Vulnerabilites related to Siemens - SIMATIC MV420 SR-P Body
var-202103-0198
Vulnerability from variot
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions. SIMATIC MV400 The family contains a vulnerability in array index validation.Denial of service (DoS) It may be put into a state. Siemens SIMATIC MV400 is an industrial equipment of Germany's Siemens (Siemens) company. Used for optical identification.
An unspecified vulnerability exists in the Siemens SIMATIC MV400 series TCP protocol stack
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0198", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "simatic mv440 ur", scope: "lt", trust: 1, vendor: "siemens", version: "7.0.6", }, { model: "simatic mv440 sr", scope: "lt", trust: 1, vendor: "siemens", version: "7.0.6", }, { model: "simatic mv420 sr-p", scope: "lt", trust: 1, vendor: "siemens", version: "7.0.6", }, { model: "simatic mv440 hr", scope: "lt", trust: 1, vendor: "siemens", version: "7.0.6", }, { model: "simatic mv420 sr-b body", scope: "lt", trust: 1, vendor: "siemens", version: "7.0.6", }, { model: "simatic mv420 sr-b", scope: "lt", trust: 1, vendor: "siemens", version: "7.0.6", }, { model: "simatic mv420 sr-p body", scope: "lt", trust: 1, vendor: "siemens", version: "7.0.6", }, { model: "simatic mv420 sr-b body", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv440 ur", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv440 sr", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv440 hr", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv420 sr-p body", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv420 sr-p", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv420 sr-b", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "simatic mv400 family", scope: "lt", trust: 0.6, vendor: "siemens", version: "7.0.6", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16443", }, { db: "JVNDB", id: "JVNDB-2020-016315", }, { db: "NVD", id: "CVE-2020-25241", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv440_sr_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.0.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv440_sr:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv440_hr_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.0.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv440_hr:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv440_ur_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.0.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv440_ur:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv420_sr-b_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.0.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv420_sr-b:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv420_sr-p_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.0.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv420_sr-p:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv420_sr-b_body_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.0.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv420_sr-b_body:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_mv420_sr-p_body_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.0.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_mv420_sr-p_body:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-25241", }, ], }, cve: "CVE-2020-25241", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2020-25241", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2021-16443", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2020-25241", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-25241", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2021-16443", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202103-685", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16443", }, { db: "JVNDB", id: "JVNDB-2020-016315", }, { db: "NVD", id: "CVE-2020-25241", }, { db: "CNNVD", id: "CNNVD-202103-685", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions. SIMATIC MV400 The family contains a vulnerability in array index validation.Denial of service (DoS) It may be put into a state. Siemens SIMATIC MV400 is an industrial equipment of Germany's Siemens (Siemens) company. Used for optical identification. \n\r\n\r\nAn unspecified vulnerability exists in the Siemens SIMATIC MV400 series TCP protocol stack", sources: [ { db: "NVD", id: "CVE-2020-25241", }, { db: "JVNDB", id: "JVNDB-2020-016315", }, { db: "CNVD", id: "CNVD-2021-16443", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-25241", trust: 3, }, { db: "SIEMENS", id: "SSA-599268", trust: 2.2, }, { db: "JVN", id: "JVNVU93441670", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-016315", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-16443", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0852", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-068-07", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202103-685", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16443", }, { db: "JVNDB", id: "JVNDB-2020-016315", }, { db: "NVD", id: "CVE-2020-25241", }, { db: "CNNVD", id: "CNNVD-202103-685", }, ], }, id: "VAR-202103-0198", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-16443", }, ], trust: 1.6, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16443", }, ], }, last_update_date: "2023-12-18T11:42:55.712000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "SSA-599268", trust: 0.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf", }, { title: "Siemens SIMATIC MV400 Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=144277", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-016315", }, { db: "CNNVD", id: "CNNVD-202103-685", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-129", trust: 1, }, { problemtype: "Improper validation of array indexes (CWE-129) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-016315", }, { db: "NVD", id: "CVE-2020-25241", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25241", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu93441670/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/siemens-simatic-mv400-two-vulnerabilities-via-tcp-stack-34783", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0852", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-07", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16443", }, { db: "JVNDB", id: "JVNDB-2020-016315", }, { db: "NVD", id: "CVE-2020-25241", }, { db: "CNNVD", id: "CNNVD-202103-685", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-16443", }, { db: "JVNDB", id: "JVNDB-2020-016315", }, { db: "NVD", id: "CVE-2020-25241", }, { db: "CNNVD", id: "CNNVD-202103-685", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-03-11T00:00:00", db: "CNVD", id: "CNVD-2021-16443", }, { date: "2021-11-22T00:00:00", db: "JVNDB", id: "JVNDB-2020-016315", }, { date: "2021-03-15T17:15:20.097000", db: "NVD", id: "CVE-2020-25241", }, { date: "2021-03-09T00:00:00", db: "CNNVD", id: "CNNVD-202103-685", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-03-23T00:00:00", db: "CNVD", id: "CNVD-2021-16443", }, { date: "2021-11-22T09:06:00", db: "JVNDB", id: "JVNDB-2020-016315", }, { date: "2021-03-18T20:04:09.937000", db: "NVD", id: "CVE-2020-25241", }, { date: "2021-03-19T00:00:00", db: "CNNVD", id: "CNNVD-202103-685", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202103-685", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "SIMATIC MV400 Array index validation vulnerability in family", sources: [ { db: "JVNDB", id: "JVNDB-2020-016315", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202103-685", }, ], trust: 0.6, }, }
