7.5
HIGH
CVE-2020-28400
TP-Link Powerline Denial of Service Vulnerability
Description

Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.

INFO

Published Date :

July 13, 2021, 11:15 a.m.

Last Modified :

June 11, 2024, 9:15 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

3.6

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2020-28400 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Siemens ruggedcom_rm1224_firmware
2 Siemens scalance_m-800_firmware
3 Siemens scalance_s615_firmware
4 Siemens scalance_xp-200_firmware
5 Siemens scalance_xc-200_firmware
6 Siemens scalance_x200-4p_irt_firmware
7 Siemens scalance_x201-3p_irt_firmware
8 Siemens scalance_x201-3p_irt_pro_firmware
9 Siemens scalance_x202-2irt_firmware
10 Siemens scalance_x202-2p_irt_firmware
11 Siemens scalance_x202-2p_irt_pro_firmware
12 Siemens scalance_x204irt_firmware
13 Siemens scalance_x204irt_pro_firmware
14 Siemens scalance_xf201-3p_irt_firmware
15 Siemens scalance_xf202-2p_irt_firmware
16 Siemens scalance_xf204-2ba_irt_firmware
17 Siemens scalance_xf204irt_firmware
18 Siemens scalance_xb-200_firmware
19 Siemens scalance_xf-200ba_firmware
20 Siemens scalance_xr-300wg_firmware
21 Siemens simatic_cp_1626_firmware
22 Siemens scalance_x200-4_p_irt_firmware
23 Siemens scalance_x202-2_irt_firmware
24 Siemens scalance_x204_irt_firmware
25 Siemens scalance_x204_irt_pro_firmware
26 Siemens scalance_x204-2_firmware
27 Siemens scalance_x204-2fm_firmware
28 Siemens scalance_x204-2ld_firmware
29 Siemens scalance_x204-2ld_ts_firmware
30 Siemens scalance_x204-2ts_firmware
31 Siemens scalance_x206-1_firmware
32 Siemens scalance_x206-1ld_firmware
33 Siemens scalance_x208_firmware
34 Siemens scalance_x212-2_firmware
35 Siemens scalance_x212-2ld_firmware
36 Siemens scalance_x216_firmware
37 Siemens scalance_x224_firmware
38 Siemens scalance_xf204_firmware
39 Siemens scalance_xf204_irt_firmware
40 Siemens scalance_xf204-2_firmware
41 Siemens scalance_xf206-1_firmware
42 Siemens scalance_xf208_firmware
43 Siemens simatic_mv540_h_firmware
44 Siemens simatic_mv540_s_firmware
45 Siemens simatic_mv550_h_firmware
46 Siemens simatic_mv550_s_firmware
47 Siemens simatic_mv560_u_firmware
48 Siemens simatic_mv560_x_firmware
49 Siemens simatic_s7-1200_firmware
50 Siemens dk_standard_ethernet_controller_evaluation_kit_firmware
51 Siemens ek-ertec_200_evaulation_kit_firmware
52 Siemens ek-ertec_200p_evaluation_kit_firmware
53 Siemens scalance_w700_firmware
54 Siemens scalance_w1700_firmware
55 Siemens scalance_x208pro_firmware
56 Siemens scalance_x302-7eec_firmware
57 Siemens scalance_x304-2fe_firmware
58 Siemens scalance_x306-1ldfe_firmware
59 Siemens scalance_x307-2eec_firmware
60 Siemens scalance_x307-3_firmware
61 Siemens scalance_x307-3ld_firmware
62 Siemens scalance_x308-2_firmware
63 Siemens scalance_x308-2ld_firmware
64 Siemens scalance_x308-2lh_firmware
65 Siemens scalance_x308-2lh\+_firmware
66 Siemens scalance_x308-2m_firmware
67 Siemens scalance_x308-2m_poe_firmware
68 Siemens scalance_x308-2m_ts_firmware
69 Siemens scalance_x310_firmware
70 Siemens scalance_x310fe_firmware
71 Siemens scalance_x320-1fe_firmware
72 Siemens scalance_x320-3ldfe_firmware
73 Siemens scalance_xm400_firmware
74 Siemens scalance_xr324-4m_eec_firmware
75 Siemens scalance_xr324-4m_poe_firmware
76 Siemens scalance_xr324-4m_poe_ts_firmware
77 Siemens scalance_xr324-12m_firmware
78 Siemens scalance_xr324-12m_ts_firmware
79 Siemens scalance_xr500_firmware
80 Siemens simatic_cfu_pa_firmware
81 Siemens simatic_ie\/pb-link_v3_firmware
82 Siemens simatic_mv500_firmware
83 Siemens simatic_net_cm_1542-1_firmware
84 Siemens simatic_net_cp1616_firmware
85 Siemens simatic_net_cp1604_firmware
86 Siemens simatic_net_cp1626_firmware
87 Siemens simatic_net_dk-16xx_pn_io
88 Siemens simatic_power_line_booster_plb_firmware
89 Siemens simatic_profinet_driver_firmware
90 Siemens simocode_prov_ethernet\/ip_firmware
91 Siemens simocode_prov_profinet_firmware
92 Siemens softnet-ie_pnio_firmware
93 Siemens scalance_m804pb_firmware
94 Siemens scalance_m874-2_firmware
95 Siemens scalance_m874-3_firmware
96 Siemens scalance_m826-2_shdsl-router_firmware
97 Siemens scalance_w1748-1_m12_firmware
98 Siemens scalance_w1788-1_m12_firmware
99 Siemens scalance_w1788-2_eec_m12_firmware
100 Siemens scalance_w1788-2_m12_firmware
101 Siemens scalance_w1788-2ia_m12_firmware
102 Siemens simatic_cm_1542-1_firmware
103 Siemens scalance_x408-2_firmware
104 Siemens scalance_x201-3p_irt
105 Siemens simatic_cfu_diq_firmware
106 Siemens siplus_net_scalance_x308-2_firmware
107 Siemens scalance_x308-2m
108 Siemens scalance_s615
109 Siemens simatic_cfu_pa
110 Siemens dk_standard_ethernet_controller_evaluation_kit
111 Siemens ek-ertec_200_evaulation_kit
112 Siemens ek-ertec_200p_evaluation_kit
113 Siemens ruggedcom_rm1224
114 Siemens scalance_m-800
115 Siemens scalance_w700
116 Siemens scalance_w1700
117 Siemens scalance_x200-4_p_irt
118 Siemens scalance_x201-3p_irt_pro
119 Siemens scalance_x202-2_irt
120 Siemens scalance_x202-2p_irt_pro
121 Siemens scalance_x204_irt
122 Siemens scalance_x204_irt_pro
123 Siemens scalance_x204-2_
124 Siemens scalance_x204-2fm
125 Siemens scalance_x204-2ld
126 Siemens scalance_x204-2ld_ts
127 Siemens scalance_x204-2ts
128 Siemens scalance_x206-1
129 Siemens scalance_x206-1ld
130 Siemens scalance_x208
131 Siemens scalance_x208pro
132 Siemens scalance_x212-2
133 Siemens scalance_x212-2ld
134 Siemens scalance_x216
135 Siemens scalance_x224
136 Siemens scalance_x302-7eec
137 Siemens scalance_x304-2fe
138 Siemens scalance_x306-1ldfe
139 Siemens scalance_x307-2eec
140 Siemens scalance_x307-3
141 Siemens scalance_x307-3ld
142 Siemens scalance_x308-2
143 Siemens scalance_x308-2ld
144 Siemens scalance_x308-2lh
145 Siemens scalance_x308-2lh\+
146 Siemens scalance_x308-2m_poe
147 Siemens scalance_x308-2m_ts
148 Siemens scalance_x310
149 Siemens scalance_x310fe
150 Siemens scalance_x320-1fe
151 Siemens scalance_x320-3ldfe
152 Siemens scalance_xb-200
153 Siemens scalance_xc-200
154 Siemens scalance_xf201-3p_irt
155 Siemens scalance_xf202-2p_irt
156 Siemens scalance_xf204
157 Siemens scalance_xf204_irt
158 Siemens scalance_xf204-2_
159 Siemens scalance_xf204-2ba_irt
160 Siemens scalance_xf206-1
161 Siemens scalance_xf208
162 Siemens scalance_xf-200ba
163 Siemens scalance_xm400
164 Siemens scalance_xp-200
165 Siemens scalance_xr324-4m_eec
166 Siemens scalance_xr324-4m_poe
167 Siemens scalance_xr324-4m_poe_ts
168 Siemens scalance_xr324-12m
169 Siemens scalance_xr324-12m_ts
170 Siemens scalance_xr500
171 Siemens scalance_xr-300wg
172 Siemens simatic_ie\/pb-link_v3
173 Siemens simatic_mv500
174 Siemens simatic_net_cm_1542-1
175 Siemens simatic_net_cp1616
176 Siemens simatic_net_cp1604
177 Siemens simatic_net_cp1626
178 Siemens simatic_power_line_booster_plb
179 Siemens simatic_profinet_driver
180 Siemens simatic_s7-1200
181 Siemens simocode_prov_ethernet\/ip
182 Siemens simocode_prov_profinet
183 Siemens softnet-ie_pnio
184 Siemens scalance_m876-3_\(rok\)_firmware
185 Siemens scalance_m876-4_\(eu\)_firmware
186 Siemens scalance_m876-4_\(nam\)_firmware
: Total Affected Vendor : 1 | Products : 186
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2020-28400.

