7.5
HIGH
CVE-2020-28400
TP-Link Powerline Denial of Service Vulnerability
Description

Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.

INFO

Published Date :

July 13, 2021, 11:15 a.m.

Last Modified :

Dec. 10, 2024, 2:15 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

3.6

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2020-28400 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Siemens ruggedcom_rm1224_firmware
2 Siemens scalance_m-800_firmware
3 Siemens scalance_s615_firmware
4 Siemens scalance_xm408-4c_firmware
5 Siemens scalance_xm408-8c_firmware
6 Siemens scalance_xm416-4c_firmware
7 Siemens scalance_xr528-6m_firmware
8 Siemens scalance_xr552-12m_firmware
9 Siemens scalance_xp-200_firmware
10 Siemens scalance_xc-200_firmware
11 Siemens scalance_x200-4p_irt_firmware
12 Siemens scalance_x201-3p_irt_firmware
13 Siemens scalance_x201-3p_irt_pro_firmware
14 Siemens scalance_x202-2irt_firmware
15 Siemens scalance_x202-2p_irt_firmware
16 Siemens scalance_x202-2p_irt_pro_firmware
17 Siemens scalance_x204irt_firmware
18 Siemens scalance_x204irt_pro_firmware
19 Siemens scalance_xf201-3p_irt_firmware
20 Siemens scalance_xf202-2p_irt_firmware
21 Siemens scalance_xf204-2ba_irt_firmware
22 Siemens scalance_xf204irt_firmware
23 Siemens scalance_xb-200_firmware
24 Siemens scalance_xf-200ba_firmware
25 Siemens scalance_xr-300wg_firmware
26 Siemens simatic_cp_1626_firmware
27 Siemens scalance_x200-4_p_irt_firmware
28 Siemens scalance_x202-2_irt_firmware
29 Siemens scalance_x204_irt_firmware
30 Siemens scalance_x204_irt_pro_firmware
31 Siemens scalance_x204-2_firmware
32 Siemens scalance_x204-2fm_firmware
33 Siemens scalance_x204-2ld_firmware
34 Siemens scalance_x204-2ld_ts_firmware
35 Siemens scalance_x204-2ts_firmware
36 Siemens scalance_x206-1_firmware
37 Siemens scalance_x206-1ld_firmware
38 Siemens scalance_x208_firmware
39 Siemens scalance_x212-2_firmware
40 Siemens scalance_x212-2ld_firmware
41 Siemens scalance_x216_firmware
42 Siemens scalance_x224_firmware
43 Siemens scalance_xf204_firmware
44 Siemens scalance_xf204_irt_firmware
45 Siemens scalance_xf204-2_firmware
46 Siemens scalance_xf206-1_firmware
47 Siemens scalance_xf208_firmware
48 Siemens simatic_mv540_h_firmware
49 Siemens simatic_mv540_s_firmware
50 Siemens simatic_mv550_h_firmware
51 Siemens simatic_mv550_s_firmware
52 Siemens simatic_mv560_u_firmware
53 Siemens simatic_mv560_x_firmware
54 Siemens simatic_s7-1200_firmware
55 Siemens dk_standard_ethernet_controller_evaluation_kit_firmware
56 Siemens ek-ertec_200_evaulation_kit_firmware
57 Siemens ek-ertec_200p_evaluation_kit_firmware
58 Siemens scalance_w700_firmware
59 Siemens scalance_w1700_firmware
60 Siemens scalance_x208pro_firmware
61 Siemens scalance_x302-7eec_firmware
62 Siemens scalance_x304-2fe_firmware
63 Siemens scalance_x306-1ldfe_firmware
64 Siemens scalance_x307-2eec_firmware
65 Siemens scalance_x307-3_firmware
66 Siemens scalance_x307-3ld_firmware
67 Siemens scalance_x308-2_firmware
68 Siemens scalance_x308-2ld_firmware
69 Siemens scalance_x308-2lh_firmware
70 Siemens scalance_x308-2lh\+_firmware
71 Siemens scalance_x308-2m_firmware
72 Siemens scalance_x308-2m_poe_firmware
73 Siemens scalance_x308-2m_ts_firmware
74 Siemens scalance_x310_firmware
75 Siemens scalance_x310fe_firmware
76 Siemens scalance_x320-1fe_firmware
77 Siemens scalance_x320-3ldfe_firmware
78 Siemens scalance_xm400_firmware
79 Siemens scalance_xr324-4m_eec_firmware
80 Siemens scalance_xr324-4m_poe_firmware
81 Siemens scalance_xr324-4m_poe_ts_firmware
82 Siemens scalance_xr324-12m_firmware
83 Siemens scalance_xr324-12m_ts_firmware
84 Siemens scalance_xr500_firmware
85 Siemens simatic_cfu_pa_firmware
86 Siemens simatic_ie\/pb-link_v3_firmware
87 Siemens simatic_mv500_firmware
88 Siemens simatic_net_cm_1542-1_firmware
89 Siemens simatic_net_cp1616_firmware
90 Siemens simatic_net_cp1604_firmware
91 Siemens simatic_net_cp1626_firmware
92 Siemens simatic_net_dk-16xx_pn_io
93 Siemens simatic_power_line_booster_plb_firmware
94 Siemens simatic_profinet_driver_firmware
95 Siemens simocode_prov_ethernet\/ip_firmware
96 Siemens simocode_prov_profinet_firmware
97 Siemens softnet-ie_pnio_firmware
98 Siemens scalance_m804pb_firmware
99 Siemens scalance_m874-2_firmware
100 Siemens scalance_m874-3_firmware
101 Siemens scalance_m876-3_firmware
102 Siemens scalance_m876-4_firmware
103 Siemens ruggedcom_rm1224_lte\(4g\)_eu_firmware
104 Siemens ruggedcom_rm1224_lte\(4g\)_nam_firmware
105 Siemens scalance_m812-1_adsl-router_firmware
106 Siemens scalance_m816-1_adsl-router_firmware
107 Siemens scalance_m826-2_shdsl-router_firmware
108 Siemens scalance_w721-1_rj45_firmware
109 Siemens scalance_w722-1_rj45_firmware
110 Siemens scalance_w734-1_rj45_firmware
111 Siemens scalance_w738-1_m12_firmware
112 Siemens scalance_w748-1_m12_firmware
113 Siemens scalance_w761-1_rj45_firmware
114 Siemens scalance_w774-1_m12_eec_firmware
115 Siemens scalance_w774-1_rj45_firmware
116 Siemens scalance_w778-1_m12_firmware
117 Siemens scalance_w778-1_m12_eec_firmware
118 Siemens scalance_w786-1_rj45_firmware
119 Siemens scalance_w786-2_rj45_firmware
120 Siemens scalance_w786-2_sfp_firmware
121 Siemens scalance_w786-2ia_rj45_firmware
122 Siemens scalance_w788-1_m12_firmware
123 Siemens scalance_w788-1_rj45_firmware
124 Siemens scalance_w788-2_m12_firmware
125 Siemens scalance_w788-2_m12_eec_firmware
126 Siemens scalance_w1748-1_m12_firmware
127 Siemens scalance_w1788-1_m12_firmware
128 Siemens scalance_w1788-2_eec_m12_firmware
129 Siemens scalance_w1788-2_m12_firmware
130 Siemens scalance_w1788-2ia_m12_firmware
131 Siemens scalance_xc206-2g_poe_firmware
132 Siemens scalance_xc206-2sfp_firmware
133 Siemens scalance_xc206-2sfp_eec_firmware
134 Siemens scalance_xc206-2sfp_g_firmware
135 Siemens scalance_xc206-2sfp_g_eec_firmware
136 Siemens scalance_xc208_firmware
137 Siemens scalance_xc216_firmware
138 Siemens scalance_xc216-3g_poe_firmware
139 Siemens scalance_xc216-4c_firmware
140 Siemens scalance_xc216-4c_g_firmware
141 Siemens scalance_xc216-4c_g_eec_firmware
142 Siemens scalance_xc216eec_firmware
143 Siemens scalance_xc224_firmware
144 Siemens scalance_xc224-4c_g_firmware
145 Siemens scalance_xc224-4c_g_eec_firmware
146 Siemens scalance_xf204_dna_firmware
147 Siemens scalance_xf204-2ba_firmware
148 Siemens scalance_xp208_firmware
149 Siemens scalance_xp208eec_firmware
150 Siemens scalance_xp208poe_eec_firmware
151 Siemens scalance_xp216_firmware
152 Siemens scalance_xp216eec_firmware
153 Siemens scalance_xp216poe_eec_firmware
154 Siemens siplus_net_scalance_xc206-2_firmware
155 Siemens siplus_net_scalance_xc206-2sfp_firmware
156 Siemens siplus_net_scalance_xc208_firmware
157 Siemens siplus_net_scalance_xc216-4c_firmware
158 Siemens simatic_cp_1616_firmware
159 Siemens simatic_cp_1604_firmware
160 Siemens scalance_xc208eec_firmware
161 Siemens scalance_xc208g_firmware
162 Siemens scalance_xc208g_eec_firmware
163 Siemens scalance_xc208g_poe_firmware
164 Siemens scalance_xf204-2ba_dna_firmware
165 Siemens scalance_xr326-2c_poe_wg_firmware
166 Siemens simatic_cm_1542-1_firmware
167 Siemens scalance_x408-2_firmware
168 Siemens scalance_x201-3p_irt
169 Siemens simatic_cfu_diq_firmware
170 Siemens siplus_net_scalance_x308-2_firmware
171 Siemens scalance_x308-2m
172 Siemens scalance_s615
173 Siemens simatic_cfu_pa
174 Siemens dk_standard_ethernet_controller_evaluation_kit
175 Siemens ek-ertec_200_evaulation_kit
176 Siemens ek-ertec_200p_evaluation_kit
177 Siemens ruggedcom_rm1224
178 Siemens scalance_m-800
179 Siemens scalance_w700
180 Siemens scalance_w1700
181 Siemens scalance_x200-4_p_irt
182 Siemens scalance_x201-3p_irt_pro
183 Siemens scalance_x202-2_irt
184 Siemens scalance_x202-2p_irt_pro
185 Siemens scalance_x204_irt
186 Siemens scalance_x204_irt_pro
187 Siemens scalance_x204-2_