cve-2019-13946
Vulnerability from cvelistv5
Published
2020-02-11 15:36
Modified
2024-08-05 00:05
Severity ?
EPSS score ?
Summary
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit
internal resource allocation when multiple legitimate diagnostic package
requests are sent to the DCE-RPC interface.
This could lead to a denial of service condition due to lack of memory
for devices that include a vulnerable version of the stack.
The security vulnerability could be exploited by an attacker with network
access to an affected device. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise the availability of the device.
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2019-13946", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-09T18:06:01.358486Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-09T18:06:09.778Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T00:05:44.023Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-780073.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V4.6", }, ], }, { defaultStatus: "unknown", product: "PROFINET Driver for Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V2.1", }, ], }, { defaultStatus: "unknown", product: "RUGGEDCOM RM1224 family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M804PB", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M812-1 ADSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M816-1 ADSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M826-2 SHDSL-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M874-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-3 (ROK)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (EU)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M876-4 (NAM)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE S615 LAN-Router", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W-700 IEEE 802.11n family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions <= V6.0.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X200-4P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X201-3P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X202-2P IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2FM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2LD TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204-2TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X204IRT PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X206-1LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X208PRO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X212-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X216", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X224", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X302-7 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X304-2FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X306-1LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 230V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V, coated)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-2 EEC (2x 24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X307-3LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LD", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2LH+", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M PoE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X308-2M TS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X310FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1 FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X320-1-2LD FE", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X408-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XB-200 family", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XC-200", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF-200BA", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF201-3P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF202-2P IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204-2BA IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF204IRT", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.3", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF206-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XF208", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.5", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM-400 family", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V6.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XP-200", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR-300WG family", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR-500 family", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V6.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-12M TS (24V)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M EEC (2x 24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (230V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE (24V, ports on rear)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR324-4M PoE TS (24V, ports on front)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1616 and CP 1604", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V2.8", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 ERPC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 Lean", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 Advanced", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 OPC UA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200AL IM 157-1 PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200M IM 153-4 PN IO HF (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200M IM 153-4 PN IO ST (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200MP IM 155-5 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM 154-3 PN HF", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM 154-4 PN HF", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN BA", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN ST BA", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 4AO U/I 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN: IO-Link Master", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200S (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC IPC Support, Package for VxWorks", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-B", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-B Body", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-P", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-P Body", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 HR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 SR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 UR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF180C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF182C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF600R family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3", }, ], }, { defaultStatus: "unknown", product: "SIMOTION C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "SIMOTION D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "SIMOTION P", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5", }, ], }, { defaultStatus: "unknown", product: "SINAMICS DCP", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V1.3", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST BA", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 343-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 343-1 Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 343-1 Lean", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1 Advanced", vendor: "Siemens", versions: [ { lessThan: "V3.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET SCALANCE X308-2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.4", }, ], }, { defaultStatus: "unknown", product: "SOFTNET-IE PNIO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, ], descriptions: [ { lang: "en", value: "Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit\ninternal resource allocation when multiple legitimate diagnostic package\nrequests are sent to the DCE-RPC interface.\nThis could lead to a denial of service condition due to lack of memory\nfor devices that include a vulnerable version of the stack.\n\nThe security vulnerability could be exploited by an attacker with network\naccess to an affected device. Successful exploitation requires no system\nprivileges and no user interaction. An attacker could use the vulnerability\nto compromise the availability of the device.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-09T12:03:58.088Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-780073.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-13946", datePublished: "2020-02-11T15:36:10", dateReserved: "2019-07-18T00:00:00", dateUpdated: "2024-08-05T00:05:44.023Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-2680
Vulnerability from cvelistv5
Published
2017-05-11 01:00
Modified
2024-09-10 09:33
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038463 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/98369 | vdb-entry, x_refsource_BID | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf | x_refsource_CONFIRM | |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02 | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf | x_refsource_CONFIRM | |
| https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/html/ssa-293562.html | ||
| https://cert-portal.siemens.com/productcert/html/ssa-284673.html | ||
| https://cert-portal.siemens.com/productcert/html/ssa-546832.html |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller |
Version: All versions < V4.1.1 Patch04 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2017-2680", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-09T13:26:04.237652Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-09T13:26:15.327Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T14:02:07.270Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1038463", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038463", }, { name: "98369", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/98369", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-293562.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-284673.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-546832.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.1 Patch04", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.2.1 Patch03", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4.0 Patch01", }, ], }, { defaultStatus: "unknown", product: "Extension Unit 12\" PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V01.01.01", }, ], }, { defaultStatus: "unknown", product: "Extension Unit 15\" PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V01.01.01", }, ], }, { defaultStatus: "unknown", product: "Extension Unit 19\" PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V01.01.01", }, ], }, { defaultStatus: "unknown", product: "Extension Unit 22\" PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V01.01.01", }, ], }, { defaultStatus: "unknown", product: "IE/AS-i Link PN IO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "IE/PB-Link (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.03", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W-700 IEEE 802.11n family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X-200 family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X-200IRT family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X408 family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X414", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.10.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM-400 family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR-500 family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CM 1542-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CM 1542SP-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0.15", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.82", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.82", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-7 LTE US", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.82", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-8 IRC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.82", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-8 IRC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.82", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0.15", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1543-1 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1543SP-1 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0.15", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1604", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1616", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1626", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.1.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.1.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.17", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.17", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 OPC UA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC DK-16xx PN IO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200AL IM 157-1 PN", vendor: "Siemens", versions: [ { lessThan: "V1.0.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200M (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200MP IM 155-5 PN BA", vendor: "Siemens", versions: [ { lessThan: "V4.0.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200MP IM 155-5 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM 154-3 PN HF", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM 154-4 PN HF", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN BA", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN HS", vendor: "Siemens", versions: [ { lessThan: "V4.0.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN ST BA", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 4AO U/I 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN: IO-Link Master", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200S (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-B", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-B Body", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-P", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-P Body", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 HR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 SR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 UR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF650R", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF680R", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF685R", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.2.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 Software Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-200 SMART", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V3.X.14", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V6.0.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V6.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V7.0.