SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   Siemens SIMATIC Controller Vendors:   Siemens
Siemens SIMATIC Controller PROFINET DCP Packet Processing Bugs Let Remote Users Deny Service
SecurityTracker Alert ID:  1038463
SecurityTracker URL:  http://securitytracker.com/id/1038463
CVE Reference:   CVE-2017-2680, CVE-2017-2681   (Links to External Site)
Date:  May 11 2017
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Two vulnerabilities were reported in Siemens SIMATIC Controllers. A remote user can cause denial of service conditions on the target system.

A remote user on the local network can send specially crafted PROFINET DCP broadcast packets to cause denial of service conditions on the target Simatic device [CVE-2017-2680]. A manual restart is required to return the system to normal operations.

The following models are affected:

SIMATIC CP 343-1
SIMATIC CP 443-1
SIMATIC CP 1243-1
SIMATIC CM 1542-1
SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1
SIMATIC CP 1543-1
SIMATIC RF650R, RF680R, RF685R
SIMATIC CP 1616, CP 1604, DK-16xx PN IO
SCALANCE X200
SCALANCE X200 IRT
SCALANCE X300, X408, X414
SCALANCE XM400, XR500
SCALANCE W700
SCALANCE M-800,S615
Softnet PROFINET IO for PC-based Windows systems
IE/PB-Link
IE/AS-i Link PN IO
SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced
SITOP PSU8600 / UPS1600 PROFINET
SIMATIC ET 200AL
SIMATIC ET 200ecoPN
SIMATIC ET 200M
SIMATIC ET 200MP
SIMATIC ET 200pro
SIMATIC ET 200S
SIMATIC ET 200SP
PN/PN Coupler
DK Standard Ethernet Controller Development/Evaluation Kits for PROFINET IO
EK-ERTEC 200P PN IO Development/Evaluation Kits for PROFINET IO
EK-ERTEC 200 PN IO Development/Evaluation Kits for PROFINET IO
SIMATIC S7-200 SMART
SIMATIC S7-300
SIMATIC S7-400
SIMATIC S7-1200
SIMATIC S7-1500
SIMATIC S7-1500 Software Controller
SIMATIC WinAC RTX 2010
SIRIUS ACT 3SU1 interface module PROFINET
SIRIUS Soft starter 3RW44 PN
SIRIUS Motor starter M200D PROFINET
SIMOCODE pro V PROFINET
SINAMICS DCM
SINAMICS DCP
SINAMICS G110M / G120(C/P/D)
SINAMICS G130 and G150
SINAMICS S110
SINAMICS S120
SINAMICS S150
SINAMICS V90
SIMOTION
SINUMERIK 828D
SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels

A remote user on the local network can send specially crafted PROFINET DCP packets to cause denial of service conditions on the target Simatic device [CVE-2017-2681]. A manual restart is required to return the system to normal operations. Only SIMATIC HMI Multi Panels and HMI Mobile Panels and S7-300/S7-400 devices are affected.

PROFIBUS interfaces are not affected by these vulnerabilities.

Duan JinTong, Ma ShaoShuai, and Cheng Lei from NSFOCUS Security Team (via CNCERT/CC) reported these vulnerabilities.

Impact:   A remote user can cause denial of service conditions. A manual restart is required to return the system to normal operations.
Solution:   The vendor has issued a fix.

A patch matrix is available in the vendor advisory.

The vendor advisory is available at:

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf

Vendor URL:  www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf (Links to External Site)
Cause:   Not specified

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC