CVE-2017-2680

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
siemensCNA
6.5 MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
VendorProductVersion
siemenssimatic_cp_343-1_std_firmware
𝑥
< 3.1.3
siemenssimatic_cp_343-1_lean_firmware
𝑥
< 3.1.3
siemenssimatic_cp_343-1_adv_firmware
*
siemenssimatic_cp_443-1_std_firmware
𝑥
< 3.2.17
siemenssimatic_cp_443-1_adv_firmware
𝑥
< 3.2.17
siemenssimatic_cp_443-1_opc-ua_firmware
*
siemenssimatic_cp_1243-1_firmware
𝑥
< 2.1.82
siemenssimatic_cm_1542-1_firmware
𝑥
< 2.0
siemenssimatic_cp_1542sp-1_firmware
𝑥
< 1.0.15
siemenssimatic_cp_1542sp-1_irc_firmware
𝑥
< 1.0.15
siemenssimatic_cp_1543sp-1_firmware
𝑥
< 1.0.15
siemenssimatic_cp_1543-1_firmware
𝑥
< 2.1
siemenssimatic_rf650r_firmware
𝑥
< 3.0
siemenssimatic_rf680r_firmware
𝑥
< 3.0
siemenssimatic_rf685r_firmware
𝑥
< 3.0
siemenssimatic_cp_1616_firmware
𝑥
< 2.7
siemenssimatic_cp_1604_firmware
𝑥
< 2.7
siemenssimatic_dk-1616_pn_io_firmware
𝑥
< 2.7
siemensscalance_x200_firmware
𝑥
< 5.2.2
siemensscalance_x200_irt_firmware
𝑥
< 5.4.0
siemensscalance_x300_firmware
𝑥
< 4.1.0
siemensscalance_x408_firmware
𝑥
< 4.1.0
siemensscalance_x414_firmware
𝑥
< 3.10.2
siemensscalance_xm400_firmware
𝑥
< 6.1
siemensscalance_xr500_firmware
𝑥
< 6.1
siemensscalance_w700_firmware
𝑥
< 6.1
siemensscalance_m-800_firmware
𝑥
< 4.03
siemensscalance_s615_firmware
𝑥
< 4.03
siemenssoftnet_profinet_io_firmware
𝑥
< 14
siemensie\/pb-link_firmware
𝑥
< 3.0
siemensie\/as-i_link_pn_io_firmware
*
siemenssimatic_teleservice_adapter_ie_standard_firmware
*
siemenssimatic_teleservice_adapter_ie_basic_firmware
*
siemenssimatic_teleservice_adapter_ie_advanced_firmware
*
siemenssitop_psu8600_firmware
𝑥
< 1.2.0
siemensups1600_profinet_firmware
𝑥
< 2.2.0
siemenssimatic_et_200al_firmware
𝑥
< 1.0.2
siemenssimatic_et_200ecopn_firmware
*
siemenssimatic_et_200m_firmware
*
siemenssimatic_et_200mp_firmware
𝑥
< 4.0.1
siemenssimatic_et_200pro_firmware
*
siemenssimatic_et_200s_firmware
*
siemenssimatic_et_200sp_firmware
𝑥
< 4.1.0
siemenspn\/pn_coupler_firmware
𝑥
< 4.0
siemensdk_standard_ethernet_controller_firmware
𝑥
< 4.1.1
siemensdk_standard_ethernet_controller_firmware
4.1.1
siemensek-ertec_200p_pn_io_firmware
𝑥
< 4.4.0
siemensek-ertec_200p_pn_io_firmware
4.4.0
siemensek-ertec_200_pn_io_firmware
𝑥
< 4.2.1
siemensek-ertec_200_pn_io_firmware
4.2.1
siemenssimatic_s7-200_smart_firmware
𝑥
< 2.3
siemenssimatic_s7-300_firmware
-
siemenssimatic_s7-400_firmware
𝑥
< 6.0.6
siemenssimatic_s7-1200_firmware
𝑥
< 4.2.1
siemenssimatic_s7-1500_firmware
𝑥
< 2.1
siemenssimatic_s7-1500_software_controller_firmware
𝑥
< 2.1
siemenssimatic_winac_rtx_firmware
𝑥
< 2010
siemenssirius_act_3su1_firmware
𝑥
< 1.1.0
siemenssirius_soft_starter_3rw44_pn_firmware
*
siemenssirius_motor_starter_m200d_profinet_firmware
*
siemenssimocode_pro_v_profinet_firmware
𝑥
< 2.0.0
siemenssinamics_dcm_firmware
