7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.003 Low
EPSS
Percentile
68.0%
**ATTENTION:**Remotely exploitable/low skill level to exploit.
Vendor: Siemens
Equipment: Industrial products
Vulnerability: Improper Input Validation
This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01A Siemens Industrial Products that was published December 19, 2017, on the NCCIC/ICS-CERT web site.
--------- Begin Update B Part 1 of 2 --------
Siemens reports the vulnerability affects the following industrial products:
--------- End Update B Part 1 of 2 --------
Successful exploitation of this vulnerability may allow a remote attacker to conduct a denial-of-service (DoS) attack.
--------- Begin Update B Part 2 of 2 --------
Siemens has provided firmware updates for the following products to fix the vulnerability:
<https://support.industry.siemens.com/cs/cn/en/view/109749409>
<https://support.industry.siemens.com/cs/de/en/view/109474874>
<https://support.industry.siemens.com/cs/ww/en/view/109750012>
<https://support.industry.siemens.com/cs/ww/en/view/31045047>
<https://support.industry.siemens.com/cs/ww/en/view/31263919>
Please contact a Siemens representative for information on how to obtain the update.
<https://support.industry.siemens.com/cs/ww/en/view/109750507>
<https://support.industry.siemens.com/cs/us/en/ps/13717/dl>
<https://support.industry.siemens.com/cs/us/en/view/109478528>
<https://support.industry.siemens.com/cs/ww/en/view/109474550>
<https://support.industry.siemens.com/cs/ww/en/view/31045047>
<https://support.industry.siemens.com/cs/document/109474320>
<https://support.industry.siemens.com/cs/document/109740193>
<https://support.industry.siemens.com/cs/document/109746210>
--------- End Update B Part 2 of 2 --------
Siemens is preparing further updates and recommends the following mitigations until patches are available:
Siemens recommends users configure the operational environment according to Siemensβ Operational Guidelines for Industrial Security:
<https://www.siemens.com/cert/operational-guidelines-industrial-security>
For more information on the vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-346262 at the following location:
<http://www.siemens.com/cert/advisories>
NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Additional mitigation guidance and recommended practices are publicly available in the ICSβCERT Technical Information Paper, ICS-TIP-12-146-01BβTargeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.
No known public exploits specifically target this vulnerability.
Specially crafted packets sent to Port 161/UDP could cause a denial-of-service condition. The affected devices must be restarted manually.
CVE-2017-12741 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
George Lashenko of CyberX reported the vulnerability to Siemens.
**Critical Infrastructure Sectors:**Commercial Facilities, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Germany
ics-cert.us-cert.gov
ics-cert.us-cert.gov
twitter.com/icscert
twitter.com/icscert
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12741
www.addthis.com/bookmark.php?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-17-339-01B
www.dhs.gov
www.dhs.gov/report-cyber-risks
www.siemens.com/cert/advisories
www.us-cert.gov/accessibility/
www.us-cert.gov/pdf/
www.us-cert.gov/privacy/
www.us-cert.gov/tlp/
www.us-cert.gov/tlp/
cwe.mitre.org/data/definitions/20.html
ics-cert.us-cert.gov/
ics-cert.us-cert.gov/content/recommended-practices
ics-cert.us-cert.gov/Report-Incident?
ics-cert.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B
support.industry.siemens.com/cs/cn/en/view/109749409
support.industry.siemens.com/cs/de/en/view/109474874
support.industry.siemens.com/cs/document/109474320
support.industry.siemens.com/cs/document/109740193
support.industry.siemens.com/cs/document/109746210
support.industry.siemens.com/cs/us/en/ps/13717/dl
support.industry.siemens.com/cs/us/en/view/109478528
support.industry.siemens.com/cs/ww/en/view/109474550
support.industry.siemens.com/cs/ww/en/view/109750012
support.industry.siemens.com/cs/ww/en/view/109750507
support.industry.siemens.com/cs/ww/en/view/31045047
support.industry.siemens.com/cs/ww/en/view/31045047
support.industry.siemens.com/cs/ww/en/view/31263919
twitter.com/share?url=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-17-339-01B
www.facebook.com/sharer.php?u=https%3A%2F%2Fics-cert.us-cert.gov%2Fadvisories%2FICSA-17-339-01B
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
www.siemens.com/cert/operational-guidelines-industrial-security
www.us-cert.gov/forms/feedback?helpful=no&document=ICSA-17-339-01B Siemens Industrial Products (Update B)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-17-339-01B&site_name=ICS-CERT
www.us-cert.gov/forms/feedback?helpful=somewhat&document=ICSA-17-339-01B Siemens Industrial Products (Update B)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-17-339-01B&site_name=ICS-CERT
www.us-cert.gov/forms/feedback?helpful=yes&document=ICSA-17-339-01B Siemens Industrial Products (Update B)&trackingNumber=&url=https://ics-cert.us-cert.gov/advisories/ICSA-17-339-01B&site_name=ICS-CERT
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.003 Low
EPSS
Percentile
68.0%