National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2017-2680 Detail

Current Description

SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions before V5.4.0), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V04.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), SIMATIC PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-400 PN/DP V7 incl. F (All versions), SIMATIC S7-CPU 410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet.

Source:  MITRE
View Analysis Description

Impact

CVSS v3.0 Severity and Metrics:

Base Score: 6.5 MEDIUM
Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (V3 legend)
Impact Score: 3.6
Exploitability Score: 2.8


Attack Vector (AV): Adjacent
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

CVSS v2.0 Severity and Metrics:

Base Score: 6.1 MEDIUM
Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:C) (V2 legend)
Impact Subscore: 6.9
Exploitability Subscore: 6.5


Access Vector (AV): Local_Network
Access Complexity (AC): Low
Authentication (AU): None
Confidentiality (C): None
Integrity (I): None
Availability (A): Complete
Additional Information:
Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
http://www.securityfocus.com/bid/98369 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038463
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf

Technical Details

Vulnerability Type (View All)

  • Improper Input Validation (CWE-20)

Known Affected Software Configurations Switch to CPE 2.2

Configuration 1 ( hide )
 cpe:2.3:o:siemens:simatic_cp_343-1_std_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_343-1_std:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 2 ( hide )
 cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 3 ( hide )
 cpe:2.3:o:siemens:simatic_cp_343-1_adv_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_343-1_adv:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 4 ( hide )
 cpe:2.3:o:siemens:simatic_cp_443-1_std_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_443-1_std:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 5 ( hide )
 cpe:2.3:o:siemens:simatic_cp_443-1_adv_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_443-1_adv:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 6 ( hide )
 cpe:2.3:o:siemens:simatic_cp_443-1_opc-ua_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_443-1_opc-ua:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 7 ( hide )
 cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 8 ( hide )
 cpe:2.3:o:siemens:simatic_cm_1542-1_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cm_1542-1:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 9 ( hide )
 cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 10 ( hide )
 cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 11 ( hide )
 cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 12 ( hide )
 cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 13 ( hide )
 cpe:2.3:o:siemens:simatic_rf650r_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_rf650r:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 14 ( hide )
 cpe:2.3:o:siemens:simatic_rf680r_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_rf680r:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 15 ( hide )
 cpe:2.3:o:siemens:simatic_rf685r_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_rf685r:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 16 ( hide )
 cpe:2.3:o:siemens:simatic_cp_1616_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 17 ( hide )
 cpe:2.3:o:siemens:simatic_cp_1604_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 18 ( hide )
 cpe:2.3:o:siemens:simatic_dk-16xx_pn_io_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_dk-16xx_pn_io:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 19 ( hide )
 cpe:2.3:o:siemens:scalance_x200_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 20 ( hide )
 cpe:2.3:o:siemens:scalance_x200_irt_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 21 ( hide )
 cpe:2.3:o:siemens:scalance_x300_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 22 ( hide )
 cpe:2.3:o:siemens:scalance_x408_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 23 ( hide )
 cpe:2.3:o:siemens:scalance_x414_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 24 ( hide )
 cpe:2.3:o:siemens:scalance_xm400_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 25 ( hide )
 cpe:2.3:o:siemens:scalance_xr500_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 26 ( hide )
 cpe:2.3:o:siemens:scalance_w700_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 27 ( hide )
 cpe:2.3:o:siemens:scalance_m-800_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 28 ( hide )
 cpe:2.3:o:siemens:scalance_s615_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 29 ( hide )
 cpe:2.3:o:siemens:softnet_profinet_io_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:softnet_profinet_io:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 30 ( hide )
 cpe:2.3:o:siemens:ie\/pb-link_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:ie\/pb-link:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 31 ( hide )
 cpe:2.3:o:siemens:ie\/as-i_link_pn_io_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:ie\/as-i_link_pn_io:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 32 ( hide )
 cpe:2.3:o:siemens:simatic_teleservice_adapter_standard_modem_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_teleservice_adapter_standard_modem:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 33 ( hide )
 cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic_modem:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 34 ( hide )
 cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced_modem:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 35 ( hide )
 cpe:2.3:o:siemens:sitop_psu8600_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 36 ( hide )
 cpe:2.3:o:siemens:ups1600_profinet_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:ups1600_profinet:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 37 ( hide )
 cpe:2.3:o:siemens:simatic_et_200al_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_et_200al:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 38 ( hide )
 cpe:2.3:o:siemens:simatic_et_200ecopn_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_et_200ecopn:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 39 ( hide )
 cpe:2.3:o:siemens:simatic_et_200m_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_et_200m:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 40 ( hide )
 cpe:2.3:o:siemens:simatic_et_200mp_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_et_200mp:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 41 ( hide )
 cpe:2.3:o:siemens:simatic_et_200pro_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_et_200pro:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 42 ( hide )
 cpe:2.3:o:siemens:simatic_et_200s_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_et_200s:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 43 ( hide )
 cpe:2.3:o:siemens:simatic_et_200sp_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_et_200sp:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 44 ( hide )
 cpe:2.3:o:siemens:pn\/pn_coupler_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:pn\/pn_coupler:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 45 ( hide )
 cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
4.1.1
Running on/with
 cpe:2.3:h:siemens:dk_standard_ethernet_controller:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 46 ( hide )
 cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
4.4.0
Running on/with
 cpe:2.3:h:siemens:ek-ertec_200p_pn_io:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 47 ( hide )
 cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
4.2.1
Running on/with
 cpe:2.3:h:siemens:ek-ertec_200_pn_io:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 48 ( hide )
 cpe:2.3:o:siemens:simatic_s7-200_smart_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_s7-200_smart:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 49 ( hide )
 cpe:2.3:o:siemens:simatic_s7-300_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 50 ( hide )
 cpe:2.3:o:siemens:simatic_s7-400_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 51 ( hide )
 cpe:2.3:o:siemens:simatic_s7-1200_firmware:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with

Configuration 52 ( hide )

Configuration 53 ( hide )

Configuration 54 ( hide )

Configuration 55 ( hide )

Configuration 56 ( hide )

Configuration 57 ( hide )

Configuration 58 ( hide )

Configuration 59 ( hide )

Configuration 60 ( hide )

Configuration 61 ( hide )

Configuration 62 ( hide )

Configuration 63 ( hide )

Configuration 64 ( hide )

Configuration 65 ( hide )

Configuration 66 ( hide )

Configuration 67 ( hide )

Configuration 68 ( hide )

Configuration 69 ( hide )

Configuration 70 ( hide )

Configuration 71 ( hide )

Configuration 72 ( hide )

Configuration 73 ( hide )

Configuration 74 ( hide )

Showing 100 of 150 CPEs, view all CPEs here.

Change History

13 change records found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2017-2680
NVD Published Date:
05/10/2017
NVD Last Modified:
05/10/2018