URL Resource
https://cert-portal.siemens.com/productcert/html/ssa-599968.html
https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf Patch Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 Third Party Advisory US Government Resource

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2020-28400 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2020-28400 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Jun. 11, 2024

    Action Type Old Value New Value
    Added Reference Siemens AG https://cert-portal.siemens.com/productcert/html/ssa-599968.html [No types assigned]
    Added CVSS V3.1 Siemens AG AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Apr. 12, 2022

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, RUGGEDCOM RM1224, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router, SCALANCE M816-1 ADSL-Router, SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3, SCALANCE M876-3 (ROK), SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE S615, SCALANCE W-1700 IEEE 802.11ac family, SCALANCE W-700 IEEE 802.11n family, SCALANCE X200-4 P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2 IRT, SCALANCE X202-2P IRT (incl. SIPLUS NET variant), SCALANCE X202-2P IRT PRO, SCALANCE X204 IRT, SCALANCE X204 IRT PRO, SCALANCE X204-2 (incl. SIPLUS NET variant), SCALANCE X204-2FM, SCALANCE X204-2LD (incl. SIPLUS NET variant), SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X206-1, SCALANCE X206-1LD (incl. SIPLUS NET variant), SCALANCE X208 (incl. SIPLUS NET variant), SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7EEC, SCALANCE X304-2FE, SCALANCE X306-1LDFE, SCALANCE X307-2EEC, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2 (incl. SIPLUS NET variant), SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310FE, SCALANCE X320-1FE, SCALANCE X320-3LDFE, SCALANCE XB-200, SCALANCE XC-200, SCALANCE XF-200BA, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204 IRT, SCALANCE XF204-2 (incl. SIPLUS NET variant), SCALANCE XF204-2BA IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XM400, SCALANCE XP-200, SCALANCE XR-300WG, SCALANCE XR324-12M, SCALANCE XR324-12M TS, SCALANCE XR324-4M EEC, SCALANCE XR324-4M PoE, SCALANCE XR324-4M PoE TS, SCALANCE XR500, SIMATIC CFU PA, SIMATIC CM 1542-1, SIMATIC CP1616/CP1604, SIMATIC CP1626, SIMATIC IE/PB-LINK V3, SIMATIC MV540 H, SIMATIC MV540 S, SIMATIC MV550 H, SIMATIC MV550 S, SIMATIC MV560 U, SIMATIC MV560 X, SIMATIC NET DK-16xx PN IO, SIMATIC PROFINET Driver, SIMATIC Power Line Booster PLB, Base Module, SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMOCODE proV Ethernet/IP, SIMOCODE proV PROFINET, SOFTNET-IE PNIO. Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
  • CVE Modified by [email protected]

    Feb. 09, 2022

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M PoE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M PoE (All versions), SCALANCE XR324-4M PoE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC CM 1542-1 (All versions < V3.0), SIMATIC CP1616/CP1604 (All Versions >= V2.7), SIMATIC CP1626 (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions < V2.3), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, RUGGEDCOM RM1224, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router, SCALANCE M816-1 ADSL-Router, SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3, SCALANCE M876-3 (ROK), SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE S615, SCALANCE W-1700 IEEE 802.11ac family, SCALANCE W-700 IEEE 802.11n family, SCALANCE X200-4 P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2 IRT, SCALANCE X202-2P IRT (incl. SIPLUS NET variant), SCALANCE X202-2P IRT PRO, SCALANCE X204 IRT, SCALANCE X204 IRT PRO, SCALANCE X204-2 (incl. SIPLUS NET variant), SCALANCE X204-2FM, SCALANCE X204-2LD (incl. SIPLUS NET variant), SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X206-1, SCALANCE X206-1LD (incl. SIPLUS NET variant), SCALANCE X208 (incl. SIPLUS NET variant), SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7EEC, SCALANCE X304-2FE, SCALANCE X306-1LDFE, SCALANCE X307-2EEC, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2 (incl. SIPLUS NET variant), SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310FE, SCALANCE X320-1FE, SCALANCE X320-3LDFE, SCALANCE XB-200, SCALANCE XC-200, SCALANCE XF-200BA, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204 IRT, SCALANCE XF204-2 (incl. SIPLUS NET variant), SCALANCE XF204-2BA IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XM400, SCALANCE XP-200, SCALANCE XR-300WG, SCALANCE XR324-12M, SCALANCE XR324-12M TS, SCALANCE XR324-4M EEC, SCALANCE XR324-4M PoE, SCALANCE XR324-4M PoE TS, SCALANCE XR500, SIMATIC CFU PA, SIMATIC CM 1542-1, SIMATIC CP1616/CP1604, SIMATIC CP1626, SIMATIC IE/PB-LINK V3, SIMATIC MV540 H, SIMATIC MV540 S, SIMATIC MV550 H, SIMATIC MV550 S, SIMATIC MV560 U, SIMATIC MV560 X, SIMATIC NET DK-16xx PN IO, SIMATIC PROFINET Driver, SIMATIC Power Line Booster PLB, Base Module, SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMOCODE proV Ethernet/IP, SIMOCODE proV PROFINET, SOFTNET-IE PNIO. Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
  • Modified Analysis by [email protected]

