CVE-2017-12741

Severity Score

8.7

*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.

Se ha identificado una vulnerabilidad en Development/Evaluation Kits para PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits para PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits para PROFINET IO: EK-ERTEC 200P, SIMATIC Compact Field Unit, SIMATIC ET200AL, SIMATIC ET200M (incluidas las variantes SIPLUS), SIMATIC ET200MP IM155-5 PN BA (incluidas las variantes SIPLUS), SIMATIC ET200MP IM155-5 PN HF (incluidas las variantes SIPLUS), SIMATIC ET200MP IM155-5 PN ST (incluidas las variantes SIPLUS), SIMATIC ET200S (incluidas las variantes SIPLUS), SIMATIC ET200SP IM155-6 PN BA (incluidas las variantes SIPLUS), SIMATIC ET200SP IM155-6 PN HA (incluidas las variantes SIPLUS), SIMATIC ET200SP IM155-6 PN HF (incluidas las variantes SIPLUS), SIMATIC ET200SP IM155-6 PN HS (incluidas las variantes SIPLUS), SIMATIC ET200SP IM155-6 PN ST (incluidas las variantes SIPLUS), SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200pro, SIMATIC PN/PN Coupler (incluidas las variantes SIPLUS NET), familia SIMATIC S7-1200 CPU (incluidas las variantes SIPLUS), familia SIMATIC S7-1500 CPU (incluyendo las variantes relacionadas ET200 CPUs y SIPLUS), SIMATIC S7-1500 Software Controller, SIMATIC S7-200 SMART, familia SIMATIC S7-300 CPU (incluyendo las variantes relacionadas ET200 CPUs y SIPLUS), SIMATIC S7-400 H V6 CPU familia y posteriores (incluidas las variantes SIPLUS), SIMATIC S7-400 PN/DP V6 CPU familia y posteriores (incluidas las variantes SIPLUS), familia SIMATIC S7-400 PN/DP V7 CPU (incluidas las variantes SIPLUS), familia SIMATIC S7-410 V8 CPU (incluidas las variantes SIPLUS), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX (F) 2010, SIMOCODE pro V EIP (incluidas las variantes SIPLUS), SIMOCODE pro V PN (incluidas las variantes SIPLUS), SIMOTION C, SIMOTION D (incluidas las variantes SIPLUS), SIMOTION D4xx V4.4 para SINAMICS SM150i-2 w. PROFINET (incluidas las variantes SIPLUS), SIMOTION P V4.4 and V4.5, SIMOTION P V5, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN (incluidas las variantes SIPLUS), SINAMICS G130 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS GH150 V4.7 w. PROFINET, SINAMICS GL150 V4.7 w. PROFINET, SINAMICS GM150 V4.7 w. PROFINET, SINAMICS S110 w. PN, SINAMICS S120 V4.7 SP1 w. PN (incluidas las variantes SIPLUS), SINAMICS S120 V4.7 w. PN (incluidas las variantes SIPLUS), SINAMICS S120 V4.8 w. PN (incluidas las variantes SIPLUS), SINAMICS S120 prior to V4.7 w. PN (incluidas las variantes SIPLUS), SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS SL150 V4.7.0 w. PROFINET, SINAMICS SL150 V4.7.4 w. PROFINET, SINAMICS SL150 V4.7.5 w. PROFINET, SINAMICS SM120 V4.7 w. PROFINET, SINAMICS V90 w. PN, SINUMERIK 840D sl, SIRIUS Soft Starter 3RW44 PN. Los paquetes especialmente creados enviados al puerto 161/UDP podrían generar una condición de denegación de servicio. Los dispositivos afectados deben reiniciarse manualmente

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

None

System

Vulnerable | Subsequent

Confidentiality

None

Integrity

None

Availability

High

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-08-09 CVE Reserved
2017-12-26 CVE Published
2024-07-10 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (7)

URL	Tag	Source
https://cert-portal.siemens.com/productcert/html/ssa-141614.html
https://cert-portal.siemens.com/productcert/html/ssa-346262.html
https://cert-portal.siemens.com/productcert/html/ssa-546832.html
https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf	X_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf	X_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf	X_refsource_confirm
https://www.securityfocus.com/bid/101964	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"	Simatic S7-200 Firmware Search vendor "Siemens" for product "Simatic S7-200 Firmware"	< 2.03.01 Search vendor "Siemens" for product "Simatic S7-200 Firmware" and version " < 2.03.01"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-200 Search vendor "Siemens" for product "Simatic S7-200"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic S7-400pn V6 Firmware Search vendor "Siemens" for product "Simatic S7-400pn V6 Firmware"	< 6.0.6 Search vendor "Siemens" for product "Simatic S7-400pn V6 Firmware" and version " < 6.0.6"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-400pn V6 Search vendor "Siemens" for product "Simatic S7-400pn V6"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic S7-400h V6 Firmware Search vendor "Siemens" for product "Simatic S7-400h V6 Firmware"	< 6.0.8 Search vendor "Siemens" for product "Simatic S7-400h V6 Firmware" and version " < 6.0.8"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-400h V6 Search vendor "Siemens" for product "Simatic S7-400h V6"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic S7-400pn\/dp V7 Firmware Search vendor "Siemens" for product "Simatic S7-400pn\/dp V7 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-400pn\/dp V7 Search vendor "Siemens" for product "Simatic S7-400pn\/dp V7"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic S7-410 V8 Firmware Search vendor "Siemens" for product "Simatic S7-410 V8 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-410 V8 Search vendor "Siemens" for product "Simatic S7-410 V8"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic S7-300 Firmware Search vendor "Siemens" for product "Simatic S7-300 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-300 Search vendor "Siemens" for product "Simatic S7-300"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic S7-1200 Firmware Search vendor "Siemens" for product "Simatic S7-1200 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-1200 Search vendor "Siemens" for product "Simatic S7-1200"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic S7-1500 Firmware Search vendor "Siemens" for product "Simatic S7-1500 Firmware"	< 2.0 Search vendor "Siemens" for product "Simatic S7-1500 Firmware" and version " < 2.0"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-1500 Search vendor "Siemens" for product "Simatic S7-1500"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic S7-1500 Controller Firmware Search vendor "Siemens" for product "Simatic S7-1500 Controller Firmware"	2.0 Search vendor "Siemens" for product "Simatic S7-1500 Controller Firmware" and version "2.0"	-	Affected	in	Siemens Search vendor "Siemens"	Simatic S7-1500 Controller Search vendor "Siemens" for product "Simatic S7-1500 Controller"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Winac Rtx F 2010 Firmware Search vendor "Siemens" for product "Simatic Winac Rtx F 2010 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Winac Rtx F 2010 Search vendor "Siemens" for product "Simatic Winac Rtx F 2010"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Et 200al Firmware Search vendor "Siemens" for product "Simatic Et 200al Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Et 200al Search vendor "Siemens" for product "Simatic Et 200al"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Et 200ecopn Firmware Search vendor "Siemens" for product "Simatic Et 200ecopn Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Et 200ecopn Search vendor "Siemens" for product "Simatic Et 200ecopn"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Et 200m Firmware Search vendor "Siemens" for product "Simatic Et 200m Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Et 200m Search vendor "Siemens" for product "Simatic Et 200m"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Et 200mp Firmware Search vendor "Siemens" for product "Simatic Et 200mp Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Et 200mp Search vendor "Siemens" for product "Simatic Et 200mp"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Et 200pro Firmware Search vendor "Siemens" for product "Simatic Et 200pro Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Et 200pro Search vendor "Siemens" for product "Simatic Et 200pro"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Et 200s Firmware Search vendor "Siemens" for product "Simatic Et 200s Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Et 200s Search vendor "Siemens" for product "Simatic Et 200s"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Et 200sp Firmware Search vendor "Siemens" for product "Simatic Et 200sp Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Et 200sp Search vendor "Siemens" for product "Simatic Et 200sp"	-	-	Safe
Siemens Search vendor "Siemens"	Dk Standard Ethernet Controller Firmware Search vendor "Siemens" for product "Dk Standard Ethernet Controller Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Dk Standard Ethernet Controller Search vendor "Siemens" for product "Dk Standard Ethernet Controller"	-	-	Safe
Siemens Search vendor "Siemens"	Ek-ertec 200p Firmware Search vendor "Siemens" for product "Ek-ertec 200p Firmware"	< 4.5 Search vendor "Siemens" for product "Ek-ertec 200p Firmware" and version " < 4.5"	-	Affected	in	Siemens Search vendor "Siemens"	Ek-ertec 200p Search vendor "Siemens" for product "Ek-ertec 200p"	-	-	Safe
Siemens Search vendor "Siemens"	Ek-ertec 200pn Io Firmware Search vendor "Siemens" for product "Ek-ertec 200pn Io Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Ek-ertec 200pn Io Search vendor "Siemens" for product "Ek-ertec 200pn Io"	-	-	Safe
Siemens Search vendor "Siemens"	Simotion D Firmware Search vendor "Siemens" for product "Simotion D Firmware"	<= 5.1 Search vendor "Siemens" for product "Simotion D Firmware" and version " <= 5.1"	-	Affected	in	Siemens Search vendor "Siemens"	Simotion D Search vendor "Siemens" for product "Simotion D"	-	-	Safe
Siemens Search vendor "Siemens"	Simotion C Firmware Search vendor "Siemens" for product "Simotion C Firmware"	<= 5.1 Search vendor "Siemens" for product "Simotion C Firmware" and version " <= 5.1"	-	Affected	in	Siemens Search vendor "Siemens"	Simotion C Search vendor "Siemens" for product "Simotion C"	-	-	Safe
Siemens Search vendor "Siemens"	Simotion P Firmware Search vendor "Siemens" for product "Simotion P Firmware"	<= 5.1 Search vendor "Siemens" for product "Simotion P Firmware" and version " <= 5.1"	-	Affected	in	Siemens Search vendor "Siemens"	Simotion P Search vendor "Siemens" for product "Simotion P"	-	-	Safe
Siemens Search vendor "Siemens"	Sinamics Dcm Firmware Search vendor "Siemens" for product "Sinamics Dcm Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sinamics Dcm Search vendor "Siemens" for product "Sinamics Dcm"	-	-	Safe
Siemens Search vendor "Siemens"	Sinamics Dcp Firmware Search vendor "Siemens" for product "Sinamics Dcp Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sinamics Dcp Search vendor "Siemens" for product "Sinamics Dcp"	-	-	Safe
Siemens Search vendor "Siemens"	Sinamics G110m\/g120pn Firmware Search vendor "Siemens" for product "Sinamics G110m\/g120pn Firmware"	<= 4.7 Search vendor "Siemens" for product "Sinamics G110m\/g120pn Firmware" and version " <= 4.7"	-	Affected	in	Siemens Search vendor "Siemens"	Sinamics G110m\/g120pn Search vendor "Siemens" for product "Sinamics G110m\/g120pn"	-	-	Safe
Siemens Search vendor "Siemens"	Sinamics G130 Firmware Search vendor "Siemens" for product "Sinamics G130 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sinamics G130 Search vendor "Siemens" for product "Sinamics G130"	-	-	Safe
Siemens Search vendor "Siemens"	Sinamics G150 Firmware Search vendor "Siemens" for product "Sinamics G150 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sinamics G150 Search vendor "Siemens" for product "Sinamics G150"	-	-	Safe
Siemens Search vendor "Siemens"	Sinamics S110pn Firmware Search vendor "Siemens" for product "Sinamics S110pn Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sinamics S110pn Search vendor "Siemens" for product "Sinamics S110pn"	-	-	Safe
Siemens Search vendor "Siemens"	Sinamics S120 Firmware Search vendor "Siemens" for product "Sinamics S120 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sinamics S120 Search vendor "Siemens" for product "Sinamics S120"	-	-	Safe
Siemens Search vendor "Siemens"	Sinamics S150 V4.7 Firmware Search vendor "Siemens" for product "Sinamics S150 V4.7 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sinamics S150 V4.7 Search vendor "Siemens" for product "Sinamics S150 V4.7"	-	-	Safe
Siemens Search vendor "Siemens"	Sinamics S150 V4.8 Firmware Search vendor "Siemens" for product "Sinamics S150 V4.8 Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sinamics S150 V4.8 Search vendor "Siemens" for product "Sinamics S150 V4.8"	-	-	Safe
Siemens Search vendor "Siemens"	Sinamics V90pn Firmware Search vendor "Siemens" for product "Sinamics V90pn Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sinamics V90pn Search vendor "Siemens" for product "Sinamics V90pn"	-	-	Safe
Siemens Search vendor "Siemens"	Sinumerik 840d Sl Firmware Search vendor "Siemens" for product "Sinumerik 840d Sl Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sinumerik 840d Sl Search vendor "Siemens" for product "Sinumerik 840d Sl"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Compact Field Unit Firmware Search vendor "Siemens" for product "Simatic Compact Field Unit Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Compact Field Unit Search vendor "Siemens" for product "Simatic Compact Field Unit"	-	-	Safe
Siemens Search vendor "Siemens"	Simatic Pn\/pn Coupler Firmware Search vendor "Siemens" for product "Simatic Pn\/pn Coupler Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simatic Pn\/pn Coupler Search vendor "Siemens" for product "Simatic Pn\/pn Coupler"	-	-	Safe
Siemens Search vendor "Siemens"	Simocode Pro V Profinet Firmware Search vendor "Siemens" for product "Simocode Pro V Profinet Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Simocode Pro V Profinet Search vendor "Siemens" for product "Simocode Pro V Profinet"	-	-	Safe
Siemens Search vendor "Siemens"	Sirius Soft Starter 3rw44pn Firmware Search vendor "Siemens" for product "Sirius Soft Starter 3rw44pn Firmware"	-	-	Affected	in	Siemens Search vendor "Siemens"	Sirius Soft Starter 3rw44pn Search vendor "Siemens" for product "Sirius Soft Starter 3rw44pn"	-	-	Safe