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-410 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.2", }, ], }, { defaultStatus: "unknown", product: "SIMATIC TDC CP51M1", vendor: "Siemens", versions: [ { lessThan: "V1.1.8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC TDC CPU555", vendor: "Siemens", versions: [ { lessThan: "V1.1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Teleservice Adapter IE Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Teleservice Adapter IE Basic", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Teleservice Adapter IE Standard", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinAC RTX 2010", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2010 SP3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinAC RTX F 2010", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2010 SP3", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0.0", }, ], }, { defaultStatus: "unknown", product: "SIMOTION", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5 HF1", }, ], }, { defaultStatus: "unknown", product: "SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4 HF26", }, ], }, { defaultStatus: "unknown", product: "SINAMICS DCM w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.4 SP1 HF5", }, ], }, { defaultStatus: "unknown", product: "SINAMICS DCP w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.2 HF1", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G110M w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 SP6 HF3", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 SP6 HF3", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G130 V4.7 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 HF27", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G130 V4.8 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G150 V4.7 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "V4.7: All versions < V4.7 HF27", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G150 V4.8 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS GH150 V4.7 w. PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 SP5 HF7", }, ], }, { defaultStatus: "unknown", product: "SINAMICS GL150 V4.7 w. PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 SP2", }, ], }, { defaultStatus: "unknown", product: "SINAMICS GM150 V4.7 w. PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 HF31", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S110 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4 SP3 HF5", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 HF27", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S150 V4.7 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 HF27", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S150 V4.8 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS SL150 V4.7.0 w. PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 HF30", }, ], }, { defaultStatus: "unknown", product: "SINAMICS SL150 V4.7.4 w. PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 SP2", }, ], }, { defaultStatus: "unknown", product: "SINAMICS SL150 V4.7.5 w. PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 SP2", }, ], }, { defaultStatus: "unknown", product: "SINAMICS SM120 V4.7 w. PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 SP2", }, ], }, { defaultStatus: "unknown", product: "SINAMICS V90 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.01", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK 828D V4.5 and prior", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5 SP6 HF2", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK 828D V4.7", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 SP4 HF1", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK 840D sl V4.5 and prior", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5 SP6 HF2", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK 840D sl V4.7", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 SP4 HF1", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST BA", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIRIUS ACT 3SU1 interface module PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1.0", }, ], }, { defaultStatus: "unknown", product: "SIRIUS Motor Starter M200D PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIRIUS Soft Starter 3RW44 PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SITOP PSU8600 PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.2.0", }, ], }, { defaultStatus: "unknown", product: "SITOP UPS1600 PROFINET (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.2.0", }, ], }, { defaultStatus: "unknown", product: "Softnet PROFINET IO for PC-based Windows systems", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1", }, ], }, ], descriptions: [ { lang: "en", value: "Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:33:18.492Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { name: "1038463", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038463", }, { name: "98369", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/98369", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-293562.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-284673.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-546832.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2017-2680", datePublished: "2017-05-11T01:00:00", dateReserved: "2016-12-01T00:00:00", dateUpdated: "2024-09-10T09:33:18.492Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-2681
Vulnerability from cvelistv5
Published
2017-05-11 10:00
Modified
2024-09-10 09:33
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038463 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/98369 | vdb-entry, x_refsource_BID | |
| https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/html/ssa-293562.html |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller |
Version: All versions < V4.1.1 Patch04 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2017-2681", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-23T20:22:19.045364Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-23T20:22:26.181Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T14:02:07.386Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1038463", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038463", }, { name: "98369", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/98369", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-293562.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.1 Patch04", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.2.1 Patch03", }, ], }, { defaultStatus: "unknown", product: "Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4.0 Patch01", }, ], }, { defaultStatus: "unknown", product: "IE/AS-i Link PN IO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "IE/PB-Link (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.03", }, ], }, { defaultStatus: "unknown", product: "SCALANCE W-700 IEEE 802.11n family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X-200 family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X-200IRT family (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X408 family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.0", }, ], }, { defaultStatus: "unknown", product: "SCALANCE X414", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.10.2", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XM-400 family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.1", }, ], }, { defaultStatus: "unknown", product: "SCALANCE XR-500 family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V6.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CM 1542-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CM 1542SP-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0.15", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.82", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1243-8 IRC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.82", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0.15", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1543-1 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1543SP-1 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0.15", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1604", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1616", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.1.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 Lean (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.1.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.17", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.17", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 OPC UA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC DK-16xx PN IO", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200AL IM 157-1 PN", vendor: "Siemens", versions: [ { lessThan: "V1.0.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200M (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200MP IM 155-5 PN BA", vendor: "Siemens", versions: [ { lessThan: "V4.0.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200MP IM 155-5 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM 154-3 PN HF", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM 154-4 PN HF", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN BA", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN HS", vendor: "Siemens", versions: [ { lessThan: "V4.0.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP IM 155-6 PN ST BA", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 4AO U/I 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200ecoPN: IO-Link Master", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET200S (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-B", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-B Body", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-P", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV420 SR-P Body", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 HR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 SR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC MV440 UR", vendor: "Siemens", versions: [ { lessThan: "V7.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF650R", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF680R", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF685R", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.2.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 Software Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-200 SMART", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V3.X.14", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V6.0.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V6.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { lessThan: "V7.0.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-410 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.2", }, ], }, { defaultStatus: "unknown", product: "SIMATIC TDC CP51M1", vendor: "Siemens", versions: [ { lessThan: "V1.1.8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC TDC CPU555", vendor: "Siemens", versions: [ { lessThan: "V1.1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Teleservice Adapter IE Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Teleservice Adapter IE Basic", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Teleservice Adapter IE Standard", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinAC RTX 2010", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2010 SP3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinAC RTX F 2010", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2010 SP3", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0.0", }, ], }, { defaultStatus: "unknown", product: "SIMOTION", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5 HF1", }, ], }, { defaultStatus: "unknown", product: "SINAMICS DCM w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.4 SP1 HF5", }, ], }, { defaultStatus: "unknown", product: "SINAMICS DCP w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.2 HF1", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G110M w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 SP6 HF3", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 SP6 HF3", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G130 V4.7 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 HF27", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G130 V4.8 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G150 V4.7 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "V4.7: All versions < V4.7 HF27", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G150 V4.8 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S110 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4 SP3 HF5", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 HF27", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S150 V4.7 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 HF27", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S150 V4.8 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS V90 w. PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.01", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK 828D V4.5 and prior", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5 SP6 HF2", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK 828D V4.7", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 SP4 HF1", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK 840D sl V4.5 and prior", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.5 SP6 HF2", }, ], }, { defaultStatus: "unknown", product: "SINUMERIK 840D sl V4.7", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 SP4 HF1", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200MP IM 155-5 PN ST TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.2.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST BA", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200SP IM 155-6 PN ST TX RAIL", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIRIUS ACT 3SU1 interface module PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1.0", }, ], }, { defaultStatus: "unknown", product: "SIRIUS Motor Starter M200D PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIRIUS Soft Starter 3RW44 PN", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SITOP PSU8600 PROFINET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.2.0", }, ], }, { defaultStatus: "unknown", product: "SITOP UPS1600 PROFINET (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.2.0", }, ], }, { defaultStatus: "unknown", product: "Softnet PROFINET IO for PC-based Windows systems", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1", }, ], }, ], descriptions: [ { lang: "en", value: "Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:33:20.658Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { name: "1038463", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038463", }, { name: "98369", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/98369", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-293562.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2017-2681", datePublished: "2017-05-11T10:00:00", dateReserved: "2016-12-01T00:00:00", dateUpdated: "2024-09-10T09:33:20.658Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }