6.5
MEDIUM
CVE-2017-2680
Siemens PROFIBUS/PROFINET Denial of Service
Description

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

INFO

Published Date :

May 11, 2017, 1:29 a.m.

Last Modified :

Nov. 21, 2024, 3:23 a.m.

Remotely Exploitable :

No

Impact Score :

3.6

Exploitability Score :

2.8
Affected Products

The following products are affected by CVE-2017-2680 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Siemens simatic_s7-1500_software_controller_firmware
2 Siemens scalance_m-800_firmware
3 Siemens scalance_s615_firmware
4 Siemens scalance_x408_firmware
5 Siemens scalance_x300_firmware
6 Siemens scalance_x414_firmware
7 Siemens simatic_et_200sp_firmware
8 Siemens simatic_s7-1500_firmware
9 Siemens scalance_x200_firmware
10 Siemens simatic_cp_1243-1_firmware
11 Siemens simatic_cp_1243-1_dnp3_firmware
12 Siemens simatic_cp_1243-1_iec_firmware
13 Siemens simatic_cp_1243-7_lte_us_firmware
14 Siemens simatic_cp_1243-8_irc_firmware
15 Siemens simatic_cp_1542sp-1_firmware
16 Siemens simatic_cp_1542sp-1_irc_firmware
17 Siemens simatic_cp_1543sp-1_firmware
18 Siemens simatic_cp_1543-1_firmware
19 Siemens sinumerik_828d_firmware
20 Siemens simatic_cp_1243-7_lte\/us_firmware
21 Siemens simatic_cp_1626_firmware
22 Siemens simatic_tdc_cp51m1_firmware
23 Siemens simatic_s7-300_firmware
24 Siemens simatic_winac_rtx_2010_firmware
25 Siemens simatic_s7-400_firmware
26 Siemens simatic_s7-1200_firmware
27 Siemens simatic_winac_rtx_f_2010_firmware
28 Siemens simatic_et_200al_firmware
29 Siemens simatic_et_200ecopn_firmware
30 Siemens simatic_et_200m_firmware
31 Siemens simatic_et_200mp_firmware
32 Siemens simatic_et_200pro_firmware
33 Siemens simatic_et_200s_firmware
34 Siemens dk_standard_ethernet_controller_firmware
35 Siemens sinamics_dcm_firmware
36 Siemens sinamics_dcp_firmware
37 Siemens sinamics_g130_firmware
38 Siemens sinamics_g150_firmware
39 Siemens sinamics_s120_firmware
40 Siemens sinumerik_840d_sl_firmware
41 Siemens simocode_pro_v_profinet_firmware
42 Siemens sinamics_sl150_firmware
43 Siemens scalance_w700_firmware
44 Siemens scalance_xm400_firmware
45 Siemens scalance_xr500_firmware
46 Siemens simatic_cp_343-1_lean_firmware
47 Siemens simatic_cp_1616_firmware
48 Siemens simatic_cp_1604_firmware
49 Siemens simatic_cp_443-1_opc_ua_firmware
50 Siemens simatic_tdc_cpu555_firmware
51 Siemens sinamics_g130
52 Siemens sinamics_g150
53 Siemens sinamics_s120
54 Siemens sinamics_s150
55 Siemens simatic_cp_343-1_std_firmware
56 Siemens simatic_cp_343-1_adv_firmware
57 Siemens simatic_cp_443-1_std_firmware
58 Siemens simatic_cp_443-1_adv_firmware
59 Siemens simatic_cp_443-1_opc-ua_firmware
60 Siemens simatic_cm_1542-1_firmware
61 Siemens simatic_rf650r_firmware
62 Siemens simatic_rf680r_firmware
63 Siemens simatic_rf685r_firmware
64 Siemens simatic_dk-1616_pn_io_firmware
65 Siemens scalance_x200_irt_firmware
66 Siemens softnet_profinet_io_firmware
67 Siemens ie\/pb-link_firmware
68 Siemens ie\/as-i_link_pn_io_firmware
69 Siemens simatic_teleservice_adapter_ie_standard_firmware
70 Siemens simatic_teleservice_adapter_ie_basic_firmware
71 Siemens simatic_teleservice_adapter_ie_advanced_firmware
72 Siemens sitop_psu8600_firmware
73 Siemens ups1600_profinet_firmware
74 Siemens pn\/pn_coupler_firmware
75 Siemens ek-ertec_200p_pn_io_firmware
76 Siemens ek-ertec_200_pn_io_firmware
77 Siemens simatic_s7-200_smart_firmware
78 Siemens simatic_winac_rtx_firmware
79 Siemens sirius_act_3su1_firmware
80 Siemens sirius_soft_starter_3rw44_pn_firmware
81 Siemens sirius_motor_starter_m200d_profinet_firmware
82 Siemens sinamics_g110m_firmware
83 Siemens sinamics_g120\(c\/p\/d\)_w._pn_firmware
84 Siemens sinamics__s110_pn_firmware
85 Siemens sinamics_s150_firmware
86 Siemens sinamics_v90_pn_firmware
87 Siemens simotion_firmware
88 Siemens simatic_hmi_comfort_panels
89 Siemens simatic_hmi_multi_panels
