FKIE_CVE-2017-12736

Vulnerability from fkie_nvd - Published: 2017-12-26 04:29 - Updated: 2025-08-12 12:15
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions.
References
productcert@siemens.comhttp://www.securityfocus.com/bid/101041Third Party Advisory, VDB Entry
productcert@siemens.comhttp://www.securitytracker.com/id/1039463Third Party Advisory, VDB Entry
productcert@siemens.comhttp://www.securitytracker.com/id/1039464Third Party Advisory, VDB Entry
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/html/ssa-856721.html
productcert@siemens.comhttps://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdfIssue Tracking, Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101041Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039463Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039464Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdfIssue Tracking, Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
siemens scalance_xb-200_firmware *
siemens scalance_xb-200 -
siemens scalance_xc-200_firmware *
siemens scalance_xc-200 -
siemens scalance_xp-200_firmware *
siemens scalance_xp-200 -
siemens scalance_xr300-wg_firmware *
siemens scalance_xr300-wg -
siemens scalance_xr-500_firmware *
siemens scalance_xr-500 -
siemens scalance_xm-400_firmware *
siemens scalance_xm-400 -
siemens ruggedcom_ros *
siemens ruggedcom_rsl910 -
siemens ruggedcom_ros *
siemens ruggedcom -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA12DF53-5DB1-4279-9E46-6031258ACE68",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5501093A-B4A4-4E9C-AE5A-38A012B81E07",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7719E194-EE3D-4CE8-8C85-CF0D82A553AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F5B80A4-0EFC-4488-A569-574B942FC7D9",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F962FC7-0616-467F-8CCA-ADEA224B5F7B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr300-wg_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DEF3486-F27F-4FC3-ADE5-A5BCAD477C47",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr300-wg:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43C240D0-5169-4800-B336-A2B889475CD6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr-500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C6310FD-6DD7-4420-BE94-C791D18CA1E1",
              "versionStartIncluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr-500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96EA9D9A-AD86-4983-8FD2-33B1E447D7D1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF503997-A9E6-4722-A774-D3089B3468B3",
              "versionStartIncluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "798E900F-5EF9-4B39-B8C2-79FAE659E7F5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8AEFEF0-6AA1-4C07-BE94-0FBD7CECA354",
              "versionEndExcluding": "5.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rsl910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F0C8879-659D-4A28-BA72-7BE05B5215CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF1FAD6D-C62C-46CF-A752-E0844A496344",
              "versionEndExcluding": "4.3.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EABA893-37F5-4877-BC13-3557C654857E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to write to the device under certain conditions.\r\n\r\nThis could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions."
    },
    {
      "lang": "es",
      "value": "Se identific\u00f3 una vulnerabilidad en RUGGEDCOM ROS para los dispositivos RSL910 (todas las versiones anteriores a ROS V5.0.1), RUGGEDCOM ROS para todos los dem\u00e1s dispositivos (todas las versiones anteriores a ROS V4.3.4), SCALANCE XB-200/XC-200/XP-200/XR300-WG (Todas las versiones entre V3.0 (incluido) y V3.0.2 (excluyendo), SCALANCE XR-500/XM-400 (Todas las versiones entre V6.1 (incluido) y V6.1.1 (excluyendo). Despu\u00e9s de la configuraci\u00f3n inicial, el Ruggedcom Discovery Protocol (RCDP) a\u00fan puede escribir hacia el dispositivo bajo ciertas condiciones, esto potencialmente permite que los usuarios ubicados en la red adyacente del dispositivo destino realicen acciones administrativas no autorizadas."
    }
  ],
  "id": "CVE-2017-12736",
  "lastModified": "2025-08-12T12:15:26.210",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2017-12-26T04:29:13.643",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101041"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039463"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039464"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-856721.html"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039464"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1188"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-665"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.