    Dec. 10, 2021

    Action Type Old Value New Value
    Changed Reference Type https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 No Types Assigned https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 Third Party Advisory, US Government Resource
    Added CWE NIST CWE-770
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200p_evaluation_kit_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ek-ertec_200p_evaluation_kit:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:ek-ertec_200p_evaluation_kit_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.7 OR cpe:2.3:h:siemens:ek-ertec_200p_evaluation_kit:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2_:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x204-2_:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.3 OR cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.3 OR cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf204-2_:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_xf204-2_:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.5 OR cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.3 OR cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.3 OR cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.3 OR cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*
    Changed CPE Configuration OR *cpe:2.3:a:siemens:simatic_net_dk-16xx_pn_io:-:*:*:*:*:*:*:* OR *cpe:2.3:a:siemens:simatic_net_dk-16xx_pn_io:*:*:*:*:*:*:*:* versions up to (including) 2.7
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_profinet_driver_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_profinet_driver:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_profinet_driver_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.3 OR cpe:2.3:h:siemens:simatic_profinet_driver:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 4.5 OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_prov_ethernet\/ip_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_prov_ethernet\/ip:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simocode_prov_ethernet\/ip_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.3 OR cpe:2.3:h:siemens:simocode_prov_ethernet\/ip:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_prov_profinet_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_prov_profinet:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:siemens:simocode_prov_profinet_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.3 OR cpe:2.3:h:siemens:simocode_prov_profinet:-:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Oct. 12, 2021

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M POE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M POE (All versions), SCALANCE XR324-4M POE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC CM 1542-1 (All versions < V3.0), SIMATIC CP1616/CP1604 (All Versions >= V2.7), SIMATIC CP1626 (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M PoE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M PoE (All versions), SCALANCE XR324-4M PoE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC CM 1542-1 (All versions < V3.0), SIMATIC CP1616/CP1604 (All Versions >= V2.7), SIMATIC CP1626 (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions < V2.3), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
  • CVE Modified by [email protected]

    Sep. 14, 2021

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2FM (All versions), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2LD TS (All versions), SCALANCE X204-2TS (All versions), SCALANCE X206-1 (All versions), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions), SCALANCE X208 (incl. SIPLUS NET variant) (All versions), SCALANCE X208PRO (All versions), SCALANCE X212-2 (All versions), SCALANCE X212-2LD (All versions), SCALANCE X216 (All versions), SCALANCE X224 (All versions), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M PoE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions), SCALANCE XF208 (All versions), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M PoE (All versions), SCALANCE XR324-4M PoE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET CM 1542-1 (All versions), SIMATIC NET CP1616/CP1604 (All Versions >= V2.7), SIMATIC NET CP1626 (All versions), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M POE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M POE (All versions), SCALANCE XR324-4M POE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC CM 1542-1 (All versions < V3.0), SIMATIC CP1616/CP1604 (All Versions >= V2.7), SIMATIC CP1626 (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
  • CVE Modified by [email protected]

    Aug. 10, 2021

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions), RUGGEDCOM RM1224 (All Versions < 6.4), SCALANCE M-800 (All Versions < 6.4), SCALANCE S615 (All Versions < 6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2FM (All versions), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2LD TS (All versions), SCALANCE X204-2TS (All versions), SCALANCE X206-1 (All versions), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions), SCALANCE X208 (incl. SIPLUS NET variant) (All versions), SCALANCE X208PRO (All versions), SCALANCE X212-2 (All versions), SCALANCE X212-2LD (All versions), SCALANCE X216 (All versions), SCALANCE X224 (All versions), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M POE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions), SCALANCE XC-200 (All versions), SCALANCE XF-200BA (All versions), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions), SCALANCE XF208 (All versions), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions), SCALANCE XR-300WG (All versions), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M POE (All versions), SCALANCE XR324-4M POE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET CM 1542-1 (All versions), SIMATIC NET CP1616/CP1604 (All Versions >= V2.7), SIMATIC NET CP1626 (All versions), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2FM (All versions), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions), SCALANCE X204-2LD TS (All versions), SCALANCE X204-2TS (All versions), SCALANCE X206-1 (All versions), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions), SCALANCE X208 (incl. SIPLUS NET variant) (All versions), SCALANCE X208PRO (All versions), SCALANCE X212-2 (All versions), SCALANCE X212-2LD (All versions), SCALANCE X216 (All versions), SCALANCE X224 (All versions), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M PoE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions), SCALANCE XF208 (All versions), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M PoE (All versions), SCALANCE XR324-4M PoE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET CM 1542-1 (All versions), SIMATIC NET CP1616/CP1604 (All Versions >= V2.7), SIMATIC NET CP1626 (All versions), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
  • CVE Modified by [email protected]

    Jul. 30, 2021

    Action Type Old Value New Value
    Added Reference https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 [No Types Assigned]
  • Initial Analysis by [email protected]

    Jul. 30, 2021

    Action Type Old Value New Value
    Added CVSS V2 NIST (AV:N/AC:L/Au:N/C:N/I:N/A:P)
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf Patch, Vendor Advisory
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:dk_standard_ethernet_controller_evaluation_kit_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:dk_standard_ethernet_controller_evaluation_kit:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200_evaulation_kit_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ek-ertec_200_evaulation_kit:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ek-ertec_200p_evaluation_kit_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ek-ertec_200p_evaluation_kit:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.4 OR cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.4 OR cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.4 OR cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_w1700:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x200-4_p_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x200-4_p_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x202-2_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x204_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_x204_irt_pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2_:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x208pro_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x208pro:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2lh\+_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2lh\+:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_x320-3ldfe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_x320-3ldfe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_xf204_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf204-2_:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.0 OR cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.3.1 OR cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 6.3.1 OR cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_cfu_pa_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_cfu_pa:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_ie\/pb-link_v3_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_ie\/pb-link_v3:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 OR cpe:2.3:h:siemens:simatic_mv500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_net_cm_1542-1_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_net_cm_1542-1:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_net_cp1616_firmware:*:*:*:*:*:*:*:* versions up to (including) 2.7 OR cpe:2.3:h:siemens:simatic_net_cp1616:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_net_cp1604_firmware:*:*:*:*:*:*:*:* versions up to (including) 2.7 OR cpe:2.3:h:siemens:simatic_net_cp1604:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_net_cp1626_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_net_cp1626:-:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:a:siemens:simatic_net_dk-16xx_pn_io:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_power_line_booster_plb_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_power_line_booster_plb:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_profinet_driver_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_profinet_driver:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_prov_ethernet\/ip_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_prov_ethernet\/ip:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:simocode_prov_profinet_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:simocode_prov_profinet:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:softnet-ie_pnio_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:softnet-ie_pnio:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2020-28400 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2020-28400 weaknesses.

CAPEC-125: Flooding Flooding CAPEC-130: Excessive Allocation Excessive Allocation CAPEC-147: XML Ping of the Death XML Ping of the Death CAPEC-197: Exponential Data Expansion Exponential Data Expansion CAPEC-229: Serialized Data Parameter Blowup Serialized Data Parameter Blowup CAPEC-230: Serialized Data with Nested Payloads Serialized Data with Nested Payloads CAPEC-231: Oversized Serialized Data Payloads Oversized Serialized Data Payloads CAPEC-469: HTTP DoS HTTP DoS CAPEC-482: TCP Flood TCP Flood CAPEC-486: UDP Flood UDP Flood CAPEC-487: ICMP Flood ICMP Flood CAPEC-488: HTTP Flood HTTP Flood CAPEC-489: SSL Flood SSL Flood CAPEC-490: Amplification Amplification CAPEC-491: Quadratic Data Expansion Quadratic Data Expansion CAPEC-493: SOAP Array Blowup SOAP Array Blowup CAPEC-494: TCP Fragmentation TCP Fragmentation CAPEC-495: UDP Fragmentation UDP Fragmentation CAPEC-496: ICMP Fragmentation ICMP Fragmentation CAPEC-528: XML Flood XML Flood
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.22 }} 0.10%

score

0.59718

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: