var-201611-0393
Vulnerability from variot
Siemens SIMATIC S7-300, 1200, 1500 CPU is a modular universal controller for the manufacturing industry of Siemens, Germany. It is widely used in important industrial control sites such as tobacco, petrochemical and water.
A denial of service vulnerability exists in the Siemens SIMATIC S7-300/1200/1500 CPU. Since the Siemens S7-300, 1200, and 1500 CPUs refuse service when communicating with the ProfinetIO Layer 2 network packet of a specific configuration, the CPU enters the failure mode and needs to be manually restarted for recovery. The attacker exploits the vulnerability to directly obtain the target information through the secondary MAC broadcast to initiate a denial of service attack
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201611-0393", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "simatic s7-1200 cpu", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "simatic s7-300 cpu", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "simatic s7-1500 cpu", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "simatic s7-1200 cpu siemens simatic s7-300 cpu siemens simatic s7-1500 cpu", scope: "eq", trust: 0.2, vendor: "siemens", version: "*", }, ], sources: [ { db: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", }, { db: "CNVD", id: "CNVD-2016-11519", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2016-11519", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.9 [IVD]", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2016-11519", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", trust: 0.2, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", }, { db: "CNVD", id: "CNVD-2016-11519", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens SIMATIC S7-300, 1200, 1500 CPU is a modular universal controller for the manufacturing industry of Siemens, Germany. It is widely used in important industrial control sites such as tobacco, petrochemical and water. \n\nA denial of service vulnerability exists in the Siemens SIMATIC S7-300/1200/1500 CPU. Since the Siemens S7-300, 1200, and 1500 CPUs refuse service when communicating with the ProfinetIO Layer 2 network packet of a specific configuration, the CPU enters the failure mode and needs to be manually restarted for recovery. The attacker exploits the vulnerability to directly obtain the target information through the secondary MAC broadcast to initiate a denial of service attack", sources: [ { db: "CNVD", id: "CNVD-2016-11519", }, { db: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", }, ], trust: 0.72, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2016-11519", trust: 0.8, }, { db: "IVD", id: "19A29CE8-7B67-49D6-8194-3AAE6818EF7C", trust: 0.2, }, ], sources: [ { db: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", }, { db: "CNVD", id: "CNVD-2016-11519", }, ], }, id: "VAR-201611-0393", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", }, { db: "CNVD", id: "CNVD-2016-11519", }, ], trust: 1.433928565, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", "Network device", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.2, }, ], sources: [ { db: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", }, { db: "CNVD", id: "CNVD-2016-11519", }, ], }, last_update_date: "2022-05-17T01:55:51.974000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "To be determined", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/84250", }, ], sources: [ { db: "CNVD", id: "CNVD-2016-11519", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", }, { db: "CNVD", id: "CNVD-2016-11519", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2016-11-25T00:00:00", db: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", }, { date: "2017-02-17T00:00:00", db: "CNVD", id: "CNVD-2016-11519", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-22T00:00:00", db: "CNVD", id: "CNVD-2016-11519", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens SIMATIC S7-300/1200/1500 CPU Denial of service vulnerability", sources: [ { db: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", }, { db: "CNVD", id: "CNVD-2016-11519", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation", sources: [ { db: "IVD", id: "19a29ce8-7b67-49d6-8194-3aae6818ef7c", }, ], trust: 0.2, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.