90 Siemens simatic_hmi_mobile_panels
91 Siemens simatic_cp_1243-1_irc_firmware
92 Siemens simatic_dk-1604_pn_io_firmware
93 Siemens sinamics_gh150_firmware
94 Siemens sinamics_gl150_firmware
95 Siemens sinamics_gm150_firmware
96 Siemens sinamics_sm120_firmware
97 Siemens extension_unit_12_profinet_firmware
98 Siemens extension_unit_15_profinet_firmware
99 Siemens extension_unit_19_profinet_firmware
100 Siemens extension_unit_22_profinet_firmware
101 Siemens simatic_cp_1242-7_gprs_firmware
102 Siemens simatic_cp_1243-8_firmware
103 Siemens simatic_dk-16xx_pn_io_firmware
104 Siemens simatic_cm_1542sp-1_firmware
105 Siemens simatic_et_200mp_im_155-5_pn_ba_firmware
106 Siemens simatic_et_200mp_im_155-5_pn_hf_firmware
107 Siemens simatic_et_200mp_im_155-5_pn_st_firmware
108 Siemens simatic_et_200sp_im_155-6_pn_ba_firmware
109 Siemens simatic_et_200sp_im_155-6_pn_hf_firmware
110 Siemens simatic_et_200sp_im_155-6_pn_hs_firmware
111 Siemens simatic_et_200sp_im_155-6_pn_st_firmware
112 Siemens scalance_s615
113 Siemens simatic_cp_1543-1
114 Siemens simatic_tdc_cp51m1
115 Siemens simatic_tdc_cpu555
116 Siemens simatic_winac_rtx
117 Siemens scalance_m-800
118 Siemens scalance_w700
119 Siemens scalance_xm400
120 Siemens scalance_xr500
121 Siemens simatic_s7-1200
122 Siemens simatic_cp_1243-1
123 Siemens simatic_cp_1243-1_dnp3
124 Siemens simatic_cp_1243-1_iec
125 Siemens simatic_cp_1542sp-1
126 Siemens simatic_cp_1542sp-1_irc
127 Siemens simatic_cp_1543sp-1
128 Siemens simatic_s7-1500
129 Siemens simatic_cp_343-1_std
130 Siemens simatic_cp_343-1_lean
131 Siemens simatic_cp_343-1_adv
132 Siemens simatic_cp_443-1_std
133 Siemens simatic_cp_443-1_adv
134 Siemens simatic_cp_443-1_opc-ua
135 Siemens simatic_cm_1542-1
136 Siemens simatic_rf650r
137 Siemens simatic_rf680r
138 Siemens simatic_rf685r
139 Siemens simatic_cp_1616
140 Siemens simatic_cp_1604
141 Siemens simatic_dk-1616_pn_io
142 Siemens scalance_x200
143 Siemens scalance_x200_irt
144 Siemens scalance_x300
145 Siemens scalance_x408
146 Siemens scalance_x414
147 Siemens softnet_profinet_io
148 Siemens ie\/pb-link
149 Siemens ie\/as-i_link_pn_io
150 Siemens simatic_teleservice_adapter_ie_standard
151 Siemens simatic_teleservice_adapter_ie_basic
152 Siemens simatic_teleservice_adapter_ie_advanced_modem
153 Siemens sitop_psu8600
154 Siemens ups1600_profinet
155 Siemens simatic_et_200al
156 Siemens simatic_et_200ecopn
157 Siemens simatic_et_200m
158 Siemens simatic_et_200mp
159 Siemens simatic_et_200pro
160 Siemens simatic_et_200s
161 Siemens simatic_et_200sp
162 Siemens pn\/pn_coupler
163 Siemens dk_standard_ethernet_controller
164 Siemens ek-ertec_200p_pn_io
165 Siemens ek-ertec_200_pn_io
166 Siemens simatic_s7-200_smart
167 Siemens simatic_s7-300
168 Siemens simatic_s7-400
169 Siemens simatic_s7-1500_software_controller
170 Siemens sirius_act_3su1
171 Siemens sirius_soft_starter_3rw44_pn
172 Siemens sirius_motor_starter_m200d_profinet
173 Siemens simocode_pro_v_profinet
174 Siemens sinamics_dcm
175 Siemens sinamics_dcp
176 Siemens sinamics_g110m
177 Siemens sinamics_g120\(c\/p\/d\)_w._pn
178 Siemens _s110_pn
179 Siemens sinamics_v90_pn
180 Siemens simotion
181 Siemens sinumerik_828d
182 Siemens sinumerik_840d_sl
183 Siemens simatic_hmi_comfort_panels
184 Siemens simatic_hmi_multi_panels
185 Siemens simatic_hmi_mobile_panels
186 Siemens simatic_cp_1243-1_irc
187 Siemens simatic_dk-1604_pn_io
188 Siemens sinamics_gh150
189 Siemens sinamics_gl150
190 Siemens sinamics_gm150
191 Siemens sinamics_sl150
192 Siemens sinamics_sm120
193 Siemens extension_unit_12_profinet
194 Siemens extension_unit_15_profinet
195 Siemens extension_unit_19_profinet
196 Siemens extension_unit_22_profinet
197 Siemens simatic_cp_1242-7_gprs
198 Siemens simatic_cp_1243-7_lte\/us
199 Siemens simatic_cp_1243-8
200 Siemens simatic_cp_1626
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2017-2680.