188 Siemens scalance_x204-2fm
189 Siemens scalance_x204-2ld
190 Siemens scalance_x204-2ld_ts
191 Siemens scalance_x204-2ts
192 Siemens scalance_x206-1
193 Siemens scalance_x206-1ld
194 Siemens scalance_x208
195 Siemens scalance_x208pro
196 Siemens scalance_x212-2
197 Siemens scalance_x212-2ld
198 Siemens scalance_x216
199 Siemens scalance_x224
200 Siemens scalance_x302-7eec
201 Siemens scalance_x304-2fe
202 Siemens scalance_x306-1ldfe
203 Siemens scalance_x307-2eec
204 Siemens scalance_x307-3
205 Siemens scalance_x307-3ld
206 Siemens scalance_x308-2
207 Siemens scalance_x308-2ld
208 Siemens scalance_x308-2lh
209 Siemens scalance_x308-2lh\+
210 Siemens scalance_x308-2m_poe
211 Siemens scalance_x308-2m_ts
212 Siemens scalance_x310
213 Siemens scalance_x310fe
214 Siemens scalance_x320-1fe
215 Siemens scalance_x320-3ldfe
216 Siemens scalance_xb-200
217 Siemens scalance_xc-200
218 Siemens scalance_xf201-3p_irt
219 Siemens scalance_xf202-2p_irt
220 Siemens scalance_xf204
221 Siemens scalance_xf204_irt
222 Siemens scalance_xf204-2_
223 Siemens scalance_xf204-2ba_irt
224 Siemens scalance_xf206-1
225 Siemens scalance_xf208
226 Siemens scalance_xf-200ba
227 Siemens scalance_xm400
228 Siemens scalance_xp-200
229 Siemens scalance_xr324-4m_eec
230 Siemens scalance_xr324-4m_poe
231 Siemens scalance_xr324-4m_poe_ts
232 Siemens scalance_xr324-12m
233 Siemens scalance_xr324-12m_ts
234 Siemens scalance_xr500
235 Siemens scalance_xr-300wg
236 Siemens simatic_ie\/pb-link_v3
237 Siemens simatic_mv500
238 Siemens simatic_net_cm_1542-1
239 Siemens simatic_net_cp1616
240 Siemens simatic_net_cp1604
241 Siemens simatic_net_cp1626
242 Siemens simatic_power_line_booster_plb
243 Siemens simatic_profinet_driver
244 Siemens simatic_s7-1200
245 Siemens simocode_prov_ethernet\/ip
246 Siemens simocode_prov_profinet
247 Siemens softnet-ie_pnio
248 Siemens scalance_m874-3_3g-router_\(cn\)_firmware
249 Siemens scalance_m876-3_\(rok\)_firmware
250 Siemens scalance_m876-4_\(eu\)_firmware
251 Siemens scalance_m876-4_\(nam\)_firmware
252 Siemens scalance_mum853-1_\(a1\)_firmware
253 Siemens scalance_mum853-1_\(b1\)_firmware
254 Siemens scalance_mum853-1_\(eu\)_firmware
255 Siemens scalance_mum856-1_\(a1\)_firmware
256 Siemens scalance_mum856-1_\(b1\)_firmware
257 Siemens scalance_mum856-1_\(cn\)_firmware
258 Siemens scalance_mum856-1_\(eu\)_firmware
259 Siemens scalance_mum856-1_\(row\)_firmware
260 Siemens scalance_s615_eec_lan-router_firmware
261 Siemens scalance_s615_lan-router_firmware
: Total Affected Vendor : 1 | Products : 261
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2020-28400.

URL Resource
https://cert-portal.siemens.com/productcert/html/ssa-599968.html
https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf Patch Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 Third Party Advisory US Government Resource
https://cert-portal.siemens.com/productcert/html/ssa-599968.html
https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf Patch Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 Third Party Advisory US Government Resource

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2020-28400 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2020-28400 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Dec. 10, 2024

    Action Type Old Value New Value
    Changed Description Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
    Added CVSS V4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://cert-portal.siemens.com/productcert/html/ssa-599968.html
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf
    Added Reference https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03
  • CVE Modified by [email protected]

    Jun. 11, 2024

    Action Type Old Value New Value
    Added Reference Siemens AG https://cert-portal.siemens.com/productcert/html/ssa-599968.html [No types assigned]
    Added CVSS V3.1 Siemens AG AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Apr. 12, 2022

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, RUGGEDCOM RM1224, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router, SCALANCE M816-1 ADSL-Router, SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3, SCALANCE M876-3 (ROK), SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE S615, SCALANCE W-1700 IEEE 802.11ac family, SCALANCE W-700 IEEE 802.11n family, SCALANCE X200-4 P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2 IRT, SCALANCE X202-2P IRT (incl. SIPLUS NET variant), SCALANCE X202-2P IRT PRO, SCALANCE X204 IRT, SCALANCE X204 IRT PRO, SCALANCE X204-2 (incl. SIPLUS NET variant), SCALANCE X204-2FM, SCALANCE X204-2LD (incl. SIPLUS NET variant), SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X206-1, SCALANCE X206-1LD (incl. SIPLUS NET variant), SCALANCE X208 (incl. SIPLUS NET variant), SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7EEC, SCALANCE X304-2FE, SCALANCE X306-1LDFE, SCALANCE X307-2EEC, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2 (incl. SIPLUS NET variant), SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310FE, SCALANCE X320-1FE, SCALANCE X320-3LDFE, SCALANCE XB-200, SCALANCE XC-200, SCALANCE XF-200BA, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204 IRT, SCALANCE XF204-2 (incl. SIPLUS NET variant), SCALANCE XF204-2BA IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XM400, SCALANCE XP-200, SCALANCE XR-300WG, SCALANCE XR324-12M, SCALANCE XR324-12M TS, SCALANCE XR324-4M EEC, SCALANCE XR324-4M PoE, SCALANCE XR324-4M PoE TS, SCALANCE XR500, SIMATIC CFU PA, SIMATIC CM 1542-1, SIMATIC CP1616/CP1604, SIMATIC CP1626, SIMATIC IE/PB-LINK V3, SIMATIC MV540 H, SIMATIC MV540 S, SIMATIC MV550 H, SIMATIC MV550 S, SIMATIC MV560 U, SIMATIC MV560 X, SIMATIC NET DK-16xx PN IO, SIMATIC PROFINET Driver, SIMATIC Power Line Booster PLB, Base Module, SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMOCODE proV Ethernet/IP, SIMOCODE proV PROFINET, SOFTNET-IE PNIO. Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
  • CVE Modified by [email protected]

    Feb. 09, 2022

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M PoE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M PoE (All versions), SCALANCE XR324-4M PoE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC CM 1542-1 (All versions < V3.0), SIMATIC CP1616/CP1604 (All Versions >= V2.7), SIMATIC CP1626 (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions < V2.3), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, RUGGEDCOM RM1224, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router, SCALANCE M816-1 ADSL-Router, SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3, SCALANCE M876-3 (ROK), SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE S615, SCALANCE W-1700 IEEE 802.11ac family, SCALANCE W-700 IEEE 802.11n family, SCALANCE X200-4 P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2 IRT, SCALANCE X202-2P IRT (incl. SIPLUS NET variant), SCALANCE X202-2P IRT PRO, SCALANCE X204 IRT, SCALANCE X204 IRT PRO, SCALANCE X204-2 (incl. SIPLUS NET variant), SCALANCE X204-2FM, SCALANCE X204-2LD (incl. SIPLUS NET variant), SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X206-1, SCALANCE X206-1LD (incl. SIPLUS NET variant), SCALANCE X208 (incl. SIPLUS NET variant), SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7EEC, SCALANCE X304-2FE, SCALANCE X306-1LDFE, SCALANCE X307-2EEC, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2 (incl. SIPLUS NET variant), SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310FE, SCALANCE X320-1FE, SCALANCE X320-3LDFE, SCALANCE XB-200, SCALANCE XC-200, SCALANCE XF-200BA, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204 IRT, SCALANCE XF204-2 (incl. SIPLUS NET variant), SCALANCE XF204-2BA IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XM400, SCALANCE XP-200, SCALANCE XR-300WG, SCALANCE XR324-12M, SCALANCE XR324-12M TS, SCALANCE XR324-4M EEC, SCALANCE XR324-4M PoE, SCALANCE XR324-4M PoE TS, SCALANCE XR500, SIMATIC CFU PA, SIMATIC CM 1542-1, SIMATIC CP1616/CP1604, SIMATIC CP1626, SIMATIC IE/PB-LINK V3, SIMATIC MV540 H, SIMATIC MV540 S, SIMATIC MV550 H, SIMATIC MV550 S, SIMATIC MV560 U, SIMATIC MV560 X, SIMATIC NET DK-16xx PN IO, SIMATIC PROFINET Driver, SIMATIC Power Line Booster PLB, Base Module, SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMOCODE proV Ethernet/IP, SIMOCODE proV PROFINET, SOFTNET-IE PNIO. Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
  • Modified Analysis by [email protected]

    Dec. 10, 2021

    Action Type Old Value New Value
    Changed Reference Type https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 No Types Assigned https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 Third Party Advisory, US Government Resource
    Added CWE NIST CWE-770
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200p_evaluation_kit_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ek-ertec_200p_evaluation_kit:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ek-ertec_200p_evaluation_kit_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 OR cpe:2.3:h:siemens:ek-ertec_200p_evaluation_kit:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2_:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x204-2_:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.3 OR cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.3 OR cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf204-2_:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_xf204-2_:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.3 OR cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.3 OR cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.3 OR cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*
    Changed CPE Configuration OR *cpe:2.3:a:siemens:simatic_net_dk-16xx_pn_io:-:*:*:*:*:*:*:* OR *cpe:2.3:a:siemens:simatic_net_dk-16xx_pn_io:*:*:*:*:*:*:*:* versions up to (including) 2.7
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_profinet_driver_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_profinet_driver:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_profinet_driver_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.3 OR cpe:2.3:h:siemens:simatic_profinet_driver:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.5 OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_prov_ethernet\/ip_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_prov_ethernet\/ip:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simocode_prov_ethernet\/ip_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.3 OR cpe:2.3:h:siemens:simocode_prov_ethernet\/ip:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_prov_profinet_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_prov_profinet:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simocode_prov_profinet_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.3 OR cpe:2.3:h:siemens:simocode_prov_profinet:-:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Oct. 12, 2021

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M POE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M POE (All versions), SCALANCE XR324-4M POE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC CM 1542-1 (All versions < V3.0), SIMATIC CP1616/CP1604 (All Versions >= V2.7), SIMATIC CP1626 (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M PoE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M PoE (All versions), SCALANCE XR324-4M PoE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC CM 1542-1 (All versions < V3.0), SIMATIC CP1616/CP1604 (All Versions >= V2.7), SIMATIC CP1626 (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions < V2.3), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
  • CVE Modified by [email protected]

    Sep. 14, 2021

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2FM (All versions), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2LD TS (All versions), SCALANCE X204-2TS (All versions), SCALANCE X206-1 (All versions), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions), SCALANCE X208 (incl. SIPLUS NET variant) (All versions), SCALANCE X208PRO (All versions), SCALANCE X212-2 (All versions), SCALANCE X212-2LD (All versions), SCALANCE X216 (All versions), SCALANCE X224 (All versions), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M PoE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions), SCALANCE XF208 (All versions), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M PoE (All versions), SCALANCE XR324-4M PoE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET CM 1542-1 (All versions), SIMATIC NET CP1616/CP1604 (All Versions >= V2.7), SIMATIC NET CP1626 (All versions), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M POE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M POE (All versions), SCALANCE XR324-4M POE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC CM 1542-1 (All versions < V3.0), SIMATIC CP1616/CP1604 (All Versions >= V2.7), SIMATIC CP1626 (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
  • CVE Modified by [email protected]

    Aug. 10, 2021

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions), RUGGEDCOM RM1224 (All Versions < 6.4), SCALANCE M-800 (All Versions < 6.4), SCALANCE S615 (All Versions < 6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2FM (All versions), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2LD TS (All versions), SCALANCE X204-2TS (All versions), SCALANCE X206-1 (All versions), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions), SCALANCE X208 (incl. SIPLUS NET variant) (All versions), SCALANCE X208PRO (All versions), SCALANCE X212-2 (All versions), SCALANCE X212-2LD (All versions), SCALANCE X216 (All versions), SCALANCE X224 (All versions), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M POE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions), SCALANCE XC-200 (All versions), SCALANCE XF-200BA (All versions), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions), SCALANCE XF208 (All versions), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions), SCALANCE XR-300WG (All versions), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M POE (All versions), SCALANCE XR324-4M POE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET CM 1542-1 (All versions), SIMATIC NET CP1616/CP1604 (All Versions >= V2.7), SIMATIC NET CP1626 (All versions), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2FM (All versions), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2LD TS (All versions), SCALANCE X204-2TS (All versions), SCALANCE X206-1 (All versions), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions), SCALANCE X208 (incl. SIPLUS NET variant) (All versions), SCALANCE X208PRO (All versions), SCALANCE X212-2 (All versions), SCALANCE X212-2LD (All versions), SCALANCE X216 (All versions), SCALANCE X224 (All versions), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M PoE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions), SCALANCE XF208 (All versions), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M PoE (All versions), SCALANCE XR324-4M PoE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET CM 1542-1 (All versions), SIMATIC NET CP1616/CP1604 (All Versions >= V2.7), SIMATIC NET CP1626 (All versions), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
  • CVE Modified by [email protected]

    Jul. 30, 2021

    Action Type Old Value New Value
    Added Reference https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 [No Types Assigned]
  • Initial Analysis by [email protected]

    Jul. 30, 2021

    Action Type Old Value New Value
    Added CVSS V2 NIST (AV:N/AC:L/Au:N/C:N/I:N/A:P)
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf Patch, Vendor Advisory
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:dk_standard_ethernet_controller_evaluation_kit_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:dk_standard_ethernet_controller_evaluation_kit:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200_evaulation_kit_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ek-ertec_200_evaulation_kit:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200p_evaluation_kit_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ek-ertec_200p_evaluation_kit:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.4 OR cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.4 OR cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.4 OR cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w1700:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x200-4_p_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x200-4_p_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x202-2_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x204_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x204_irt_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2_:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2lh\+_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2lh\+:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_xf204_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf204-2_:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.3.1 OR cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.3.1 OR cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cfu_pa_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cfu_pa:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_ie\/pb-link_v3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_ie\/pb-link_v3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 OR cpe:2.3:h:siemens:simatic_mv500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_net_cm_1542-1_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_net_cm_1542-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_net_cp1616_firmware:*:*:*:*:*:*:*:* versions up to (including) 2.7 OR cpe:2.3:h:siemens:simatic_net_cp1616:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_net_cp1604_firmware:*:*:*:*:*:*:*:* versions up to (including) 2.7 OR cpe:2.3:h:siemens:simatic_net_cp1604:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_net_cp1626_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_net_cp1626:-:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:a:siemens:simatic_net_dk-16xx_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_power_line_booster_plb_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_power_line_booster_plb:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_profinet_driver_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_profinet_driver:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_prov_ethernet\/ip_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_prov_ethernet\/ip:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_prov_profinet_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_prov_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:softnet-ie_pnio_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:softnet-ie_pnio:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2020-28400 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2020-28400 weaknesses.

CAPEC-125: Flooding Flooding CAPEC-130: Excessive Allocation Excessive Allocation CAPEC-147: XML Ping of the Death XML Ping of the Death CAPEC-197: Exponential Data Expansion Exponential Data Expansion CAPEC-229: Serialized Data Parameter Blowup Serialized Data Parameter Blowup CAPEC-230: Serialized Data with Nested Payloads Serialized Data with Nested Payloads CAPEC-231: Oversized Serialized Data Payloads Oversized Serialized Data Payloads CAPEC-469: HTTP DoS HTTP DoS CAPEC-482: TCP Flood TCP Flood CAPEC-486: UDP Flood UDP Flood CAPEC-487: ICMP Flood ICMP Flood CAPEC-488: HTTP Flood HTTP Flood CAPEC-489: SSL Flood SSL Flood CAPEC-490: Amplification Amplification CAPEC-491: Quadratic Data Expansion Quadratic Data Expansion CAPEC-493: SOAP Array Blowup SOAP Array Blowup CAPEC-494: TCP Fragmentation TCP Fragmentation CAPEC-495: UDP Fragmentation UDP Fragmentation CAPEC-496: ICMP Fragmentation ICMP Fragmentation CAPEC-528: XML Flood XML Flood
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.28 }} 0.07%

score

0.68279

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: