CVE-2017-12069

Severity Score

8.2

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.

Se ha identificado una vulnerabilidad XXE en OPC Foundation UA .NET Sample Code antes del 21-03-2017 y Local Discovery Server (LDS) antes de la versión 1.03.367. Los siguientes productos se han visto afectados por esta vulnerabilidad, entre otros: Siemens SIMATIC PCS7 (todas las versiones V8.1 y anteriores), SIMATIC WinCC (todas las versiones anteriores a V7.4 SP1), SIMATIC WinCC Runtime Professional (todas las versiones anteriores a V14 SP1), SIMATIC NET PC Software y SIMATIC IT Production Suite. Un atacante podría hacer que el sistema acceda a varios recursos escogidos por el atacante mediante el envío de paquetes especialmente manipulados a OPC Discovery Server en el puerto 4840/tcp.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-07-31 CVE Reserved
2017-08-30 CVE Published
2023-06-15 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-611: Improper Restriction of XML External Entity Reference

CAPEC

References (4)

URL	Tag	Source
http://www.securityfocus.com/bid/100559	Third Party Advisory
http://www.securitytracker.com/id/1039510	Vdb Entry

URL	Date	SRC

URL	Date	SRC
https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf	2017-10-06

URL	Date	SRC
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf	2017-10-06

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"		Simatic Pcs7 Search vendor "Siemens" for product "Simatic Pcs7"				<= 8.1 Search vendor "Siemens" for product "Simatic Pcs7" and version " <= 8.1"		-		Affected
Siemens Search vendor "Siemens"		Wincc Search vendor "Siemens" for product "Wincc"				<= 7.4 Search vendor "Siemens" for product "Wincc" and version " <= 7.4"		-		Affected
Ocpfoundation Search vendor "Ocpfoundation"		Local Discovery Server Search vendor "Ocpfoundation" for product "Local Discovery Server"				<= 1.01.333.0 Search vendor "Ocpfoundation" for product "Local Discovery Server" and version " <= 1.01.333.0"		-		Affected
Ocpfoundation Search vendor "Ocpfoundation"		Ua .net Search vendor "Ocpfoundation" for product "Ua .net"				<= 2017-03-21 Search vendor "Ocpfoundation" for product "Ua .net" and version " <= 2017-03-21"		-		Affected