF680R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC RF685R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC S7-1200 CPU family (incl. SIPLUS variants) Affected: All versions < V4.2.1
Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC S7-1500 Software Controller Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC S7-200 SMART Affected: All versions < V2.3
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) Affected: 0 , < V3.X.14 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) Affected: 0 , < V6.0.7 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) Affected: 0 , < V6.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) Affected: 0 , < V7.0.2 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-410 CPU family (incl. SIPLUS variants) Affected: All versions < V8.2
Create a notification for this product.
    Siemens SIMATIC TDC CP51M1 Affected: 0 , < V1.1.8 (custom)
Create a notification for this product.
    Siemens SIMATIC TDC CPU555 Affected: 0 , < V1.1.1 (custom)
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Advanced Affected: All versions
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Basic Affected: All versions
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Standard Affected: All versions
Create a notification for this product.
    Siemens SIMATIC WinAC RTX 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SIMATIC WinAC RTX F 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SIMOCODE pro V PROFINET (incl. SIPLUS variants) Affected: All versions < V2.0.0
Create a notification for this product.
    Siemens SIMOTION Affected: All versions < V4.5 HF1
Create a notification for this product.
    Siemens SINAMICS DCM w. PN Affected: All versions < V1.4 SP1 HF5
Create a notification for this product.
    Siemens SINAMICS DCP w. PN Affected: All versions < V1.2 HF1
Create a notification for this product.
    Siemens SINAMICS G110M w. PN Affected: All versions < V4.7 SP6 HF3
Create a notification for this product.
    Siemens SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants) Affected: All versions < V4.7 SP6 HF3
Create a notification for this product.
    Siemens SINAMICS G130 V4.7 w. PN Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS G130 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS G150 V4.7 w. PN Affected: V4.7: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS G150 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS S110 w. PN Affected: All versions < V4.4 SP3 HF5
Create a notification for this product.
    Siemens SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants) Affected: All versions < V4.7
Create a notification for this product.
    Siemens SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants) Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants) Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS S150 V4.7 w. PN Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS S150 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS V90 w. PN Affected: All versions < V1.01
Create a notification for this product.
    Siemens SINUMERIK 828D V4.5 and prior Affected: All versions < V4.5 SP6 HF2
Create a notification for this product.
    Siemens SINUMERIK 828D V4.7 Affected: All versions < V4.7 SP4 HF1
Create a notification for this product.
    Siemens SINUMERIK 840D sl V4.5 and prior Affected: All versions < V4.5 SP6 HF2
Create a notification for this product.
    Siemens SINUMERIK 840D sl V4.7 Affected: All versions < V4.7 SP4 HF1
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIRIUS ACT 3SU1 interface module PROFINET Affected: All versions < V1.1.0
Create a notification for this product.
    Siemens SIRIUS Motor Starter M200D PROFINET Affected: All versions
Create a notification for this product.
    Siemens SIRIUS Soft Starter 3RW44 PN Affected: All versions
Create a notification for this product.
    Siemens SITOP PSU8600 PROFINET Affected: All versions < V1.2.0
Create a notification for this product.
    Siemens SITOP UPS1600 PROFINET (incl. SIPLUS variants) Affected: All versions < V2.2.0
Create a notification for this product.
