VAR-201611-0393
Vulnerability from variot - Updated: 2022-05-17 01:55Siemens SIMATIC S7-300, 1200, 1500 CPU is a modular universal controller for the manufacturing industry of Siemens, Germany. It is widely used in important industrial control sites such as tobacco, petrochemical and water.
A denial of service vulnerability exists in the Siemens SIMATIC S7-300/1200/1500 CPU. Since the Siemens S7-300, 1200, and 1500 CPUs refuse service when communicating with the ProfinetIO Layer 2 network packet of a specific configuration, the CPU enters the failure mode and needs to be manually restarted for recovery. The attacker exploits the vulnerability to directly obtain the target information through the secondary MAC broadcast to initiate a denial of service attack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0393",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7-1200 cpu",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-300 cpu",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1200 cpu siemens simatic s7-300 cpu siemens simatic s7-1500 cpu",
"scope": "eq",
"trust": 0.2,
"vendor": "siemens",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c"
},
{
"db": "CNVD",
"id": "CNVD-2016-11519"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-11519",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2016-11519",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c"
},
{
"db": "CNVD",
"id": "CNVD-2016-11519"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC S7-300, 1200, 1500 CPU is a modular universal controller for the manufacturing industry of Siemens, Germany. It is widely used in important industrial control sites such as tobacco, petrochemical and water. \n\nA denial of service vulnerability exists in the Siemens SIMATIC S7-300/1200/1500 CPU. Since the Siemens S7-300, 1200, and 1500 CPUs refuse service when communicating with the ProfinetIO Layer 2 network packet of a specific configuration, the CPU enters the failure mode and needs to be manually restarted for recovery. The attacker exploits the vulnerability to directly obtain the target information through the secondary MAC broadcast to initiate a denial of service attack",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11519"
},
{
"db": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11519",
"trust": 0.8
},
{
"db": "IVD",
"id": "19A29CE8-7B67-49D6-8194-3AAE6818EF7C",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c"
},
{
"db": "CNVD",
"id": "CNVD-2016-11519"
}
]
},
"id": "VAR-201611-0393",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c"
},
{
"db": "CNVD",
"id": "CNVD-2016-11519"
}
],
"trust": 1.433928565
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c"
},
{
"db": "CNVD",
"id": "CNVD-2016-11519"
}
]
},
"last_update_date": "2022-05-17T01:55:51.974000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "To be determined",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/84250"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11519"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c"
},
{
"db": "CNVD",
"id": "CNVD-2016-11519"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-25T00:00:00",
"db": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c"
},
{
"date": "2017-02-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11519"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11519"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC S7-300/1200/1500 CPU Denial of service vulnerability",
"sources": [
{
"db": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c"
},
{
"db": "CNVD",
"id": "CNVD-2016-11519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "19a29ce8-7b67-49d6-8194-3aae6818ef7c"
}
],
"trust": 0.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…