Denial of service in Siemens products - CVE-2017-2680
Published: January 24, 2018
Vulnerability identifier: #VU10200
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-2680
CWE-ID: CWE-20
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Siemens
Affected software:
Extension Unit 22” PROFINET
Extension Unit 19” PROFINET
Extension Unit 15” PROFINET
Extension Unit 12” PROFINET
SIMATIC CP 1626
SIMATIC CP 1243-8
SIMATIC CP 1243-7 LTE EU/US
SIMATIC CP 1242-7 GPRS
Extension Unit 22” PROFINET
Extension Unit 19” PROFINET
Extension Unit 15” PROFINET
Extension Unit 12” PROFINET
SIMATIC CP 1626
SIMATIC CP 1243-8
SIMATIC CP 1243-7 LTE EU/US
SIMATIC CP 1242-7 GPRS
Detailed vulnerability description
The vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The weakness exists due to improper handling of broadcast packets. An adjacent attacker can submit specially crafted PROFINET DCP broadcast packets and cause the server to crash.
The weakness exists due to improper handling of broadcast packets. An adjacent attacker can submit specially crafted PROFINET DCP broadcast packets and cause the server to crash.
How to mitigate CVE-2017-2680
Install update from vendor's website.