Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2017-2681
HistoryMay 11, 2017 - 10:29 a.m.

CVE-2017-2681

2017-05-1110:29:00
CWE-400
[email protected]
web.nvd.nist.gov
56
2
cve-2017-2681
profinet
dcp
denial of service
simatic hmi
s7-300
s7-400
vulnerability

6.5 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

High

6.1 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

48.5%

JSON

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices.

CPENameOperatorVersion
siemens:simatic_cp_343-1_std_firmwaresiemens simatic cp 343-1 std firmwarelt3.1.3
siemens:simatic_cp_343-1_lean_firmwaresiemens simatic cp 343-1 lean firmwarelt3.1.3
siemens:simatic_cp_343-1_adv_firmwaresiemens simatic cp 343-1 adv firmwareeq*
siemens:simatic_cp_443-1_std_firmwaresiemens simatic cp 443-1 std firmwarelt3.2.17
siemens:simatic_cp_443-1_adv_firmwaresiemens simatic cp 443-1 adv firmwarelt3.2.17
siemens:simatic_cp_443-1_opc-ua_firmwaresiemens simatic cp 443-1 opc-ua firmwareeq*
siemens:simatic_cp_1243-1_firmwaresiemens simatic cp 1243-1 firmwarelt2.1.82
siemens:simatic_cm_1542-1_firmwaresiemens simatic cm 1542-1 firmwarelt2.0
siemens:simatic_cp_1543sp-1_firmwaresiemens simatic cp 1543sp-1 firmwarelt1.0.15
siemens:simatic_cp_1542sp-1_irc_firmwaresiemens simatic cp 1542sp-1 irc firmwarelt1.0.15
Rows per page:
1-10 of 821

Social References

More

Related

nessus 2
prion 1
cvelist 1
ics 12
openvas 1
nessus
nessus
Siemens PROFINET DCP Uncontrolled Resource Consumption (CVE-2017-2681)
2022-02-07 00:00:00
Siemens Simatic Improper Input Validation
2019-11-08 00:00:00
prion
prion
Design/Logic Flaw
2017-05-11 10:29:00
cvelist
cvelist
CVE-2017-2681
2017-05-11 10:00:00
ics
ics
Siemens devices using the PROFINET Discovery and Configuration Protocol (Update J)
2017-05-09 00:00:00
Siemens devices using the PROFINET Discovery and Configuration Protocol (Update I)
2017-05-09 00:00:00
Siemens devices using the PROFINET Discovery and Configuration Protocol (Update F)
2017-05-09 00:00:00
openvas
openvas
Siemens SIMATIC S7 PLC Multiple Vulnerabilities (SSA-293562)
2017-08-18 00:00:00

6.5 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

High

6.1 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

48.5%

JSON
Related for CVE-2017-2681
nessus2prion1cvelist1ics12openvas1