    Siemens Softnet PROFINET IO for PC-based Windows systems Affected: All versions < V14 SP1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2017-2681",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-23T20:22:19.045364Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-23T20:22:26.181Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.386Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1038463",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038463"
          },
          {
            "name": "98369",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98369"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.1 Patch04"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.2.1 Patch03"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4.0 Patch01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "IE/AS-i Link PN IO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "IE/PB-Link (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.03"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W-700 IEEE 802.11n family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-200 family (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-200IRT family (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.4.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X408 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X414",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM-400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR-500 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CM 1542-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CM 1542SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1604",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1616",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.17"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.17"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 OPC UA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC DK-16xx PN IO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200AL IM 157-1 PN",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.0.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200M (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-3 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-4 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN HS",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN: IO-Link Master",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200S (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 HR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 SR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 UR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF650R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF680R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF685R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-200 SMART",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.X.14",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.0.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V8.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC TDC CP51M1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC TDC CPU555",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Basic",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Standard",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX F 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS DCM w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.4 SP1 HF5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS DCP w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.2 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G110M w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP6 HF3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP6 HF3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "V4.7: All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S110 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4 SP3 HF5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS V90 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 828D V4.5 and prior",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 SP6 HF2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 828D V4.7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP4 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 840D sl V4.5 and prior",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 SP6 HF2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 840D sl V4.7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP4 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS ACT 3SU1 interface module PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS Motor Starter M200D PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS Soft Starter 3RW44 PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP PSU8600 PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP UPS1600 PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Softnet PROFINET IO for PC-based Windows systems",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:33:20.658Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "1038463",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038463"
        },
        {
          "name": "98369",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98369"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2017-2681",
    "datePublished": "2017-05-11T10:00:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-09-10T09:33:20.658Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-2680 (GCVE-0-2017-2680)

Vulnerability from nvd – Published: 2017-05-11 01:00 – Updated: 2024-09-10 09:33
VLAI?
Summary
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High)
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Siemens Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller Affected: All versions < V4.1.1 Patch04
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 Affected: All versions < V4.2.1 Patch03
Create a notification for this product.
    Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P Affected: All versions < V4.4.0 Patch01
Create a notification for this product.
    Siemens Extension Unit 12" PROFINET Affected: All versions < V01.01.01
Create a notification for this product.
    Siemens Extension Unit 15" PROFINET Affected: All versions < V01.01.01
Create a notification for this product.
    Siemens Extension Unit 19" PROFINET Affected: All versions < V01.01.01
Create a notification for this product.
    Siemens Extension Unit 22" PROFINET Affected: All versions < V01.01.01
Create a notification for this product.
    Siemens IE/AS-i Link PN IO Affected: All versions
Create a notification for this product.
    Siemens IE/PB-Link (incl. SIPLUS NET variants) Affected: All versions < V3.0
Create a notification for this product.
    Siemens SCALANCE M-800 family (incl. S615, MUM-800 and RM1224) Affected: All versions < V4.03
Create a notification for this product.
    Siemens SCALANCE W-700 IEEE 802.11n family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SCALANCE X-200 family (incl. SIPLUS NET variants) Affected: All versions < V5.2.2
Create a notification for this product.
    Siemens SCALANCE X-200IRT family (incl. SIPLUS NET variants) Affected: All versions < V5.4.0
Create a notification for this product.
    Siemens SCALANCE X-300 family (incl. X408 and SIPLUS NET variants) Affected: All versions < V4.1.0
Create a notification for this product.
    Siemens SCALANCE X408 family Affected: All versions < V4.1.0
Create a notification for this product.
    Siemens SCALANCE X414 Affected: All versions < V3.10.2
Create a notification for this product.
    Siemens SCALANCE XM-400 family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SCALANCE XR-500 family Affected: All versions < V6.1
Create a notification for this product.
    Siemens SIMATIC CM 1542-1 Affected: All versions < V2.0
Create a notification for this product.
    Siemens SIMATIC CM 1542SP-1 Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 (incl. SIPLUS variants) Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 1243-7 LTE US Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1243-8 IRC Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1243-8 IRC Affected: All versions < V2.1.82
Create a notification for this product.
    Siemens SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants) Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1543-1 (incl. SIPLUS variants) Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC CP 1543SP-1 (incl. SIPLUS variants) Affected: All versions < V1.0.15
Create a notification for this product.
    Siemens SIMATIC CP 1604 Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC CP 1616 Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC CP 1626 Affected: All versions < V1.1
Create a notification for this product.
    Siemens SIMATIC CP 343-1 (incl. SIPLUS variants) Affected: All versions < V3.1.3
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC CP 343-1 Lean (incl. SIPLUS variants) Affected: All versions < V3.1.3
Create a notification for this product.
    Siemens SIMATIC CP 443-1 (incl. SIPLUS variants) Affected: All versions < V3.2.17
Create a notification for this product.
    Siemens SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) Affected: All versions < V3.2.17
Create a notification for this product.
    Siemens SIMATIC CP 443-1 OPC UA Affected: All versions
Create a notification for this product.
    Siemens SIMATIC DK-16xx PN IO Affected: All versions < V2.7
Create a notification for this product.
    Siemens SIMATIC ET 200AL IM 157-1 PN Affected: 0 , < V1.0.2 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200M (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN BA Affected: 0 , < V4.0.1 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-3 PN HF Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200pro IM 154-4 PN HF Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN BA Affected: 0 , < * (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN HS Affected: 0 , < V4.0.1 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 4AO U/I 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200ecoPN: IO-Link Master Affected: All versions
Create a notification for this product.
    Siemens SIMATIC ET200S (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants) Affected: All versions < V15.1
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-B Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV420 SR-P Body Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 HR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 SR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC MV440 UR Affected: 0 , < V7.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) Affected: All versions < V4.0
Create a notification for this product.
    Siemens SIMATIC RF650R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC RF680R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC RF685R Affected: All versions < V3.0
Create a notification for this product.
    Siemens SIMATIC S7-1200 CPU family (incl. SIPLUS variants) Affected: All versions < V4.2.1
Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC S7-1500 Software Controller Affected: All versions < V2.1
Create a notification for this product.
    Siemens SIMATIC S7-200 SMART Affected: All versions < V2.3
Create a notification for this product.
    Siemens SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) Affected: 0 , < V3.X.14 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) Affected: 0 , < V6.0.7 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) Affected: 0 , < V6.0.6 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) Affected: 0 , < V7.0.2 (custom)
Create a notification for this product.
    Siemens SIMATIC S7-410 CPU family (incl. SIPLUS variants) Affected: All versions < V8.2
Create a notification for this product.
    Siemens SIMATIC TDC CP51M1 Affected: 0 , < V1.1.8 (custom)
Create a notification for this product.
    Siemens SIMATIC TDC CPU555 Affected: 0 , < V1.1.1 (custom)
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Advanced Affected: All versions
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Basic Affected: All versions
Create a notification for this product.
    Siemens SIMATIC Teleservice Adapter IE Standard Affected: All versions
Create a notification for this product.
    Siemens SIMATIC WinAC RTX 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SIMATIC WinAC RTX F 2010 Affected: All versions < V2010 SP3
Create a notification for this product.
    Siemens SIMOCODE pro V PROFINET (incl. SIPLUS variants) Affected: All versions < V2.0.0
Create a notification for this product.
    Siemens SIMOTION Affected: All versions < V4.5 HF1
Create a notification for this product.
    Siemens SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants) Affected: All versions < V4.4 HF26
Create a notification for this product.
    Siemens SINAMICS DCM w. PN Affected: All versions < V1.4 SP1 HF5
Create a notification for this product.
    Siemens SINAMICS DCP w. PN Affected: All versions < V1.2 HF1
Create a notification for this product.
    Siemens SINAMICS G110M w. PN Affected: All versions < V4.7 SP6 HF3
Create a notification for this product.
    Siemens SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants) Affected: All versions < V4.7 SP6 HF3
Create a notification for this product.
    Siemens SINAMICS G130 V4.7 w. PN Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS G130 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS G150 V4.7 w. PN Affected: V4.7: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS G150 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS GH150 V4.7 w. PROFINET Affected: All versions < V4.7 SP5 HF7
Create a notification for this product.
    Siemens SINAMICS GL150 V4.7 w. PROFINET Affected: All versions < V4.8 SP2
Create a notification for this product.
    Siemens SINAMICS GM150 V4.7 w. PROFINET Affected: All versions < V4.7 HF31
Create a notification for this product.
    Siemens SINAMICS S110 w. PN Affected: All versions < V4.4 SP3 HF5
Create a notification for this product.
    Siemens SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants) Affected: All versions < V4.7
Create a notification for this product.
    Siemens SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants) Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants) Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS S150 V4.7 w. PN Affected: All versions < V4.7 HF27
Create a notification for this product.
    Siemens SINAMICS S150 V4.8 w. PN Affected: All versions < V4.8 HF4
Create a notification for this product.
    Siemens SINAMICS SL150 V4.7.0 w. PROFINET Affected: All versions < V4.7 HF30
Create a notification for this product.
    Siemens SINAMICS SL150 V4.7.4 w. PROFINET Affected: All versions < V4.8 SP2
Create a notification for this product.
    Siemens SINAMICS SL150 V4.7.5 w. PROFINET Affected: All versions < V4.8 SP2
Create a notification for this product.
    Siemens SINAMICS SM120 V4.7 w. PROFINET Affected: All versions < V4.8 SP2
Create a notification for this product.
    Siemens SINAMICS V90 w. PN Affected: All versions < V1.01
Create a notification for this product.
    Siemens SINUMERIK 828D V4.5 and prior Affected: All versions < V4.5 SP6 HF2
Create a notification for this product.
    Siemens SINUMERIK 828D V4.7 Affected: All versions < V4.7 SP4 HF1
Create a notification for this product.
    Siemens SINUMERIK 840D sl V4.5 and prior Affected: All versions < V4.5 SP6 HF2
Create a notification for this product.
    Siemens SINUMERIK 840D sl V4.7 Affected: All versions < V4.7 SP4 HF1
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200MP IM 155-5 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL Affected: 0 , < V4.2.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIPLUS ET 200SP IM 155-6 PN ST TX RAIL Affected: 0 , < V4.1.0 (custom)
Create a notification for this product.
    Siemens SIRIUS ACT 3SU1 interface module PROFINET Affected: All versions < V1.1.0
Create a notification for this product.
    Siemens SIRIUS Motor Starter M200D PROFINET Affected: All versions
Create a notification for this product.
    Siemens SIRIUS Soft Starter 3RW44 PN Affected: All versions
Create a notification for this product.
    Siemens SITOP PSU8600 PROFINET Affected: All versions < V1.2.0
Create a notification for this product.
    Siemens SITOP UPS1600 PROFINET (incl. SIPLUS variants) Affected: All versions < V2.2.0
Create a notification for this product.
    Siemens Softnet PROFINET IO for PC-based Windows systems Affected: All versions < V14 SP1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2017-2680",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-09T13:26:04.237652Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-09T13:26:15.327Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.270Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1038463",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038463"
          },
          {
            "name": "98369",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98369"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-284673.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.1 Patch04"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.2.1 Patch03"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4.0 Patch01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Extension Unit 12\" PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V01.01.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Extension Unit 15\" PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V01.01.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Extension Unit 19\" PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V01.01.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Extension Unit 22\" PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V01.01.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "IE/AS-i Link PN IO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "IE/PB-Link (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.03"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W-700 IEEE 802.11n family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-200 family (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-200IRT family (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.4.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X408 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X414",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM-400 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR-500 family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CM 1542-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CM 1542SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE US",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.82"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.15"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1604",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1616",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1626",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.17"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.17"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 OPC UA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC DK-16xx PN IO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200AL IM 157-1 PN",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.0.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200M (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-3 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM 154-4 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN HS",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 4AO U/I 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200ecoPN: IO-Link Master",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET200S (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-B Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV420 SR-P Body",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 HR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 SR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC MV440 UR",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF650R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF680R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF685R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-200 SMART",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.X.14",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.0.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.0.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V8.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC TDC CP51M1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC TDC CPU555",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Basic",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Standard",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX F 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4 HF26"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS DCM w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.4 SP1 HF5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS DCP w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.2 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G110M w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP6 HF3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP6 HF3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "V4.7: All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GH150 V4.7 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP5 HF7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GL150 V4.7 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GM150 V4.7 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF31"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S110 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4 SP3 HF5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.7 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF27"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.8 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SL150 V4.7.0 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF30"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SL150 V4.7.4 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SL150 V4.7.5 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SM120 V4.7 w. PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS V90 w. PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.01"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 828D V4.5 and prior",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 SP6 HF2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 828D V4.7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP4 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 840D sl V4.5 and prior",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5 SP6 HF2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK 840D sl V4.7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 SP4 HF1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS ACT 3SU1 interface module PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS Motor Starter M200D PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIRIUS Soft Starter 3RW44 PN",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP PSU8600 PROFINET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP UPS1600 PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Softnet PROFINET IO for PC-based Windows systems",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:33:18.492Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "1038463",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038463"
        },
        {
          "name": "98369",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98369"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-284673.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2017-2680",
    "datePublished": "2017-05-11T01:00:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-09-10T09:33:18.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}