URL Resource
http://www.securityfocus.com/bid/98369 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038463 Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/html/ssa-284673.html
https://cert-portal.siemens.com/productcert/html/ssa-293562.html
https://cert-portal.siemens.com/productcert/html/ssa-546832.html
https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02 Third Party Advisory US Government Resource
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf Broken Link
http://www.securityfocus.com/bid/98369 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038463 Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/html/ssa-284673.html
https://cert-portal.siemens.com/productcert/html/ssa-293562.html
https://cert-portal.siemens.com/productcert/html/ssa-546832.html
https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02 Third Party Advisory US Government Resource
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf Broken Link

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2017-2680 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2017-2680 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference http://www.securityfocus.com/bid/98369
    Added Reference http://www.securitytracker.com/id/1038463
    Added Reference https://cert-portal.siemens.com/productcert/html/ssa-284673.html
    Added Reference https://cert-portal.siemens.com/productcert/html/ssa-293562.html
    Added Reference https://cert-portal.siemens.com/productcert/html/ssa-546832.html
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf
    Added Reference https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02
    Added Reference https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf
  • CVE Modified by [email protected]

    Sep. 10, 2024

    Action Type Old Value New Value
    Added CVSS V4.0 Siemens AG CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • CVE Modified by [email protected]

    Jul. 09, 2024

    Action Type Old Value New Value
    Added Reference Siemens AG https://cert-portal.siemens.com/productcert/html/ssa-293562.html [No types assigned]
    Added Reference Siemens AG https://cert-portal.siemens.com/productcert/html/ssa-284673.html [No types assigned]
    Added Reference Siemens AG https://cert-portal.siemens.com/productcert/html/ssa-546832.html [No types assigned]
    Added CVSS V3.1 Siemens AG AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Modified Analysis by [email protected]

    Apr. 12, 2022

    Action Type Old Value New Value
    Removed CWE NIST CWE-20
    Added CWE NIST CWE-400
  • CVE Modified by [email protected]

    Feb. 09, 2022

    Action Type Old Value New Value
    Changed Description Specially crafted PROFINET DCP broadcast packets could cause a Denial-of-Service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
  • CVE Modified by [email protected]

    Mar. 15, 2021

    Action Type Old Value New Value
    Removed CWE Siemens AG CWE-20
    Added CWE Siemens AG CWE-400
  • Modified Analysis by [email protected]

    Sep. 29, 2020

    Action Type Old Value New Value
    Removed CVSS V3 NIST AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Added CVSS V3.1 NIST AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Changed Reference Type http://www.securitytracker.com/id/1038463 No Types Assigned http://www.securitytracker.com/id/1038463 Third Party Advisory, VDB Entry
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf Vendor Advisory
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf Vendor Advisory
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf Vendor Advisory
    Changed Reference Type https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02 No Types Assigned https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02 Third Party Advisory, US Government Resource
    Changed Reference Type https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf No Types Assigned https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf Broken Link
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_std_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_std:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_std_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.1.3 OR cpe:2.3:h:siemens:simatic_cp_343-1_std:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.1.3 OR cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_adv_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_adv:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_adv_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_adv:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_std_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_std:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_std_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.2.17 OR cpe:2.3:h:siemens:simatic_cp_443-1_std:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_adv_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_adv:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_adv_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.2.17 OR cpe:2.3:h:siemens:simatic_cp_443-1_adv:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_opc-ua_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_opc-ua:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_opc-ua_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_opc-ua:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.82 OR cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cm_1542-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cm_1542-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cm_1542-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.0 OR cpe:2.3:h:siemens:simatic_cm_1542-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.15 OR cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.15 OR cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.15 OR cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1 OR cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf650r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf650r:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_rf650r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 OR cpe:2.3:h:siemens:simatic_rf650r:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf680r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf680r:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_rf680r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 OR cpe:2.3:h:siemens:simatic_rf680r:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf685r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf685r:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_rf685r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 OR cpe:2.3:h:siemens:simatic_rf685r:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1616_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1616_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.7 OR cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1604_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1604_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.7 OR cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_dk-16xx_pn_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_dk-16xx_pn_io:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_dk-1616_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.7 OR cpe:2.3:h:siemens:simatic_dk-1616_pn_io:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x200_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.2 OR cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x200_irt_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x200_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.4.0 OR cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.0 OR cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x408_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x408_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.0 OR cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x414_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x414_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.10.2 OR cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm400_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.1 OR cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.1 OR cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.1 OR cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_m-800_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.03 OR cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_s615_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.03 OR cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:softnet_profinet_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:softnet_profinet_io:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:softnet_profinet_io_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 14 *cpe:2.3:o:siemens:softnet_profinet_io_firmware:14:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:softnet_profinet_io:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ie\/pb-link_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ie\/pb-link:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ie\/pb-link_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 OR cpe:2.3:h:siemens:ie\/pb-link:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ie\/as-i_link_pn_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ie\/as-i_link_pn_io:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ie\/as-i_link_pn_io_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ie\/as-i_link_pn_io:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_standard_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_standard_modem:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_standard_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_standard:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic_modem:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced_modem:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced_modem:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sitop_psu8600_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sitop_psu8600_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.2.0 OR cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ups1600_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ups1600_profinet:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ups1600_profinet_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.2.0 OR cpe:2.3:h:siemens:ups1600_profinet:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200al_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200al:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200al_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.2 OR cpe:2.3:h:siemens:simatic_et_200al:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200ecopn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200ecopn:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200ecopn_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200ecopn:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200m_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200m:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200m_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200m:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200mp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200mp:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200mp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.0.1 OR cpe:2.3:h:siemens:simatic_et_200mp:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200pro_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200pro:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200pro_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200pro:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200s_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200s:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200s_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200s:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200sp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200sp:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200sp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.0 OR cpe:2.3:h:siemens:simatic_et_200sp:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:pn\/pn_coupler_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:pn\/pn_coupler:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:pn\/pn_coupler_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.0 OR cpe:2.3:h:siemens:pn\/pn_coupler:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.1.1 OR cpe:2.3:h:siemens:dk_standard_ethernet_controller:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.1 *cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:4.1.1:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:dk_standard_ethernet_controller:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.4.0 OR cpe:2.3:h:siemens:ek-ertec_200p_pn_io:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.4.0 *cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware:4.4.0:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:ek-ertec_200p_pn_io:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.2.1 OR cpe:2.3:h:siemens:ek-ertec_200_pn_io:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.2.1 *cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware:4.2.1:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:ek-ertec_200_pn_io:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-200_smart_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-200_smart:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-200_smart_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.3 OR cpe:2.3:h:siemens:simatic_s7-200_smart:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-400_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.6 OR cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.2.1 OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1 OR cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1500_software_controller_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1500_software_controller:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-1500_software_controller_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1 OR cpe:2.3:h:siemens:simatic_s7-1500_software_controller:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_winac_rtx_2010_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_winac_rtx_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2010 *cpe:2.3:o:siemens:simatic_winac_rtx_firmware:2010:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_winac_rtx:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_act_3su1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_act_3su1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sirius_act_3su1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:siemens:sirius_act_3su1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_soft_starter_3rw44_pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_soft_starter_3rw44_pn:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sirius_soft_starter_3rw44_pn_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_soft_starter_3rw44_pn:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_motor_starter_m200d_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_motor_starter_m200d_profinet:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sirius_motor_starter_m200d_profinet_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_motor_starter_m200d_profinet:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_pro_v_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_pro_v_profinet:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simocode_pro_v_profinet_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.0.0 OR cpe:2.3:h:siemens:simocode_pro_v_profinet:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_dcm_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcm:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_dcm_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.4 *cpe:2.3:o:siemens:sinamics_dcm_firmware:1.4:-:*:*:*:*:*:* *cpe:2.3:o:siemens:sinamics_dcm_firmware:1.4:sp1:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcm:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_dcp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_dcp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.2 *cpe:2.3:o:siemens:sinamics_dcp_firmware:1.2:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g110m_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.7 OR cpe:2.3:h:siemens:sinamics_g110m:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_g110m_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_g110m_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_g110m:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g120\(c\/p\/d\)_w._pn_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.7 OR cpe:2.3:h:siemens:sinamics_g120\(c\/p\/d\)_w._pn:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_g120\(c\/p\/d\)_w._pn_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_g120\(c\/p\/d\)_w._pn_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_g120\(c\/p\/d\)_w._pn:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g130_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.8 OR cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_g130_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_g130_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.8 OR cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_g150_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics__s110_w._pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:_s110_w._pn:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics__s110_pn_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.4 *cpe:2.3:o:siemens:sinamics__s110_pn_firmware:4.4:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:_s110_pn:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_s120_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.8 OR cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_s120_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_s120_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_s150_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.8 OR cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_s150_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_s150_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_v90_w._pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_v90_w._pn:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_v90_pn_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.01 OR cpe:2.3:h:siemens:sinamics_v90_pn:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simotion_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.5 OR cpe:2.3:h:siemens:simotion:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simotion_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.5 *cpe:2.3:o:siemens:simotion_firmware:4.5:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:simotion:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinumerik_828d_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.5 *cpe:2.3:o:siemens:sinumerik_828d_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.7 OR cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinumerik_828d_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.5 *cpe:2.3:o:siemens:sinumerik_828d_firmware:4.5:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.5 *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.7 OR cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.5 *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:4.5:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_comfort_panels:*:*:*:*:*:*:*:* versions up to (including) - OR cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_hmi_comfort_panels:*:*:*:*:*:*:*:* versions up to (excluding) 15.1 OR cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_multi_panels:*:*:*:*:*:*:*:* versions up to (including) - OR cpe:2.3:h:siemens:simatic_hmi_multi_panels:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_hmi_multi_panels:*:*:*:*:*:*:*:* versions up to (excluding) 15.1 OR cpe:2.3:h:siemens:simatic_hmi_multi_panels:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_mobile_panels:*:*:*:*:*:*:*:* versions up to (including) - OR cpe:2.3:h:siemens:simatic_hmi_mobile_panels:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_hmi_mobile_panels:*:*:*:*:*:*:*:* versions up to (excluding) 15.1 OR cpe:2.3:h:siemens:simatic_hmi_mobile_panels:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_irc_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.82 OR cpe:2.3:h:siemens:simatic_cp_1243-1_irc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_iec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1243-1_iec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_dnp3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_dk-1604_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.7 OR cpe:2.3:h:siemens:simatic_dk-1604_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_tdc_cpu555_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.1 OR cpe:2.3:h:siemens:simatic_tdc_cpu555:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_tdc_cp51m1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.8 OR cpe:2.3:h:siemens:simatic_tdc_cp51m1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_gh150_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.8 *cpe:2.3:o:siemens:sinamics_gl150_firmware:4.8:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_gm150_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.8 *cpe:2.3:o:siemens:sinamics_sl150_firmware:4.8:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.8 *cpe:2.3:o:siemens:sinamics_sm120_firmware:4.8:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:extension_unit_12_profinet_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 01.01.01 OR cpe:2.3:h:siemens:extension_unit_12_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:extension_unit_15_profinet_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 01.01.01 OR cpe:2.3:h:siemens:extension_unit_15_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:extension_unit_19_profinet_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 01.01.01 OR cpe:2.3:h:siemens:extension_unit_19_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:extension_unit_22_profinet_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 01.01.01 OR cpe:2.3:h:siemens:extension_unit_22_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.82 OR cpe:2.3:h:siemens:simatic_cp_1242-7_gprs:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-7_lte\/us_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.82 OR cpe:2.3:h:siemens:simatic_cp_1243-7_lte\/us:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-8_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.82 OR cpe:2.3:h:siemens:simatic_cp_1243-8:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1626_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1 OR cpe:2.3:h:siemens:simatic_cp_1626:-:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Jul. 14, 2020

    Action Type Old Value New Value
    Changed Description SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions before V5.4.0), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V04.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), SIMATIC PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-400 PN/DP V7 incl. F (All versions), SIMATIC S7-CPU 410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. Specially crafted PROFINET DCP broadcast packets could cause a Denial-of-Service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 09, 2019

    Action Type Old Value New Value
    Added CWE Siemens AG CWE-20
  • CVE Modified by [email protected]

    May. 11, 2018

    Action Type Old Value New Value
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf [No Types Assigned]
  • CVE Modified by [email protected]

    Mar. 07, 2018

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions < V3.2.17), SIMATIC CP 443-1 Adv (All versions < V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions < V2.1.82), SIMATIC CP 1243-1 IRC (All versions < V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions < V2.0), SIMATIC CM 1542SP-1 (All versions < V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions < V1.0.15), SIMATIC CP 1543SP-1 (All versions < V1.0.15), SIMATIC CP 1543-1 (All versions < V2.1), SIMATIC RF650R (All versions < V3.0), SIMATIC RF680R (All versions < V3.0), SIMATIC RF685R (All versions < V3.0), SIMATIC CP 1616 (All versions < V2.7), SIMATIC CP 1604 (All versions < V2.7), SIMATIC DK-16xx PN IO (All versions < V2.7), SCALANCE X-200 (All versions < V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions < V4.1.0), SCALANCE X414 (All versions < V3.10.2), SCALANCE XM400 (All versions < V6.1), SCALANCE XR500 (All versions < V6.1), SCALANCE W700 (All versions < V6.1), SCALANCE M-800, S615 (All versions < V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions < V14 SP1), IE/PB-Link (All versions < V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions < V1.2.0), SITOP UPS1600 PROFINET (All versions < V2.2.0), SIMATIC ET 200AL (All versions < V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions < V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions < V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions < V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions < V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions < V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions < V2.3), SIMATIC S7-300 incl. F and T (All versions < V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions < V6.0.6), SIMATIC S7-400-H V6 (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions < V7.0.2), SIMATIC S7-410 (All versions < V8.2), SIMATIC S7-1200 incl. F (All versions < V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions < V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions < V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions < V2.0.0), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions < V1.2 HF 1), SINAMICS G110M w. PN (All versions < V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions < V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions < V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF27), and others. Specially crafted PROFINET DCP broadcast packets could cause a Denial-of-Service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions before V5.4.0), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V04.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), SIMATIC PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-400 PN/DP V7 incl. F (All versions), SIMATIC S7-CPU 410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet.
    Removed Reference https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf [Mitigation, Patch, Vendor Advisory]
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf [No Types Assigned]
  • CVE Modified by [email protected]

    Mar. 01, 2018

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in SIMATIC CP 343-1 Std, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Adv, SIMATIC CP 443-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 1243-1, SIMATIC CP 1243-1 IRC, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 DNP3, SIMATIC CM 1542-1, SIMATIC CM 1542SP-1, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543SP-1, SIMATIC CP 1543-1, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC CP 1616, SIMATIC CP 1604, SIMATIC DK-16xx PN IO, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SCALANCE W700, SCALANCE M-800, S615, Softnet PROFINET IO for PC-based Windows systems, IE/PB-Link, IE/AS-i Link PN IO, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, SIMATIC ET 200AL, SIMATIC ET 200ecoPN, SIMATIC ET 200M, SIMATIC ET 200MP IM155-5 PN BA, SIMATIC ET 200MP IM155-5 PN ST, SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST), SIMATIC ET 200pro, SIMATIC ET 200S, SIMATIC ET 200SP IM155-6 PN ST, SIMATIC ET 200SP (except IM155-6 PN ST), SIMATIC PN/PN Coupler, Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200P, Development/Evaluation Kit EK-ERTEC 200, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-410, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-1500 Software Controller incl. F, SIMATIC WinAC RTX 2010 incl. F, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Soft Starter 3RW44 PN, SIRIUS Motor Starter M200D PROFINET, SIMOCODE pro V PROFINET, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SIMOTION, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels. Specially crafted PROFINET DCP broadcast packets could cause a Denial-of-Service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions < V3.2.17), SIMATIC CP 443-1 Adv (All versions < V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions < V2.1.82), SIMATIC CP 1243-1 IRC (All versions < V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions < V2.0), SIMATIC CM 1542SP-1 (All versions < V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions < V1.0.15), SIMATIC CP 1543SP-1 (All versions < V1.0.15), SIMATIC CP 1543-1 (All versions < V2.1), SIMATIC RF650R (All versions < V3.0), SIMATIC RF680R (All versions < V3.0), SIMATIC RF685R (All versions < V3.0), SIMATIC CP 1616 (All versions < V2.7), SIMATIC CP 1604 (All versions < V2.7), SIMATIC DK-16xx PN IO (All versions < V2.7), SCALANCE X-200 (All versions < V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions < V4.1.0), SCALANCE X414 (All versions < V3.10.2), SCALANCE XM400 (All versions < V6.1), SCALANCE XR500 (All versions < V6.1), SCALANCE W700 (All versions < V6.1), SCALANCE M-800, S615 (All versions < V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions < V14 SP1), IE/PB-Link (All versions < V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions < V1.2.0), SITOP UPS1600 PROFINET (All versions < V2.2.0), SIMATIC ET 200AL (All versions < V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions < V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions < V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions < V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions < V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions < V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions < V2.3), SIMATIC S7-300 incl. F and T (All versions < V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions < V6.0.6), SIMATIC S7-400-H V6 (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions < V7.0.2), SIMATIC S7-410 (All versions < V8.2), SIMATIC S7-1200 incl. F (All versions < V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions < V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions < V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions < V2.0.0), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions < V1.2 HF 1), SINAMICS G110M w. PN (All versions < V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions < V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions < V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF27), and others. Specially crafted PROFINET DCP broadcast packets could cause a Denial-of-Service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
  • CVE Modified by [email protected]

    Feb. 24, 2018

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200 PN IO, Development/Evaluation Kit EK-ERTEC 200P PN IO, IE/AS-i Link PN IO, IE/PB-Link, SCALANCE M-800, S615, SCALANCE W700, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SIMATIC WinAC RTX 2010 incl. F, SIMATIC CM 1542-1, SIMATIC CM 1542SP-1, SIMATIC CP 1243-1, SIMATIC CP 1243-1 DNP3, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 IRC, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543-1, SIMATIC CP 1543SP-1, SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 343-1 Adv, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 443-1 Std, SIMATIC DK-16xx PN IO, SIMATIC ET 200AL, SIMATIC ET 200M, SIMATIC ET 200MP, SIMATIC ET 200S, SIMATIC ET 200SP, SIMATIC ET 200ecoPN, SIMATIC ET 200pro, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 Software Controller incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-410, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SIMOCODE pro V PROFINET, SIMOTION, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Motor Starter M200D PROFINET, SIRIUS Soft Starter 3RW44 PN, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, Softnet PROFINET IO for PC-based Windows systems. Specially crafted PROFINET DCP broadcast packets could cause a Denial-of-Service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. A vulnerability has been identified in SIMATIC CP 343-1 Std, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Adv, SIMATIC CP 443-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 1243-1, SIMATIC CP 1243-1 IRC, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 DNP3, SIMATIC CM 1542-1, SIMATIC CM 1542SP-1, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543SP-1, SIMATIC CP 1543-1, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC CP 1616, SIMATIC CP 1604, SIMATIC DK-16xx PN IO, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SCALANCE W700, SCALANCE M-800, S615, Softnet PROFINET IO for PC-based Windows systems, IE/PB-Link, IE/AS-i Link PN IO, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, SIMATIC ET 200AL, SIMATIC ET 200ecoPN, SIMATIC ET 200M, SIMATIC ET 200MP IM155-5 PN BA, SIMATIC ET 200MP IM155-5 PN ST, SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST), SIMATIC ET 200pro, SIMATIC ET 200S, SIMATIC ET 200SP IM155-6 PN ST, SIMATIC ET 200SP (except IM155-6 PN ST), SIMATIC PN/PN Coupler, Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200P, Development/Evaluation Kit EK-ERTEC 200, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-410, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-1500 Software Controller incl. F, SIMATIC WinAC RTX 2010 incl. F, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Soft Starter 3RW44 PN, SIRIUS Motor Starter M200D PROFINET, SIMOCODE pro V PROFINET, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SIMOTION, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels. Specially crafted PROFINET DCP broadcast packets could cause a Denial-of-Service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
  • CVE Modified by [email protected]

    Jan. 26, 2018

    Action Type Old Value New Value
    Added Reference https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02 [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 25, 2018

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Extension Unit 12" PROFINET, Extension Unit 15" PROFINET, Extension Unit 19" PROFINET, Extension Unit 22" PROFINET, SIMATIC CP 1242-7 GPRS V2, SIMATIC CP 1243-7 LTE/US, SIMATIC CP 1243-8, SIMATIC CP 1626, Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200 PN IO, Development/Evaluation Kit EK-ERTEC 200P PN IO, IE/AS-i Link PN IO, IE/PB-Link, SCALANCE M-800, S615, SCALANCE W700, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SIMATIC WinAC RTX 2010 incl. F, SIMATIC CP 1243-1, SIMATIC CP 1243-1 DNP3, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 IRC, SIMATIC CP 1542-1, SIMATIC CP 1542SP-1, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543-1, SIMATIC CP 1543SP-1, SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 343-1 Adv, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 443-1 Std, SIMATIC DK-16xx PN IO, SIMATIC ET 200AL, SIMATIC ET 200M, SIMATIC ET 200MP, SIMATIC ET 200S, SIMATIC ET 200SP, SIMATIC ET 200ecoPN, SIMATIC ET 200pro, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 Software Controller incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-410, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SIMOCODE pro V PROFINET, SIMOTION, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Motor Starter M200D PROFINET, SIRIUS Soft Starter 3RW44 PN, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, Softnet PROFINET IO for PC-based Windows systems. Specially crafted PROFINET DCP broadcast packets could cause a Denial-of-Service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. A vulnerability has been identified in Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200 PN IO, Development/Evaluation Kit EK-ERTEC 200P PN IO, IE/AS-i Link PN IO, IE/PB-Link, SCALANCE M-800, S615, SCALANCE W700, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SIMATIC WinAC RTX 2010 incl. F, SIMATIC CM 1542-1, SIMATIC CM 1542SP-1, SIMATIC CP 1243-1, SIMATIC CP 1243-1 DNP3, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 IRC, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543-1, SIMATIC CP 1543SP-1, SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 343-1 Adv, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 443-1 Std, SIMATIC DK-16xx PN IO, SIMATIC ET 200AL, SIMATIC ET 200M, SIMATIC ET 200MP, SIMATIC ET 200S, SIMATIC ET 200SP, SIMATIC ET 200ecoPN, SIMATIC ET 200pro, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 Software Controller incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-410, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SIMOCODE pro V PROFINET, SIMOTION, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Motor Starter M200D PROFINET, SIRIUS Soft Starter 3RW44 PN, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, Softnet PROFINET IO for PC-based Windows systems. Specially crafted PROFINET DCP broadcast packets could cause a Denial-of-Service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
  • CVE Modified by [email protected]

    Jan. 19, 2018

    Action Type Old Value New Value
    Changed Description Siemens SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), S7-400-H V6 (All versions before V6.0.7), S7-400 PN/DP V7 Incl. F (All versions), S7-410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (V4.7 before HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP3 HF5), SINAMICS S120 (V4.7 before HF27 and V4.8 before HF4), SINAMICS S150 (V4.7 before HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), and SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. A vulnerability has been identified in Extension Unit 12" PROFINET, Extension Unit 15" PROFINET, Extension Unit 19" PROFINET, Extension Unit 22" PROFINET, SIMATIC CP 1242-7 GPRS V2, SIMATIC CP 1243-7 LTE/US, SIMATIC CP 1243-8, SIMATIC CP 1626, Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200 PN IO, Development/Evaluation Kit EK-ERTEC 200P PN IO, IE/AS-i Link PN IO, IE/PB-Link, SCALANCE M-800, S615, SCALANCE W700, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SIMATIC WinAC RTX 2010 incl. F, SIMATIC CP 1243-1, SIMATIC CP 1243-1 DNP3, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 IRC, SIMATIC CP 1542-1, SIMATIC CP 1542SP-1, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543-1, SIMATIC CP 1543SP-1, SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 343-1 Adv, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 443-1 Std, SIMATIC DK-16xx PN IO, SIMATIC ET 200AL, SIMATIC ET 200M, SIMATIC ET 200MP, SIMATIC ET 200S, SIMATIC ET 200SP, SIMATIC ET 200ecoPN, SIMATIC ET 200pro, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 Software Controller incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-410, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SIMOCODE pro V PROFINET, SIMOTION, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Motor Starter M200D PROFINET, SIRIUS Soft Starter 3RW44 PN, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, Softnet PROFINET IO for PC-based Windows systems. Specially crafted PROFINET DCP broadcast packets could cause a Denial-of-Service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.
    Added Reference https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf [No Types Assigned]
  • CVE Modified by [email protected]

    Dec. 30, 2017

    Action Type Old Value New Value
    Changed Description Siemens SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X200 (All versions), SCALANCE X200 IRT (All versions), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions), Softnet PROFINET IO for PC-based Windows systems (All versions), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), PN/PN Coupler (All versions), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 incl. F (All versions before V8.2), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. Siemens SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), S7-400-H V6 (All versions before V6.0.7), S7-400 PN/DP V7 Incl. F (All versions), S7-410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (V4.7 before HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP3 HF5), SINAMICS S120 (V4.7 before HF27 and V4.8 before HF4), SINAMICS S150 (V4.7 before HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), and SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet.
  • CVE Modified by [email protected]

    Aug. 17, 2017

    Action Type Old Value New Value
    Changed Description Siemens SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X200 (All versions), SCALANCE X200 IRT (All versions), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions), Softnet PROFINET IO for PC-based Windows systems (All versions), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions), PN/PN Coupler (All versions), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 incl. F and H (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.8 HF4), SINAMICS S110 w. PN (All versions), SINAMICS S120 (All versions before V4.8 HF4), SINAMICS S150 (All versions before V4.8 HF4), SINAMICS V90 w. PN (All versions), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (V4.7 before SP6 HF8 and before V4.5), SINUMERIK 840D sl (V4.7 before SP6 HF8 and before V4.5), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. Siemens SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X200 (All versions), SCALANCE X200 IRT (All versions), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions), Softnet PROFINET IO for PC-based Windows systems (All versions), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), PN/PN Coupler (All versions), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 incl. F (All versions before V8.2), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet.
  • CVE Modified by [email protected]

    Jul. 08, 2017

    Action Type Old Value New Value
    Added Reference http://www.securitytracker.com/id/1038463 [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 17, 2017

    Action Type Old Value New Value
    Changed Description Siemens SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X200 (All versions), SCALANCE X200 IRT (All versions), SCALANCE X300, X408, X414 (All versions), SCALANCE XM400, XR500 (All versions), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions), Softnet PROFINET IO for PC-based Windows systems (All versions), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 / UPS1600 PROFINET (All versions), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions), PN/PN Coupler (All versions), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 incl. F and H (All versions), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.8 HF4), SINAMICS S110 w. PN (All versions), SINAMICS S120 (All versions before V4.8 HF4), SINAMICS S150 (All versions before V4.8 HF4), SINAMICS V90 w. PN (All versions), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (V4.7 before SP6 HF8 and before V4.5), SINUMERIK 840D sl (V4.7 before SP6 HF8 and before V4.5), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. Siemens SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X200 (All versions), SCALANCE X200 IRT (All versions), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions), Softnet PROFINET IO for PC-based Windows systems (All versions), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions), PN/PN Coupler (All versions), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 incl. F and H (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.8 HF4), SINAMICS S110 w. PN (All versions), SINAMICS S120 (All versions before V4.8 HF4), SINAMICS S150 (All versions before V4.8 HF4), SINAMICS V90 w. PN (All versions), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (V4.7 before SP6 HF8 and before V4.5), SINUMERIK 840D sl (V4.7 before SP6 HF8 and before V4.5), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet.
  • Initial Analysis by [email protected]

    May. 23, 2017

    Action Type Old Value New Value
    Added CVSS V2 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
    Added CVSS V3 AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Changed Reference Type https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf No Types Assigned https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf Mitigation, Patch, Vendor Advisory
    Changed Reference Type http://www.securityfocus.com/bid/98369 No Types Assigned http://www.securityfocus.com/bid/98369 Third Party Advisory, VDB Entry
    Added CWE CWE-20
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_std_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_std:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_adv_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_adv:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_std_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_std:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_adv_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_adv:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_opc-ua_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_opc-ua:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cm_1542-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cm_1542-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf650r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf650r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf680r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf680r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf685r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf685r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1616_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1604_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_dk-16xx_pn_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_dk-16xx_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x200_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x200_irt_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x408_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x414_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm400_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_m-800_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_s615_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:softnet_profinet_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:softnet_profinet_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ie\/pb-link_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ie\/pb-link:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ie\/as-i_link_pn_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ie\/as-i_link_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_standard_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_standard_modem:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic_modem:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced_modem:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sitop_psu8600_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ups1600_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ups1600_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200al_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200al:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200ecopn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200ecopn:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200m_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200mp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200mp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200pro_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200s_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200sp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200sp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:pn\/pn_coupler_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:pn\/pn_coupler:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:4.1.1:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:dk_standard_ethernet_controller:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware:4.4.0:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:ek-ertec_200p_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware:4.2.1:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:ek-ertec_200_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-200_smart_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-200_smart:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-400_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1500_software_controller_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1500_software_controller:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_winac_rtx_2010_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_act_3su1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_act_3su1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_soft_starter_3rw44_pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_soft_starter_3rw44_pn:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_motor_starter_m200d_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_motor_starter_m200d_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_pro_v_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_pro_v_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_dcm_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcm:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_dcp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g110m_firmware:4.7:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_g110m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g120\(c\/p\/d\)_w._pn_firmware:4.7:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_g120\(c\/p\/d\)_w._pn:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g130_firmware:4.8:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g150_firmware:4.8:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics__s110_w._pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:_s110_w._pn:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_s120_firmware:4.8:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_s150_firmware:4.8:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_v90_w._pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_v90_w._pn:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simotion_firmware:4.5:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:simotion:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinumerik_828d_firmware:4.5:*:*:*:*:*:*:* (and previous) *cpe:2.3:o:siemens:sinumerik_828d_firmware:4.7:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:4.5:*:*:*:*:*:*:* (and previous) *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:4.7:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_multi_panels:-:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:simatic_hmi_multi_panels:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_mobile_panels:-:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:simatic_hmi_mobile_panels:-:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    May. 12, 2017

    Action Type Old Value New Value
    Added Reference http://www.securityfocus.com/bid/98369 [No Types Assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2017-2680 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2017-2680 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.25 }} -0.02%

score

0.64060

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability