CVE-2020-28400

Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
siemensCNA
7.5 HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
VendorProductVersion
siemensdk_standard_ethernet_controller_evaluation_kit_firmware
*
siemensek-ertec_200_evaulation_kit_firmware
*
siemensek-ertec_200p_evaluation_kit_firmware
𝑥
< 4.7
siemensruggedcom_rm1224_firmware
𝑥
< 6.4
siemensscalance_m-800_firmware
𝑥
< 6.4
siemensscalance_s615_firmware
𝑥
< 6.4
siemensscalance_w700_firmware
*
siemensscalance_w1700_firmware
*
siemensscalance_x200-4_p_irt_firmware
𝑥
< 5.5.0
siemensscalance_x201-3p_irt_firmware
𝑥
< 5.5.0
siemensscalance_x201-3p_irt_pro_firmware
𝑥
< 5.5.0
siemensscalance_x202-2_irt_firmware
𝑥
< 5.5.0
siemensscalance_x202-2p_irt_pro_firmware
𝑥
< 5.5.0
siemensscalance_x204_irt_firmware
𝑥
< 5.5.0
siemensscalance_x204_irt_pro_firmware
𝑥
< 5.5.0
siemensscalance_x204-2_firmware
𝑥
< 5.2.5
siemensscalance_x204-2fm_firmware
𝑥
< 5.2.5
siemensscalance_x204-2ld_firmware
𝑥
< 5.2.5
siemensscalance_x204-2ld_ts_firmware
𝑥
< 5.2.5
siemensscalance_x204-2ts_firmware
𝑥
< 5.2.5
siemensscalance_x206-1_firmware
𝑥
< 5.2.5
siemensscalance_x206-1ld_firmware
𝑥
< 5.2.5
siemensscalance_x208_firmware
𝑥
< 5.2.5
siemensscalance_x208pro_firmware
𝑥
< 5.2.5
siemensscalance_x212-2_firmware
𝑥
< 5.2.5
siemensscalance_x212-2ld_firmware
𝑥
< 5.2.5
siemensscalance_x216_firmware
𝑥
< 5.2.5
siemensscalance_x224_firmware
𝑥
< 5.2.5
siemensscalance_x302-7eec_firmware
*
siemensscalance_x304-2fe_firmware
*
siemensscalance_x306-1ldfe_firmware
*
siemensscalance_x307-2eec_firmware
*
siemensscalance_x307-3_firmware
*
siemensscalance_x307-3ld_firmware
*
siemensscalance_x308-2_firmware
*
siemensscalance_x308-2ld_firmware
*
siemensscalance_x308-2lh_firmware
*
siemensscalance_x308-2lh\+_firmware
*
siemensscalance_x308-2m_firmware
*
siemensscalance_x308-2m_poe_firmware
*
siemensscalance_x308-2m_ts_firmware
*
siemensscalance_x310_firmware
*
siemensscalance_x310fe_firmware
*
siemensscalance_x320-1fe_firmware
*
siemensscalance_x320-3ldfe_firmware
*
siemensscalance_xb-200_firmware
𝑥
< 4.3
siemensscalance_xc-200_firmware
𝑥
< 4.3
siemensscalance_xf201-3p_irt_firmware
𝑥
< 5.5.0
siemensscalance_xf202-2p_irt_firmware
𝑥
< 5.5.0
siemensscalance_xf204_firmware
𝑥
< 5.2.5
siemensscalance_xf204_irt_firmware
𝑥
< 5.5.0
siemensscalance_xf204-2_firmware
𝑥
< 5.2.5
siemensscalance_xf204-2ba_irt_firmware
𝑥
< 5.5.0
siemensscalance_xf206-1_firmware
𝑥
< 5.2.5
siemensscalance_xf208_firmware
𝑥
< 5.2.5
siemensscalance_xf-200ba_firmware
𝑥
< 4.3
siemensscalance_xm400_firmware
𝑥
< 6.3.1
siemensscalance_xp-200_firmware
𝑥
< 4.3
siemensscalance_xr324-4m_eec_firmware
*
siemensscalance_xr324-4m_poe_firmware
*
siemensscalance_xr324-4m_poe_ts_firmware
*
siemensscalance_xr324-12m_firmware
*
siemensscalance_xr324-12m_ts_firmware
*
siemensscalance_xr500_firmware
𝑥
< 6.3.1
siemensscalance_xr-300wg_firmware
𝑥
< 4.3
siemenssimatic_cfu_pa_firmware
*
siemenssimatic_ie\/pb-link_v3_firmware
*
siemenssimatic_mv500_firmware
𝑥
< 3.0
siemenssimatic_net_cm_1542-1_firmware
*
siemenssimatic_net_cp1616_firmware
𝑥
≤ 2.7
siemenssimatic_net_cp1604_firmware
𝑥
≤ 2.7
siemenssimatic_net_cp1626_firmware
*
siemenssimatic_net_dk-16xx_pn_io
𝑥
≤ 2.7
siemenssimatic_power_line_booster_plb_firmware
*
siemenssimatic_profinet_driver_firmware
𝑥
< 2.3
siemenssimatic_s7-1200_firmware
𝑥
< 4.5
siemenssimocode_prov_ethernet\/ip_firmware
𝑥
< 1.1.3
siemenssimocode_prov_profinet_firmware
𝑥
< 2.1.3
siemenssoftnet-ie_pnio_firmware
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/html/ssa-599968.html
https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03
https://cert-portal.siemens.com/productcert/html/ssa-599968.html
https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03