Versio.io

CVE-2017-2681

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 11-05-2017 12:29
Last modified: - 12-04-2022 08:29
Total changes: - 4

Description

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Low
Attack complexity
Adjacent
Attack vector
High
Availability
None
Confidentiality
None
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
6.5
Base score
2.8
3.6
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=siemens AND product=simatic_cp_343-1_std_firmware AND versionEndExcluding=3.1.3
OR
vendor=siemens AND product=simatic_cp_343-1_std AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_343-1_lean_firmware AND versionEndExcluding=3.1.3
OR
vendor=siemens AND product=simatic_cp_343-1_lean AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_343-1_adv_firmware
OR
vendor=siemens AND product=simatic_cp_343-1_adv AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_443-1_std_firmware AND versionEndExcluding=3.2.17
OR
vendor=siemens AND product=simatic_cp_443-1_std AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_443-1_adv_firmware AND versionEndExcluding=3.2.17
OR
vendor=siemens AND product=simatic_cp_443-1_adv AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_443-1_opc-ua_firmware
OR
vendor=siemens AND product=simatic_cp_443-1_opc-ua AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_1243-1_firmware AND versionEndExcluding=2.1.82
OR
vendor=siemens AND product=simatic_cp_1243-1 AND version=-
AND
OR
vendor=siemens AND product=simatic_cm_1542-1_firmware AND versionEndExcluding=2.0
OR
vendor=siemens AND product=simatic_cm_1542-1 AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_1543sp-1_firmware AND versionEndExcluding=1.0.15
OR
vendor=siemens AND product=simatic_cp_1542sp-1 AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_1542sp-1_irc_firmware AND versionEndExcluding=1.0.15
OR
vendor=siemens AND product=simatic_cp_1542sp-1_irc AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_1543sp-1_firmware AND versionEndExcluding=2.1
OR
vendor=siemens AND product=simatic_cp_1543sp-1 AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_1543-1_firmware AND versionEndExcluding=1.0.15
OR
vendor=siemens AND product=simatic_cp_1543-1 AND version=-
AND
OR
vendor=siemens AND product=simatic_rf650r_firmware AND versionEndExcluding=3.0
OR
vendor=siemens AND product=simatic_rf650r AND version=-
AND
OR
vendor=siemens AND product=simatic_rf680r_firmware AND versionEndExcluding=3.0
OR
vendor=siemens AND product=simatic_rf680r AND version=-
AND
OR
vendor=siemens AND product=simatic_rf685r_firmware AND versionEndExcluding=3.0
OR
vendor=siemens AND product=simatic_rf685r AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_1616_firmware AND versionEndExcluding=2.7
OR
vendor=siemens AND product=simatic_cp_1616 AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_1604_firmware AND versionEndExcluding=2.7
OR
vendor=siemens AND product=simatic_cp_1604 AND version=-
AND
OR
vendor=siemens AND product=simatic_dk-16xx_pn_io_firmware AND versionEndExcluding=2.7
OR
vendor=siemens AND product=simatic_dk-16xx_pn_io AND version=-
AND
OR
vendor=siemens AND product=scalance_x200_firmware AND versionEndExcluding=5.2.2
OR
vendor=siemens AND product=scalance_x200 AND version=-
AND
OR
vendor=siemens AND product=scalance_x200_irt_firmware AND versionEndExcluding=5.4.0
OR
vendor=siemens AND product=scalance_x200_irt AND version=-
AND
OR
vendor=siemens AND product=scalance_x300_firmware AND versionEndExcluding=4.1.0
OR
vendor=siemens AND product=scalance_x300 AND version=-
AND
OR
vendor=siemens AND product=scalance_x408_firmware AND versionEndExcluding=4.1.0
OR
vendor=siemens AND product=scalance_x408 AND version=-
AND
OR
vendor=siemens AND product=scalance_x414_firmware AND versionEndExcluding=3.10.2
OR
vendor=siemens AND product=scalance_x414 AND version=-
AND
OR
vendor=siemens AND product=scalance_xm400_firmware AND versionEndExcluding=6.1
OR
vendor=siemens AND product=scalance_xm400 AND version=-
AND
OR
vendor=siemens AND product=scalance_xr500_firmware AND versionEndExcluding=6.1
OR
vendor=siemens AND product=scalance_xr500 AND version=-
AND
OR
vendor=siemens AND product=scalance_w700_firmware AND versionEndExcluding=6.1
OR
vendor=siemens AND product=scalance_w700 AND version=-
AND
OR
vendor=siemens AND product=scalance_m-800_firmware AND versionEndExcluding=4.03
OR
vendor=siemens AND product=scalance_m-800 AND version=-
AND
OR
vendor=siemens AND product=scalance_s615_firmware AND versionEndExcluding=4.03
OR
vendor=siemens AND product=scalance_s615 AND version=-
AND
OR
vendor=siemens AND product=softnet_profinet_io_firmware AND versionEndExcluding=14
vendor=siemens AND product=softnet_profinet_io_firmware AND version=14 AND update=-
OR
vendor=siemens AND product=softnet_profinet_io AND version=-
AND
OR
vendor=siemens AND product=ie\/pb-link_firmware AND versionEndExcluding=3.0
OR
vendor=siemens AND product=ie\/pb-link AND version=-
AND
OR
vendor=siemens AND product=ie\/as-i_link_pn_io_firmware
OR
vendor=siemens AND product=ie\/as-i_link_pn_io AND version=-
AND
OR
vendor=siemens AND product=simatic_teleservice_adapter_standard_modem_firmware
OR
vendor=siemens AND product=simatic_teleservice_adapter_standard_modem AND version=-
AND
OR
vendor=siemens AND product=simatic_teleservice_adapter_ie_basic_modem_firmware
OR
vendor=siemens AND product=simatic_teleservice_adapter_ie_basic_modem AND version=-
AND
OR
vendor=siemens AND product=simatic_teleservice_adapter_ie_advanced_modem_firmware
OR
vendor=siemens AND product=simatic_teleservice_adapter_ie_advanced_modem AND version=-
AND
OR
vendor=siemens AND product=sitop_psu8600_firmware AND versionEndExcluding=1.2.0
OR
vendor=siemens AND product=sitop_psu8600 AND version=-
AND
OR
vendor=siemens AND product=ups1600_profinet_firmware AND versionEndExcluding=2.2.0
OR
vendor=siemens AND product=ups1600_profinet AND version=-
AND
OR
vendor=siemens AND product=simatic_et_200al_firmware AND versionEndExcluding=1.0.2
OR
vendor=siemens AND product=simatic_et_200al AND version=-
AND
OR
vendor=siemens AND product=simatic_et_200ecopn_firmware
OR
vendor=siemens AND product=simatic_et_200ecopn AND version=-
AND
OR
vendor=siemens AND product=simatic_et_200m_firmware
OR
vendor=siemens AND product=simatic_et_200m AND version=-
AND
OR
vendor=siemens AND product=simatic_et_200mp_firmware AND versionEndExcluding=4.0.1
OR
vendor=siemens AND product=simatic_et_200mp AND version=-
AND
OR
vendor=siemens AND product=simatic_et_200pro_firmware
OR
vendor=siemens AND product=simatic_et_200pro AND version=-
AND
OR
vendor=siemens AND product=simatic_et_200s_firmware
OR
vendor=siemens AND product=simatic_et_200s AND version=-
AND
OR
vendor=siemens AND product=simatic_et_200sp_firmware AND versionEndExcluding=4.2.0
OR
vendor=siemens AND product=simatic_et_200sp AND version=-
AND
OR
vendor=siemens AND product=pn\/pn_coupler_firmware AND versionEndExcluding=4.0
OR
vendor=siemens AND product=pn\/pn_coupler AND version=-
AND
OR
vendor=siemens AND product=dk_standard_ethernet_controller_firmware AND versionEndExcluding=4.1.1
vendor=siemens AND product=dk_standard_ethernet_controller_firmware AND version=4.1.1 AND update=-
OR
vendor=siemens AND product=dk_standard_ethernet_controller AND version=-
AND
OR
vendor=siemens AND product=ek-ertec_200p_pn_io_firmware AND versionEndExcluding=4.4.0
vendor=siemens AND product=ek-ertec_200p_pn_io_firmware AND version=4.4.0 AND update=-
OR
vendor=siemens AND product=ek-ertec_200p_pn_io AND version=-
AND
OR
vendor=siemens AND product=ek-ertec_200_pn_io_firmware AND versionEndExcluding=4.2.1
vendor=siemens AND product=ek-ertec_200_pn_io_firmware AND version=4.2.1 AND update=-
OR
vendor=siemens AND product=ek-ertec_200_pn_io AND version=-
AND
OR
vendor=siemens AND product=simatic_s7-200_smart_firmware AND versionEndExcluding=2.3
OR
vendor=siemens AND product=simatic_s7-200_smart AND version=-
AND
OR
vendor=siemens AND product=simatic_s7-300_firmware AND versionEndExcluding=3.3.17
OR
vendor=siemens AND product=simatic_s7-300 AND version=-
AND
OR
vendor=siemens AND product=simatic_s7-400_firmware AND versionEndExcluding=6.0.6
OR
vendor=siemens AND product=simatic_s7-400 AND version=-
AND
OR
vendor=siemens AND product=simatic_s7-1200_firmware AND versionEndExcluding=4.2.1
OR
vendor=siemens AND product=simatic_s7-1200 AND version=-
AND
OR
vendor=siemens AND product=simatic_s7-1500_firmware AND versionEndExcluding=2.1
OR
vendor=siemens AND product=simatic_s7-1500 AND version=-
AND
OR
vendor=siemens AND product=simatic_winac_rtx_firmware AND versionEndExcluding=2010
vendor=siemens AND product=simatic_winac_rtx_firmware AND version=2010 AND update=-
OR
vendor=siemens AND product=simatic_winac_rtx AND version=-
AND
OR
vendor=siemens AND product=sirius_act_3su1_firmware AND versionEndExcluding=1.1.0
OR
vendor=siemens AND product=sirius_act_3su1 AND version=-
AND
OR
vendor=siemens AND product=sirius_soft_starter_3rw44_pn_firmware
OR
vendor=siemens AND product=sirius_soft_starter_3rw44_pn AND version=-
AND
OR
vendor=siemens AND product=sirius_motor_starter_m200d_profinet_firmware
OR
vendor=siemens AND product=sirius_motor_starter_m200d_profinet AND version=-
AND
OR
vendor=siemens AND product=simocode_pro_v_profinet_firmware AND versionEndExcluding=2.0.0
OR
vendor=siemens AND product=simocode_pro_v_profinet AND version=-
AND
OR
vendor=siemens AND product=sinamics_dcm_firmware AND versionEndExcluding=1.4
vendor=siemens AND product=sinamics_dcm_firmware AND version=1.4 AND update=-
OR
vendor=siemens AND product=sinamics_dcm AND version=-
AND
OR
vendor=siemens AND product=sinamics_dcp_firmware AND versionEndExcluding=1.2
vendor=siemens AND product=sinamics_dcp_firmware AND version=1.2 AND update=-
OR
vendor=siemens AND product=sinamics_dcp AND version=-
AND
OR
vendor=siemens AND product=sinamics_g110m_firmware AND versionEndExcluding=4.7
vendor=siemens AND product=sinamics_g110m_firmware AND version=4.7 AND update=-
OR
vendor=siemens AND product=sinamics_g110m AND version=-
AND
OR
vendor=siemens AND product=sinamics_g120\(c\/p\/d\)_pn_firmware AND versionEndExcluding=4.7
OR
vendor=siemens AND product=sinamics_g120\(c\/p\/d\)_pn AND version=-
AND
OR
vendor=siemens AND product=sinamics_g130_firmware AND versionEndExcluding=4.7
vendor=siemens AND product=sinamics_g130_firmware AND version=4.7 AND update=-
OR
vendor=siemens AND product=sinamics_g130 AND version=-
AND
OR
vendor=siemens AND product=sinamics_g150_firmware AND versionEndExcluding=4.7
vendor=siemens AND product=sinamics_g150_firmware AND version=4.7 AND update=-
OR
vendor=siemens AND product=sinamics_g150 AND version=-
AND
OR
vendor=siemens AND product=sinamics_s110_pn_firmware AND versionEndExcluding=4.4
vendor=siemens AND product=sinamics_s110_pn_firmware AND version=4.4 AND update=-
OR
vendor=siemens AND product=sinamics_s110_pn AND version=-
AND
OR
vendor=siemens AND product=sinamics_s120_firmware AND versionEndExcluding=4.7
vendor=siemens AND product=sinamics_s120_firmware AND version=4.7 AND update=-
OR
vendor=siemens AND product=sinamics_s120 AND version=-
AND
OR
vendor=siemens AND product=sinamics_s150_firmware AND versionEndExcluding=4.7
vendor=siemens AND product=sinamics_s150_firmware AND version=4.7 AND update=-
OR
vendor=siemens AND product=sinamics_s150 AND version=-
AND
OR
vendor=siemens AND product=sinamics_v90_pn_firmware AND versionEndExcluding=1.01
OR
vendor=siemens AND product=sinamics_v90_pn AND version=-
AND
OR
vendor=siemens AND product=simotion_firmware AND versionEndExcluding=4.5
vendor=siemens AND product=simotion_firmware AND version=4.5 AND update=-
OR
vendor=siemens AND product=simotion AND version=-
AND
OR
vendor=siemens AND product=sinumerik_828d_firmware AND versionEndExcluding=4.5
vendor=siemens AND product=sinumerik_828d_firmware AND version=4.5 AND update=-
OR
vendor=siemens AND product=sinumerik_828d AND version=-
AND
OR
vendor=siemens AND product=sinumerik_840d_sl_firmware AND versionEndExcluding=4.5
vendor=siemens AND product=sinumerik_840d_sl_firmware AND version=4.5 AND update=-
OR
vendor=siemens AND product=sinumerik_840d_sl AND version=-
AND
OR
vendor=siemens AND product=simatic_hmi_comfort_panels AND versionEndExcluding=15.1
OR
vendor=siemens AND product=simatic_hmi_comfort_panels AND version=-
AND
OR
vendor=siemens AND product=simatic_hmi_multi_panels AND versionEndExcluding=15.1
OR
vendor=siemens AND product=simatic_hmi_multi_panels AND version=-
AND
OR
vendor=siemens AND product=simatic_hmi_mobile_panels AND versionEndExcluding=15.1
OR
vendor=siemens AND product=simatic_hmi_mobile_panels AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_1243-1_irc_firmware AND versionEndExcluding=2.1.82
OR
vendor=siemens AND product=simatic_cp_1243-1_irc AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_1243-1_iec_firmware
OR
vendor=siemens AND product=simatic_cp_1243-1_iec AND version=-
AND
OR
vendor=siemens AND product=simatic_cp_1243-1_dnp3_firmware
OR
vendor=siemens AND product=simatic_cp_1243-1_dnp3 AND version=-
AND
OR
vendor=siemens AND product=simatic_cm_1542sp-1_firmware AND versionEndExcluding=1.0.15
OR
vendor=siemens AND product=simatic_cm_1542sp-1 AND version=-
OR
vendor=siemens AND product=simatic_s7-1500_software_controller AND versionEndExcluding=2.1
AND
OR
vendor=siemens AND product=sinumerik_828d_firmware AND versionEndExcluding=4.7
vendor=siemens AND product=sinumerik_828d_firmware AND version=4.7 AND update=-
OR
vendor=siemens AND product=sinumerik_828d AND version=-
AND
OR
vendor=siemens AND product=sinumerik_840d_sl_firmware AND versionEndExcluding=4.7
vendor=siemens AND product=sinumerik_840d_sl_firmware AND version=4.7 AND update=-
OR
vendor=siemens AND product=sinumerik_840d_sl AND version=-
AND
OR
vendor=siemens AND product=simatic_tdc_cpu555_firmware AND versionEndExcluding=1.1.1
OR
vendor=siemens AND product=simatic_tdc_cpu555 AND version=-
AND
OR
vendor=siemens AND product=simatic_tdc_cp51m1_firmware AND versionEndExcluding=1.1.8
OR
vendor=siemens AND product=simatic_tdc_cp51m1 AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2017-2681

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.