𝑥
< 1.4
siemenssinamics_dcm_firmware
1.4
siemenssinamics_dcm_firmware
1.4:sp1
siemenssinamics_dcp_firmware
𝑥
< 1.2
siemenssinamics_dcp_firmware
1.2
siemenssinamics_g110m_firmware
𝑥
< 4.7
siemenssinamics_g110m_firmware
4.7
siemenssinamics_g120\(c\/p\/d\)_w._pn_firmware
𝑥
< 4.7
siemenssinamics_g120\(c\/p\/d\)_w._pn_firmware
4.7
siemenssinamics_g130_firmware
𝑥
< 4.7
siemenssinamics_g130_firmware
4.7
siemenssinamics_g150_firmware
𝑥
< 4.7
siemenssinamics_g150_firmware
4.7
siemenssinamics__s110_pn_firmware
𝑥
< 4.4
siemenssinamics__s110_pn_firmware
4.4
siemenssinamics_s120_firmware
𝑥
< 4.7
siemenssinamics_s120_firmware
4.7
siemenssinamics_s150_firmware
𝑥
< 4.7
siemenssinamics_s150_firmware
4.7
siemenssinamics_v90_pn_firmware
𝑥
< 1.01
siemenssimotion_firmware
𝑥
< 4.5
siemenssimotion_firmware
4.5
siemenssinumerik_828d_firmware
𝑥
< 4.5
siemenssinumerik_828d_firmware
4.5
siemenssinumerik_840d_sl_firmware
𝑥
< 4.5
siemenssinumerik_840d_sl_firmware
4.5
siemenssimatic_hmi_comfort_panels
𝑥
< 15.1
siemenssimatic_hmi_multi_panels
𝑥
< 15.1
siemenssimatic_hmi_mobile_panels
𝑥
< 15.1
siemenssimatic_cp_1243-1_irc_firmware
𝑥
< 2.1.82
siemenssimatic_cp_1243-1_iec_firmware
*
siemenssimatic_cp_1243-1_dnp3_firmware
*
siemenssimatic_dk-1604_pn_io_firmware
𝑥
< 2.7
siemenssimatic_tdc_cpu555_firmware
𝑥
< 1.1.1
siemenssimatic_tdc_cp51m1_firmware
𝑥
< 1.1.8
siemenssinamics_gh150_firmware
𝑥
< 4.7
siemenssinamics_gh150_firmware
4.7
siemenssinamics_gl150_firmware
𝑥
< 4.8
siemenssinamics_gl150_firmware
4.8
siemenssinamics_gm150_firmware
𝑥
< 4.7
siemenssinamics_gm150_firmware
4.7
siemenssinamics_sl150_firmware
𝑥
< 4.8
siemenssinamics_sl150_firmware
4.8
siemenssinamics_sm120_firmware
𝑥
< 4.8
siemenssinamics_sm120_firmware
4.8
siemensextension_unit_12_profinet_firmware
𝑥
< 01.01.01
siemensextension_unit_15_profinet_firmware
𝑥
< 01.01.01
siemensextension_unit_19_profinet_firmware
𝑥
< 01.01.01
siemensextension_unit_22_profinet_firmware
𝑥
< 01.01.01
siemenssimatic_cp_1242-7_gprs_firmware
𝑥
< 2.1.82
siemenssimatic_cp_1243-7_lte\/us_firmware
𝑥
< 2.1.82
siemenssimatic_cp_1243-8_firmware
𝑥
< 2.1.82
siemenssimatic_cp_1626_firmware
𝑥
< 1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/98369
http://www.securitytracker.com/id/1038463
https://cert-portal.siemens.com/productcert/html/ssa-284673.html
https://cert-portal.siemens.com/productcert/html/ssa-293562.html
https://cert-portal.siemens.com/productcert/html/ssa-546832.html
https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf
http://www.securityfocus.com/bid/98369
http://www.securitytracker.com/id/1038463
https://cert-portal.siemens.com/productcert/html/ssa-284673.html
https://cert-portal.siemens.com/productcert/html/ssa-293562.html
https://cert-portal.siemens.com/productcert/html/ssa-546832.html
https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf