6.5
MEDIUM
CVE-2017-2681
Siemens SIMATIC PROFINET DCP Denial of Service Vulnerability
Description

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.

INFO

Published Date :

May 11, 2017, 10:29 a.m.

Last Modified :

Sept. 10, 2024, 10:15 a.m.

Remotely Exploitable :

No

Impact Score :

3.6

Exploitability Score :

2.8
Affected Products

The following products are affected by CVE-2017-2681 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Siemens simatic_s7-1500_software_controller_firmware
2 Siemens scalance_m-800_firmware
3 Siemens scalance_s615_firmware
4 Siemens scalance_x408_firmware
5 Siemens scalance_x300_firmware
6 Siemens scalance_x414_firmware
7 Siemens simatic_et_200sp_firmware
8 Siemens simatic_s7-1500_firmware
9 Siemens scalance_x200_firmware
10 Siemens simatic_cp_1243-1_firmware
11 Siemens simatic_cp_1243-1_dnp3_firmware
12 Siemens simatic_cp_1243-1_iec_firmware
13 Siemens simatic_cp_1243-8_irc_firmware
14 Siemens simatic_cp_1542sp-1_irc_firmware
15 Siemens simatic_cp_1543sp-1_firmware
16 Siemens simatic_cp_1543-1_firmware
17 Siemens sinumerik_828d_firmware
18 Siemens simatic_s7-1500_software_controller
19 Siemens simatic_tdc_cp51m1_firmware
20 Siemens simatic_s7-300_firmware
21 Siemens simatic_winac_rtx_2010_firmware
22 Siemens simatic_s7-400_firmware
23 Siemens simatic_s7-1200_firmware
24 Siemens simatic_winac_rtx_f_2010_firmware
25 Siemens simatic_et_200al_firmware
26 Siemens simatic_et_200ecopn_firmware
27 Siemens simatic_et_200m_firmware
28 Siemens simatic_et_200mp_firmware
29 Siemens simatic_et_200pro_firmware
30 Siemens simatic_et_200s_firmware
31 Siemens dk_standard_ethernet_controller_firmware
32 Siemens sinamics_dcm_firmware
33 Siemens sinamics_dcp_firmware
34 Siemens sinamics_g130_firmware
35 Siemens sinamics_g150_firmware
36 Siemens sinamics_s120_firmware
37 Siemens sinumerik_840d_sl_firmware
38 Siemens simocode_pro_v_profinet_firmware
39 Siemens scalance_w700_firmware
40 Siemens scalance_xm400_firmware
41 Siemens scalance_xr500_firmware
42 Siemens simatic_cp_343-1_lean_firmware
43 Siemens simatic_cp_1616_firmware
44 Siemens simatic_cp_1604_firmware
45 Siemens simatic_cp_443-1_opc_ua_firmware
46 Siemens simatic_tdc_cpu555_firmware
47 Siemens sinamics_g130
48 Siemens sinamics_g150
49 Siemens sinamics_s120
50 Siemens sinamics_s150
51 Siemens simatic_cp_343-1_std_firmware
52 Siemens simatic_cp_343-1_adv_firmware
53 Siemens simatic_cp_443-1_std_firmware
54 Siemens simatic_cp_443-1_adv_firmware
55 Siemens simatic_cp_443-1_opc-ua_firmware
56 Siemens simatic_cm_1542-1_firmware
57 Siemens simatic_rf650r_firmware
58 Siemens simatic_rf680r_firmware
59 Siemens simatic_rf685r_firmware
60 Siemens scalance_x200_irt_firmware
61 Siemens softnet_profinet_io_firmware
62 Siemens ie\/pb-link_firmware
63 Siemens ie\/as-i_link_pn_io_firmware
64 Siemens simatic_teleservice_adapter_ie_standard_firmware
65 Siemens simatic_teleservice_adapter_ie_basic_firmware
66 Siemens simatic_teleservice_adapter_ie_advanced_firmware
67 Siemens sitop_psu8600_firmware
68 Siemens ups1600_profinet_firmware
69 Siemens pn\/pn_coupler_firmware
70 Siemens ek-ertec_200p_pn_io_firmware
71 Siemens ek-ertec_200_pn_io_firmware
72 Siemens simatic_s7-200_smart_firmware
73 Siemens simatic_winac_rtx_firmware
74 Siemens sirius_act_3su1_firmware
75 Siemens sirius_soft_starter_3rw44_pn_firmware
76 Siemens sirius_motor_starter_m200d_profinet_firmware
77 Siemens sinamics_g110m_firmware
78 Siemens sinamics_s150_firmware
79 Siemens sinamics_v90_pn_firmware
80 Siemens simotion_firmware
81 Siemens simatic_hmi_comfort_panels
82 Siemens simatic_hmi_multi_panels
83 Siemens simatic_hmi_mobile_panels
84 Siemens simatic_cp_1243-1_irc_firmware
85 Siemens simatic_dk-16xx_pn_io_firmware
86 Siemens simatic_teleservice_adapter_standard_modem_firmware
87 Siemens simatic_teleservice_adapter_ie_basic_modem_firmware
88 Siemens simatic_teleservice_adapter_ie_advanced_modem_firmware
89 Siemens sinamics_g120\(c\/p\/d\)_pn_firmware
90 Siemens sinamics_s110_pn_firmware
91 Siemens simatic_cm_1542sp-1_firmware
92 Siemens simatic_et_200mp_im_155-5_pn_ba_firmware
93 Siemens simatic_et_200mp_im_155-5_pn_hf_firmware
94 Siemens simatic_et_200mp_im_155-5_pn_st_firmware
95 Siemens simatic_et_200sp_im_155-6_pn_ba_firmware
96 Siemens simatic_et_200sp_im_155-6_pn_hf_firmware
97 Siemens simatic_et_200sp_im_155-6_pn_hs_firmware
98 Siemens simatic_et_200sp_im_155-6_pn_st_firmware
99 Siemens scalance_s615
100 Siemens simatic_cp_1543-1
101 Siemens simatic_tdc_cp51m1
102 Siemens simatic_tdc_cpu555
103 Siemens simatic_winac_rtx
104 Siemens scalance_m-800
105 Siemens scalance_w700
106 Siemens scalance_xm400
107 Siemens scalance_xr500
108 Siemens simatic_s7-1200
109 Siemens simatic_cp_1243-1
110 Siemens simatic_cp_1243-1_dnp3
111 Siemens simatic_cp_1243-1_iec
112 Siemens simatic_cp_1542sp-1
113 Siemens simatic_cp_1542sp-1_irc
114 Siemens simatic_cp_1543sp-1
115 Siemens simatic_s7-1500
116 Siemens simatic_cp_343-1_std
117 Siemens simatic_cp_343-1_lean
118 Siemens simatic_cp_343-1_adv
119 Siemens simatic_cp_443-1_std
120 Siemens simatic_cp_443-1_adv
121 Siemens simatic_cp_443-1_opc-ua
122 Siemens simatic_cm_1542-1
123 Siemens simatic_rf650r
124 Siemens simatic_rf680r
125 Siemens simatic_rf685r
126 Siemens simatic_cp_1616
127 Siemens simatic_cp_1604
128 Siemens scalance_x200
129 Siemens scalance_x200_irt
130 Siemens scalance_x300
131 Siemens scalance_x408
132 Siemens scalance_x414
133 Siemens softnet_profinet_io
134 Siemens ie\/pb-link
135 Siemens ie\/as-i_link_pn_io
136 Siemens simatic_teleservice_adapter_ie_advanced_modem
137 Siemens sitop_psu8600
138 Siemens ups1600_profinet
139 Siemens simatic_et_200al
140 Siemens simatic_et_200ecopn
141 Siemens simatic_et_200m
142 Siemens simatic_et_200mp
143 Siemens simatic_et_200pro
144 Siemens simatic_et_200s
145 Siemens simatic_et_200sp
146 Siemens pn\/pn_coupler
147 Siemens dk_standard_ethernet_controller
148 Siemens ek-ertec_200p_pn_io
149 Siemens ek-ertec_200_pn_io
150 Siemens simatic_s7-200_smart
151 Siemens simatic_s7-300
152 Siemens simatic_s7-400
153 Siemens sirius_act_3su1
154 Siemens sirius_soft_starter_3rw44_pn
155 Siemens sirius_motor_starter_m200d_profinet
156 Siemens simocode_pro_v_profinet
157 Siemens sinamics_dcm
158 Siemens sinamics_dcp
159 Siemens sinamics_g110m
160 Siemens sinamics_v90_pn
161 Siemens simotion
162 Siemens sinumerik_828d
163 Siemens sinumerik_840d_sl
164 Siemens simatic_hmi_comfort_panels
165 Siemens simatic_hmi_multi_panels
166 Siemens simatic_hmi_mobile_panels
167 Siemens simatic_cp_1243-1_irc
168 Siemens simatic_dk-16xx_pn_io
169 Siemens simatic_teleservice_adapter_standard_modem
170 Siemens simatic_teleservice_adapter_ie_basic_modem
171 Siemens sinamics_g120\(c\/p\/d\)_pn
172 Siemens sinamics_s110_pn
173 Siemens simatic_cm_1542sp-1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2017-2681.

URL Resource
http://www.securityfocus.com/bid/98369 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038463 Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/html/ssa-293562.html
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf Vendor Advisory
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf Broken Link

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2017-2681 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2017-2681 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Sep. 10, 2024

    Action Type Old Value New Value
    Changed Description Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.
    Added CVSS V4.0 Siemens AG CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • CVE Modified by [email protected]

    Jul. 09, 2024

    Action Type Old Value New Value
    Added Reference Siemens AG https://cert-portal.siemens.com/productcert/html/ssa-293562.html [No types assigned]
    Added CVSS V3.1 Siemens AG AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Modified Analysis by [email protected]

    Apr. 12, 2022

    Action Type Old Value New Value
    Removed CWE NIST CWE-20
    Added CWE NIST CWE-400
  • CVE Modified by [email protected]

    Feb. 09, 2022

    Action Type Old Value New Value
    Changed Description Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a Denial-of-Service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices.
  • CVE Modified by [email protected]

    Mar. 15, 2021

    Action Type Old Value New Value
    Removed CWE Siemens AG CWE-20
    Added CWE Siemens AG CWE-400
  • Modified Analysis by [email protected]

    Sep. 29, 2020

    Action Type Old Value New Value
    Removed CVSS V3 NIST AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Added CVSS V3.1 NIST AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Changed Reference Type http://www.securitytracker.com/id/1038463 No Types Assigned http://www.securitytracker.com/id/1038463 Third Party Advisory, VDB Entry
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf Vendor Advisory
    Changed Reference Type https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf Mitigation, Patch, Vendor Advisory https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf Broken Link
    Removed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1500_software_controller_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1500_software_controller:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_std_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_std:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_std_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.1.3 OR cpe:2.3:h:siemens:simatic_cp_343-1_std:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.1.3 OR cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_adv_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_adv:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_adv_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_adv:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_std_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_std:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_std_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.2.17 OR cpe:2.3:h:siemens:simatic_cp_443-1_std:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_adv_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_adv:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_adv_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.2.17 OR cpe:2.3:h:siemens:simatic_cp_443-1_adv:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_opc-ua_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_opc-ua:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_opc-ua_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_opc-ua:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.82 OR cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cm_1542-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cm_1542-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cm_1542-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.0 OR cpe:2.3:h:siemens:simatic_cm_1542-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.15 OR cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.15 OR cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1 OR cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.15 OR cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf650r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf650r:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_rf650r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 OR cpe:2.3:h:siemens:simatic_rf650r:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf680r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf680r:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_rf680r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 OR cpe:2.3:h:siemens:simatic_rf680r:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf685r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf685r:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_rf685r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 OR cpe:2.3:h:siemens:simatic_rf685r:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1616_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1616_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.7 OR cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1604_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_cp_1604_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.7 OR cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_dk-16xx_pn_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_dk-16xx_pn_io:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_dk-16xx_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.7 OR cpe:2.3:h:siemens:simatic_dk-16xx_pn_io:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x200_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.2 OR cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x200_irt_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x200_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.4.0 OR cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.0 OR cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x408_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x408_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.0 OR cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x414_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x414_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.10.2 OR cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm400_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.1 OR cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.1 OR cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.1 OR cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_m-800_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.03 OR cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_s615_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.03 OR cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:softnet_profinet_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:softnet_profinet_io:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:softnet_profinet_io_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 14 *cpe:2.3:o:siemens:softnet_profinet_io_firmware:14:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:softnet_profinet_io:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ie\/pb-link_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ie\/pb-link:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ie\/pb-link_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 OR cpe:2.3:h:siemens:ie\/pb-link:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ie\/as-i_link_pn_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ie\/as-i_link_pn_io:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ie\/as-i_link_pn_io_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ie\/as-i_link_pn_io:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_standard_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_standard_modem:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_standard_modem_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_standard_modem:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic_modem:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic_modem:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced_modem:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced_modem:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sitop_psu8600_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sitop_psu8600_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.2.0 OR cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ups1600_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ups1600_profinet:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ups1600_profinet_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.2.0 OR cpe:2.3:h:siemens:ups1600_profinet:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200al_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200al:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200al_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.2 OR cpe:2.3:h:siemens:simatic_et_200al:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200ecopn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200ecopn:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200ecopn_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200ecopn:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200m_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200m:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200m_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200m:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200mp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200mp:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200mp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.0.1 OR cpe:2.3:h:siemens:simatic_et_200mp:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200pro_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200pro:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200pro_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200pro:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200s_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200s:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200s_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200s:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200sp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200sp:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_et_200sp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.2.0 OR cpe:2.3:h:siemens:simatic_et_200sp:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:pn\/pn_coupler_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:pn\/pn_coupler:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:pn\/pn_coupler_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.0 OR cpe:2.3:h:siemens:pn\/pn_coupler:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.1.1 OR cpe:2.3:h:siemens:dk_standard_ethernet_controller:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.1 *cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:4.1.1:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:dk_standard_ethernet_controller:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.4.0 OR cpe:2.3:h:siemens:ek-ertec_200p_pn_io:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.4.0 *cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware:4.4.0:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:ek-ertec_200p_pn_io:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.2.1 OR cpe:2.3:h:siemens:ek-ertec_200_pn_io:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.2.1 *cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware:4.2.1:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:ek-ertec_200_pn_io:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-200_smart_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-200_smart:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-200_smart_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.3 OR cpe:2.3:h:siemens:simatic_s7-200_smart:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.3.17 OR cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-400_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.6 OR cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.2.1 OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1 OR cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_winac_rtx_2010_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_winac_rtx_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2010 *cpe:2.3:o:siemens:simatic_winac_rtx_firmware:2010:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_winac_rtx:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_act_3su1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_act_3su1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sirius_act_3su1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:siemens:sirius_act_3su1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_soft_starter_3rw44_pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_soft_starter_3rw44_pn:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sirius_soft_starter_3rw44_pn_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_soft_starter_3rw44_pn:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_motor_starter_m200d_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_motor_starter_m200d_profinet:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sirius_motor_starter_m200d_profinet_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_motor_starter_m200d_profinet:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_pro_v_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_pro_v_profinet:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simocode_pro_v_profinet_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.0.0 OR cpe:2.3:h:siemens:simocode_pro_v_profinet:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_dcm_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcm:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_dcm_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.4 *cpe:2.3:o:siemens:sinamics_dcm_firmware:1.4:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcm:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_dcp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_dcp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.2 *cpe:2.3:o:siemens:sinamics_dcp_firmware:1.2:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g110m_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.7 OR cpe:2.3:h:siemens:sinamics_g110m:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_g110m_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_g110m_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_g110m:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g120\(c\/p\/d\)_w._pn_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.7 OR cpe:2.3:h:siemens:sinamics_g120\(c\/p\/d\)_w._pn:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_g120\(c\/p\/d\)_pn_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 OR cpe:2.3:h:siemens:sinamics_g120\(c\/p\/d\)_pn:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g130_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.8 OR cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_g130_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_g130_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.8 OR cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_g150_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics__s110_w._pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:_s110_w._pn:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_s110_pn_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.4 *cpe:2.3:o:siemens:sinamics_s110_pn_firmware:4.4:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_s110_pn:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_s120_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.8 OR cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_s120_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_s120_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_s150_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.8 OR cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_s150_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinamics_s150_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_v90_w._pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_v90_w._pn:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinamics_v90_pn_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.01 OR cpe:2.3:h:siemens:sinamics_v90_pn:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simotion_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.5 OR cpe:2.3:h:siemens:simotion:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simotion_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.5 *cpe:2.3:o:siemens:simotion_firmware:4.5:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:simotion:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinumerik_828d_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.5 *cpe:2.3:o:siemens:sinumerik_828d_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.7 OR cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinumerik_828d_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.5 *cpe:2.3:o:siemens:sinumerik_828d_firmware:4.5:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.5 *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:* versions up to (including) 4.7 OR cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.5 *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:4.5:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_comfort_panels:*:*:*:*:*:*:*:* versions up to (including) - OR cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_hmi_comfort_panels:*:*:*:*:*:*:*:* versions up to (excluding) 15.1 OR cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_multi_panels:*:*:*:*:*:*:*:* versions up to (including) - OR cpe:2.3:h:siemens:simatic_hmi_multi_panels:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_hmi_multi_panels:*:*:*:*:*:*:*:* versions up to (excluding) 15.1 OR cpe:2.3:h:siemens:simatic_hmi_multi_panels:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_mobile_panels:*:*:*:*:*:*:*:* versions up to (including) - OR cpe:2.3:h:siemens:simatic_hmi_mobile_panels:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_hmi_mobile_panels:*:*:*:*:*:*:*:* versions up to (excluding) 15.1 OR cpe:2.3:h:siemens:simatic_hmi_mobile_panels:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_irc_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.82 OR cpe:2.3:h:siemens:simatic_cp_1243-1_irc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_iec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1243-1_iec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_dnp3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cm_1542sp-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.15 OR cpe:2.3:h:siemens:simatic_cm_1542sp-1:-:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:* versions up to (excluding) 2.1
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinumerik_828d_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinumerik_828d_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:4.7:-:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_tdc_cpu555_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.1 OR cpe:2.3:h:siemens:simatic_tdc_cpu555:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_tdc_cp51m1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.8 OR cpe:2.3:h:siemens:simatic_tdc_cp51m1:-:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Jul. 14, 2020

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions < V3.2.17), SIMATIC CP 443-1 Adv (All versions < V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions < V2.1.82), SIMATIC CP 1243-1 IRC (All versions < V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions < V2.0), SIMATIC CM 1542SP-1 (All versions < V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions < V1.0.15), SIMATIC CP 1543SP-1 (All versions < V1.0.15), SIMATIC CP 1543-1 (All versions < V2.1), SIMATIC RF650R (All versions < V3.0), SIMATIC RF680R (All versions < V3.0), SIMATIC RF685R (All versions < V3.0), SIMATIC CP 1616 (All versions < V2.7), SIMATIC CP 1604 (All versions < V2.7), SIMATIC DK-16xx PN IO (All versions < V2.7), SCALANCE X-200 (All versions < V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions < V4.1.0), SCALANCE X414 (All versions < V3.10.2), SCALANCE XM400 (All versions < V6.1), SCALANCE XR500 (All versions < V6.1), SCALANCE W700 (All versions < V6.1), SCALANCE M-800, S615 (All versions < V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions < V14 SP1), IE/PB-Link (All versions < V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions < V1.2.0), SITOP UPS1600 PROFINET (All versions < V2.2.0), SIMATIC ET 200AL (All versions < V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions < V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions < V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions < V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions < V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions < V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions < V2.3), SIMATIC S7-300 incl. F and T (All versions < V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions < V6.0.6), SIMATIC S7-400-H V6 (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions < V7.0.2), SIMATIC S7-410 (All versions < V8.2), SIMATIC S7-1200 incl. F (All versions < V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions < V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions < V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions < V2.0.0), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions < V1.2 HF 1), SINAMICS G110M w. PN (All versions < V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions < V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions < V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF27), and others. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a Denial-of-Service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a Denial-of-Service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices.
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 09, 2019

    Action Type Old Value New Value
    Added CWE Siemens AG CWE-20
  • CVE Modified by [email protected]

    Mar. 01, 2018

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in SIMATIC CP 343-1 Std, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Adv, SIMATIC CP 443-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 1243-1, SIMATIC CP 1243-1 IRC, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 DNP3, SIMATIC CM 1542-1, SIMATIC CM 1542SP-1, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543SP-1, SIMATIC CP 1543-1, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC CP 1616, SIMATIC CP 1604, SIMATIC DK-16xx PN IO, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SCALANCE W700, SCALANCE M-800, S615, Softnet PROFINET IO for PC-based Windows systems, IE/PB-Link, IE/AS-i Link PN IO, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, SIMATIC ET 200AL, SIMATIC ET 200ecoPN, SIMATIC ET 200M, SIMATIC ET 200MP IM155-5 PN BA, SIMATIC ET 200MP IM155-5 PN ST, SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST), SIMATIC ET 200pro, SIMATIC ET 200S, SIMATIC ET 200SP IM155-6 PN ST, SIMATIC ET 200SP (except IM155-6 PN ST), SIMATIC PN/PN Coupler, Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200P, Development/Evaluation Kit EK-ERTEC 200, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-410, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-1500 Software Controller incl. F, SIMATIC WinAC RTX 2010 incl. F, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Soft Starter 3RW44 PN, SIRIUS Motor Starter M200D PROFINET, SIMOCODE pro V PROFINET, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SIMOTION, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a Denial-of-Service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions < V3.2.17), SIMATIC CP 443-1 Adv (All versions < V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions < V2.1.82), SIMATIC CP 1243-1 IRC (All versions < V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions < V2.0), SIMATIC CM 1542SP-1 (All versions < V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions < V1.0.15), SIMATIC CP 1543SP-1 (All versions < V1.0.15), SIMATIC CP 1543-1 (All versions < V2.1), SIMATIC RF650R (All versions < V3.0), SIMATIC RF680R (All versions < V3.0), SIMATIC RF685R (All versions < V3.0), SIMATIC CP 1616 (All versions < V2.7), SIMATIC CP 1604 (All versions < V2.7), SIMATIC DK-16xx PN IO (All versions < V2.7), SCALANCE X-200 (All versions < V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions < V4.1.0), SCALANCE X414 (All versions < V3.10.2), SCALANCE XM400 (All versions < V6.1), SCALANCE XR500 (All versions < V6.1), SCALANCE W700 (All versions < V6.1), SCALANCE M-800, S615 (All versions < V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions < V14 SP1), IE/PB-Link (All versions < V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions < V1.2.0), SITOP UPS1600 PROFINET (All versions < V2.2.0), SIMATIC ET 200AL (All versions < V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions < V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions < V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions < V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions < V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions < V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions < V2.3), SIMATIC S7-300 incl. F and T (All versions < V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions < V6.0.6), SIMATIC S7-400-H V6 (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions < V7.0.2), SIMATIC S7-410 (All versions < V8.2), SIMATIC S7-1200 incl. F (All versions < V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions < V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions < V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions < V2.0.0), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions < V1.2 HF 1), SINAMICS G110M w. PN (All versions < V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions < V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions < V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF27), and others. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a Denial-of-Service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices.
  • CVE Modified by [email protected]

    Feb. 24, 2018

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200 PN IO, Development/Evaluation Kit EK-ERTEC 200P PN IO, IE/AS-i Link PN IO, IE/PB-Link, SCALANCE M-800, S615, SCALANCE W700, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SIMATIC WinAC RTX 2010 incl. F, SIMATIC CM 1542-1, SIMATIC CM 1542SP-1, SIMATIC CP 1243-1, SIMATIC CP 1243-1 DNP3, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 IRC, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543-1, SIMATIC CP 1543SP-1, SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 343-1 Adv, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 443-1 Std, SIMATIC DK-16xx PN IO, SIMATIC ET 200AL, SIMATIC ET 200M, SIMATIC ET 200MP, SIMATIC ET 200S, SIMATIC ET 200SP, SIMATIC ET 200ecoPN, SIMATIC ET 200pro, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 Software Controller incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-410, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SIMOCODE pro V PROFINET, SIMOTION, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Motor Starter M200D PROFINET, SIRIUS Soft Starter 3RW44 PN, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, Softnet PROFINET IO for PC-based Windows systems. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a Denial-of-Service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. A vulnerability has been identified in SIMATIC CP 343-1 Std, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Adv, SIMATIC CP 443-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 1243-1, SIMATIC CP 1243-1 IRC, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 DNP3, SIMATIC CM 1542-1, SIMATIC CM 1542SP-1, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543SP-1, SIMATIC CP 1543-1, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC CP 1616, SIMATIC CP 1604, SIMATIC DK-16xx PN IO, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SCALANCE W700, SCALANCE M-800, S615, Softnet PROFINET IO for PC-based Windows systems, IE/PB-Link, IE/AS-i Link PN IO, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, SIMATIC ET 200AL, SIMATIC ET 200ecoPN, SIMATIC ET 200M, SIMATIC ET 200MP IM155-5 PN BA, SIMATIC ET 200MP IM155-5 PN ST, SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST), SIMATIC ET 200pro, SIMATIC ET 200S, SIMATIC ET 200SP IM155-6 PN ST, SIMATIC ET 200SP (except IM155-6 PN ST), SIMATIC PN/PN Coupler, Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200P, Development/Evaluation Kit EK-ERTEC 200, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-410, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-1500 Software Controller incl. F, SIMATIC WinAC RTX 2010 incl. F, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Soft Starter 3RW44 PN, SIRIUS Motor Starter M200D PROFINET, SIMOCODE pro V PROFINET, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SIMOTION, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a Denial-of-Service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices.
  • CVE Modified by [email protected]

    Jan. 25, 2018

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200 PN IO, Development/Evaluation Kit EK-ERTEC 200P PN IO, IE/AS-i Link PN IO, IE/PB-Link, SCALANCE M-800, S615, SCALANCE W700, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SIMATIC WinAC RTX 2010 incl. F, SIMATIC CP 1243-1, SIMATIC CP 1243-1 DNP3, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 IRC, SIMATIC CP 1542-1, SIMATIC CP 1542SP-1, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543-1, SIMATIC CP 1543SP-1, SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 343-1 Adv, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 443-1 Std, SIMATIC DK-16xx PN IO, SIMATIC ET 200AL, SIMATIC ET 200M, SIMATIC ET 200MP, SIMATIC ET 200S, SIMATIC ET 200SP, SIMATIC ET 200ecoPN, SIMATIC ET 200pro, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 Software Controller incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-410, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SIMOCODE pro V PROFINET, SIMOTION, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Motor Starter M200D PROFINET, SIRIUS Soft Starter 3RW44 PN, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, Softnet PROFINET IO for PC-based Windows systems. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a Denial-of-Service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. A vulnerability has been identified in Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200 PN IO, Development/Evaluation Kit EK-ERTEC 200P PN IO, IE/AS-i Link PN IO, IE/PB-Link, SCALANCE M-800, S615, SCALANCE W700, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SIMATIC WinAC RTX 2010 incl. F, SIMATIC CM 1542-1, SIMATIC CM 1542SP-1, SIMATIC CP 1243-1, SIMATIC CP 1243-1 DNP3, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 IRC, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543-1, SIMATIC CP 1543SP-1, SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 343-1 Adv, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 443-1 Std, SIMATIC DK-16xx PN IO, SIMATIC ET 200AL, SIMATIC ET 200M, SIMATIC ET 200MP, SIMATIC ET 200S, SIMATIC ET 200SP, SIMATIC ET 200ecoPN, SIMATIC ET 200pro, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 Software Controller incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-410, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SIMOCODE pro V PROFINET, SIMOTION, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Motor Starter M200D PROFINET, SIRIUS Soft Starter 3RW44 PN, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, Softnet PROFINET IO for PC-based Windows systems. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a Denial-of-Service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices.
  • CVE Modified by [email protected]

    Jan. 19, 2018

    Action Type Old Value New Value
    Changed Description Siemens SIMATIC S7-300 incl. F and T (All versions before V3.X.14), S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), S7-400-H V6 (All versions before V6.0.7), S7-400 PN/DP V7 Incl. F (All versions), S7-410 (All versions before V8.2), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP (Layer 2 - Ethernet) packet sent to an affected product. A vulnerability has been identified in Development/Evaluation Kit DK Standard Ethernet Controller, Development/Evaluation Kit EK-ERTEC 200 PN IO, Development/Evaluation Kit EK-ERTEC 200P PN IO, IE/AS-i Link PN IO, IE/PB-Link, SCALANCE M-800, S615, SCALANCE W700, SCALANCE X-200, SCALANCE X-200 IRT, SCALANCE X-300/X408, SCALANCE X414, SCALANCE XM400, SCALANCE XR500, SIMATIC WinAC RTX 2010 incl. F, SIMATIC CP 1243-1, SIMATIC CP 1243-1 DNP3, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-1 IRC, SIMATIC CP 1542-1, SIMATIC CP 1542SP-1, SIMATIC CP 1542SP-1 IRC, SIMATIC CP 1543-1, SIMATIC CP 1543SP-1, SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 343-1 Adv, SIMATIC CP 343-1 Lean, SIMATIC CP 343-1 Std, SIMATIC CP 443-1 Adv, SIMATIC CP 443-1 OPC-UA, SIMATIC CP 443-1 Std, SIMATIC DK-16xx PN IO, SIMATIC ET 200AL, SIMATIC ET 200M, SIMATIC ET 200MP, SIMATIC ET 200S, SIMATIC ET 200SP, SIMATIC ET 200ecoPN, SIMATIC ET 200pro, SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC RF650R, SIMATIC RF680R, SIMATIC RF685R, SIMATIC S7-1200 incl. F, SIMATIC S7-1500 Software Controller incl. F, SIMATIC S7-1500 incl. F, T, and TF, SIMATIC S7-200 SMART, SIMATIC S7-300 incl. F and T, SIMATIC S7-400 PN/DP V6 Incl. F, SIMATIC S7-400 PN/DP V7 Incl. F, SIMATIC S7-400-H V6, SIMATIC S7-410, SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced, SIMOCODE pro V PROFINET, SIMOTION, SINAMICS DCM w. PN, SINAMICS DCP w. PN, SINAMICS G110M w. PN, SINAMICS G120(C/P/D) w. PN, SINAMICS G130 V4.7 w. PN, SINAMICS G130 V4.8 w. PN, SINAMICS G150 V4.7 w. PN, SINAMICS G150 V4.8 w. PN, SINAMICS S110 w. PN, SINAMICS S120 V4.7 w. PN, SINAMICS S120 V4.8 w. PN, SINAMICS S150 V4.7 w. PN, SINAMICS S150 V4.8 w. PN, SINAMICS V90 w. PN, SINUMERIK 828D V4.5 and prior, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.5 and prior, SINUMERIK 840D sl V4.7, SIRIUS ACT 3SU1 interface module PROFINET, SIRIUS Motor Starter M200D PROFINET, SIRIUS Soft Starter 3RW44 PN, SITOP PSU8600 PROFINET, SITOP UPS1600 PROFINET, Softnet PROFINET IO for PC-based Windows systems. Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a Denial-of-Service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices.
  • CVE Modified by [email protected]

    Dec. 30, 2017

    Action Type Old Value New Value
    Changed Description Siemens SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 incl. F and H (All versions before V8.2), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP (Layer 2 - Ethernet) packet sent to an affected product. Siemens SIMATIC S7-300 incl. F and T (All versions before V3.X.14), S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), S7-400-H V6 (All versions before V6.0.7), S7-400 PN/DP V7 Incl. F (All versions), S7-410 (All versions before V8.2), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP (Layer 2 - Ethernet) packet sent to an affected product.
  • CVE Modified by [email protected]

    Jul. 08, 2017

    Action Type Old Value New Value
    Added Reference http://www.securitytracker.com/id/1038463 [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 17, 2017

    Action Type Old Value New Value
    Changed Description Siemens SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 incl. F and H (All versions), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP (Layer 2 - Ethernet) packet sent to an affected product. Siemens SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 incl. F and H (All versions before V8.2), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP (Layer 2 - Ethernet) packet sent to an affected product.
  • Initial Analysis by [email protected]

    May. 23, 2017

    Action Type Old Value New Value
    Added CVSS V2 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
    Added CVSS V3 AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Changed Reference Type https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf No Types Assigned https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf Mitigation, Patch, Vendor Advisory
    Changed Reference Type http://www.securityfocus.com/bid/98369 No Types Assigned http://www.securityfocus.com/bid/98369 Third Party Advisory, VDB Entry
    Added CWE CWE-20
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_std_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_std:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_343-1_adv_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_343-1_adv:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_std_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_std:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_adv_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_adv:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_443-1_opc-ua_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_443-1_opc-ua:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cm_1542-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cm_1542-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf650r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf650r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf680r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf680r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_rf685r_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_rf685r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1616_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cp_1604_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_dk-16xx_pn_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_dk-16xx_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x200_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x200_irt_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x408_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x414_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm400_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_m-800_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_s615_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:softnet_profinet_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:softnet_profinet_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ie\/pb-link_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ie\/pb-link:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ie\/as-i_link_pn_io_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ie\/as-i_link_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_standard_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_standard_modem:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic_modem:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced_modem:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sitop_psu8600_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ups1600_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ups1600_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200al_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200al:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200ecopn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200ecopn:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200m_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200mp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200mp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200pro_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200s_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_et_200sp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_et_200sp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:pn\/pn_coupler_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:pn\/pn_coupler:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:4.1.1:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:dk_standard_ethernet_controller:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200p_pn_io_firmware:4.4.0:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:ek-ertec_200p_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200_pn_io_firmware:4.2.1:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:ek-ertec_200_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-200_smart_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-200_smart:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-400_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1500_software_controller_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1500_software_controller:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_winac_rtx_2010_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_act_3su1_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_act_3su1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_soft_starter_3rw44_pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_soft_starter_3rw44_pn:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sirius_motor_starter_m200d_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sirius_motor_starter_m200d_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_pro_v_profinet_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_pro_v_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_dcm_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcm:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_dcp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g110m_firmware:4.7:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_g110m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g120\(c\/p\/d\)_w._pn_firmware:4.7:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_g120\(c\/p\/d\)_w._pn:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g130_firmware:4.8:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_g150_firmware:4.8:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics__s110_w._pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:_s110_w._pn:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_s120_firmware:4.8:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_s150_firmware:4.8:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinamics_v90_w._pn_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:sinamics_v90_w._pn:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simotion_firmware:4.5:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:simotion:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinumerik_828d_firmware:4.5:*:*:*:*:*:*:* (and previous) *cpe:2.3:o:siemens:sinumerik_828d_firmware:4.7:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:4.5:*:*:*:*:*:*:* (and previous) *cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:4.7:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_multi_panels:-:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:simatic_hmi_multi_panels:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_hmi_mobile_panels:-:*:*:*:*:*:*:* (and previous) OR cpe:2.3:h:siemens:simatic_hmi_mobile_panels:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2017-2681 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2017-2681 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.18 }} 0.05%

score

0.55904

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability