ByteOS Network

Vulnerability Details :

CVE-2017-2680

Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77

Published At-11 May, 2017 | 01:00

Updated At-10 Sep, 2024 | 09:33

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:siemens

Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77

Published At:11 May, 2017 | 01:00

Updated At:10 Sep, 2024 | 09:33

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

Siemens AG

Product

Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller

Default Status

unknown

Versions

Affected

All versions < V4.1.1 Patch04

Vendor

Siemens AG

Product

Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200

Default Status

unknown

Versions

Affected

All versions < V4.2.1 Patch03

Vendor

Siemens AG

Product

Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P

Default Status

unknown

Versions

Affected

All versions < V4.4.0 Patch01

Vendor

Siemens AG

Product

Extension Unit 12" PROFINET

Default Status

unknown

Versions

Affected

All versions < V01.01.01

Vendor

Siemens AG

Product

Extension Unit 15" PROFINET

Default Status

unknown

Versions

Affected

All versions < V01.01.01

Vendor

Siemens AG

Product

Extension Unit 19" PROFINET

Default Status

unknown

Versions

Affected

All versions < V01.01.01

Vendor

Siemens AG

Product

Extension Unit 22" PROFINET

Default Status

unknown

Versions

Affected

All versions < V01.01.01

Vendor

Siemens AG

Product

IE/AS-i Link PN IO

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

IE/PB-Link (incl. SIPLUS NET variants)

Default Status

unknown

Versions

Affected

All versions < V3.0

Vendor

Siemens AG

Product

SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)

Default Status

unknown

Versions

Affected

All versions < V4.03

Vendor

Siemens AG

Product

SCALANCE W-700 IEEE 802.11n family

Default Status

unknown

Versions

Affected

All versions < V6.1

Vendor

Siemens AG

Product

SCALANCE X-200 family (incl. SIPLUS NET variants)

Default Status

unknown

Versions

Affected

All versions < V5.2.2

Vendor

Siemens AG

Product

SCALANCE X-200IRT family (incl. SIPLUS NET variants)

Default Status

unknown

Versions

Affected

All versions < V5.4.0

Vendor

Siemens AG

Product

SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)

Default Status

unknown

Versions

Affected

All versions < V4.1.0

Vendor

Siemens AG

Product

SCALANCE X408 family

Default Status

unknown

Versions

Affected

All versions < V4.1.0

Vendor

Siemens AG

Product

SCALANCE X414

Default Status

unknown

Versions

Affected

All versions < V3.10.2

Vendor

Siemens AG

Product

SCALANCE XM-400 family

Default Status

unknown

Versions

Affected

All versions < V6.1

Vendor

Siemens AG

Product

SCALANCE XR-500 family

Default Status

unknown

Versions

Affected

All versions < V6.1

Vendor

Siemens AG

Product

SIMATIC CM 1542-1

Default Status

unknown

Versions

Affected

All versions < V2.0

Vendor

Siemens AG

Product

SIMATIC CM 1542SP-1

Default Status

unknown

Versions

Affected

All versions < V1.0.15

Vendor

Siemens AG

Product

SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V2.1.82

Vendor

Siemens AG

Product

SIMATIC CP 1243-1 (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V2.1.82

Vendor

Siemens AG

Product

SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

From 0 before * (custom)

Vendor

Siemens AG

Product

SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC CP 1243-7 LTE US

Default Status

unknown

Versions

Affected

All versions < V2.1.82

Vendor

Siemens AG

Product

SIMATIC CP 1243-8 IRC

Default Status

unknown

Versions

Affected

All versions < V2.1.82

Vendor

Siemens AG

Product

SIMATIC CP 1243-8 IRC

Default Status

unknown

Versions

Affected

All versions < V2.1.82

Vendor

Siemens AG

Product

SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V1.0.15

Vendor

Siemens AG

Product

SIMATIC CP 1543-1 (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V2.1

Vendor

Siemens AG

Product

SIMATIC CP 1543SP-1 (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V1.0.15

Vendor

Siemens AG

Product

SIMATIC CP 1604

Default Status

unknown

Versions

Affected

All versions < V2.7

Vendor

Siemens AG

Product

SIMATIC CP 1616

Default Status

unknown

Versions

Affected

All versions < V2.7

Vendor

Siemens AG

Product

SIMATIC CP 1626

Default Status

unknown

Versions

Affected

All versions < V1.1

Vendor

Siemens AG

Product

SIMATIC CP 343-1 (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V3.1.3

Vendor

Siemens AG

Product

SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC CP 343-1 Lean (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V3.1.3

Vendor

Siemens AG

Product

SIMATIC CP 443-1 (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V3.2.17

Vendor

Siemens AG

Product

SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V3.2.17

Vendor

Siemens AG

Product

SIMATIC CP 443-1 OPC UA

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC DK-16xx PN IO

Default Status

unknown

Versions

Affected

All versions < V2.7

Vendor

Siemens AG

Product

SIMATIC ET 200AL IM 157-1 PN

Default Status

unknown

Versions

Affected

From 0 before V1.0.2 (custom)

Vendor

Siemens AG

Product

SIMATIC ET 200M (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET 200MP IM 155-5 PN BA

Default Status

unknown

Versions

Affected

From 0 before V4.0.1 (custom)

Vendor

Siemens AG

Product

SIMATIC ET 200MP IM 155-5 PN HF

Default Status

unknown

Versions

Affected

From 0 before V4.2.0 (custom)

Vendor

Siemens AG

Product

SIMATIC ET 200MP IM 155-5 PN ST

Default Status

unknown

Versions

Affected

From 0 before V4.1.0 (custom)

Vendor

Siemens AG

Product

SIMATIC ET 200pro IM 154-3 PN HF

Default Status

unknown

Versions

Affected

From 0 before * (custom)

Vendor

Siemens AG

Product

SIMATIC ET 200pro IM 154-4 PN HF

Default Status

unknown

Versions

Affected

From 0 before * (custom)

Vendor

Siemens AG

Product

SIMATIC ET 200SP IM 155-6 PN BA

Default Status

unknown

Versions

Affected

From 0 before * (custom)

Vendor

Siemens AG

Product

SIMATIC ET 200SP IM 155-6 PN HF

Default Status

unknown

Versions

Affected

From 0 before V4.2.0 (custom)

Vendor

Siemens AG

Product

SIMATIC ET 200SP IM 155-6 PN HS

Default Status

unknown

Versions

Affected

From 0 before V4.0.1 (custom)

Vendor

Siemens AG

Product

SIMATIC ET 200SP IM 155-6 PN ST

Default Status

unknown

Versions

Affected

From 0 before V4.1.0 (custom)

Vendor

Siemens AG

Product

SIMATIC ET 200SP IM 155-6 PN ST BA

Default Status

unknown

Versions

Affected

From 0 before V4.1.0 (custom)

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 4AO U/I 4xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200ecoPN: IO-Link Master

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC ET200S (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V15.1

Vendor

Siemens AG

Product

SIMATIC MV420 SR-B

Default Status

unknown

Versions

Affected

From 0 before V7.0.6 (custom)

Vendor

Siemens AG

Product

SIMATIC MV420 SR-B Body

Default Status

unknown

Versions

Affected

From 0 before V7.0.6 (custom)

Vendor

Siemens AG

Product

SIMATIC MV420 SR-P

Default Status

unknown

Versions

Affected

From 0 before V7.0.6 (custom)

Vendor

Siemens AG

Product

SIMATIC MV420 SR-P Body

Default Status

unknown

Versions

Affected

From 0 before V7.0.6 (custom)

Vendor

Siemens AG

Product

SIMATIC MV440 HR

Default Status

unknown

Versions

Affected

From 0 before V7.0.6 (custom)

Vendor

Siemens AG

Product

SIMATIC MV440 SR

Default Status

unknown

Versions

Affected

From 0 before V7.0.6 (custom)

Vendor

Siemens AG

Product

SIMATIC MV440 UR

Default Status

unknown

Versions

Affected

From 0 before V7.0.6 (custom)

Vendor

Siemens AG

Product

SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)

Default Status

unknown

Versions

Affected

All versions < V4.0

Vendor

Siemens AG

Product

SIMATIC RF650R

Default Status

unknown

Versions

Affected

All versions < V3.0

Vendor

Siemens AG

Product

SIMATIC RF680R

Default Status

unknown

Versions

Affected

All versions < V3.0

Vendor

Siemens AG

Product

SIMATIC RF685R

Default Status

unknown

Versions

Affected

All versions < V3.0

Vendor

Siemens AG

Product

SIMATIC S7-1200 CPU family (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V4.2.1

Vendor

Siemens AG

Product

SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V2.1

Vendor

Siemens AG

Product

SIMATIC S7-1500 Software Controller

Default Status

unknown

Versions

Affected

All versions < V2.1

Vendor

Siemens AG

Product

SIMATIC S7-200 SMART

Default Status

unknown

Versions

Affected

All versions < V2.3

Vendor

Siemens AG

Product

SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)

Default Status

unknown

Versions

Affected

From 0 before V3.X.14 (custom)

Vendor

Siemens AG

Product

SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

From 0 before V6.0.7 (custom)

Vendor

Siemens AG

Product

SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

From 0 before V6.0.6 (custom)

Vendor

Siemens AG

Product

SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

From 0 before V7.0.2 (custom)

Vendor

Siemens AG

Product

SIMATIC S7-410 CPU family (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V8.2

Vendor

Siemens AG

Product

SIMATIC TDC CP51M1

Default Status

unknown

Versions

Affected

From 0 before V1.1.8 (custom)

Vendor

Siemens AG

Product

SIMATIC TDC CPU555

Default Status

unknown

Versions

Affected

From 0 before V1.1.1 (custom)

Vendor

Siemens AG

Product

SIMATIC Teleservice Adapter IE Advanced

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC Teleservice Adapter IE Basic

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC Teleservice Adapter IE Standard

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIMATIC WinAC RTX 2010

Default Status

unknown

Versions

Affected

All versions < V2010 SP3

Vendor

Siemens AG

Product

SIMATIC WinAC RTX F 2010

Default Status

unknown

Versions

Affected

All versions < V2010 SP3

Vendor

Siemens AG

Product

SIMOCODE pro V PROFINET (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V2.0.0

Vendor

Siemens AG

Product

SIMOTION

Default Status

unknown

Versions

Affected

All versions < V4.5 HF1

Vendor

Siemens AG

Product

SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V4.4 HF26

Vendor

Siemens AG

Product

SINAMICS DCM w. PN

Default Status

unknown

Versions

Affected

All versions < V1.4 SP1 HF5

Vendor

Siemens AG

Product

SINAMICS DCP w. PN

Default Status

unknown

Versions

Affected

All versions < V1.2 HF1

Vendor

Siemens AG

Product

SINAMICS G110M w. PN

Default Status

unknown

Versions

Affected

All versions < V4.7 SP6 HF3

Vendor

Siemens AG

Product

SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V4.7 SP6 HF3

Vendor

Siemens AG

Product

SINAMICS G130 V4.7 w. PN

Default Status

unknown

Versions

Affected

All versions < V4.7 HF27

Vendor

Siemens AG

Product

SINAMICS G130 V4.8 w. PN

Default Status

unknown

Versions

Affected

All versions < V4.8 HF4

Vendor

Siemens AG

Product

SINAMICS G150 V4.7 w. PN

Default Status

unknown

Versions

Affected

V4.7: All versions < V4.7 HF27

Vendor

Siemens AG

Product

SINAMICS G150 V4.8 w. PN

Default Status

unknown

Versions

Affected

All versions < V4.8 HF4

Vendor

Siemens AG

Product

SINAMICS GH150 V4.7 w. PROFINET

Default Status

unknown

Versions

Affected

All versions < V4.7 SP5 HF7

Vendor

Siemens AG

Product

SINAMICS GL150 V4.7 w. PROFINET

Default Status

unknown

Versions

Affected

All versions < V4.8 SP2

Vendor

Siemens AG

Product

SINAMICS GM150 V4.7 w. PROFINET

Default Status

unknown

Versions

Affected

All versions < V4.7 HF31

Vendor

Siemens AG

Product

SINAMICS S110 w. PN

Default Status

unknown

Versions

Affected

All versions < V4.4 SP3 HF5

Vendor

Siemens AG

Product

SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V4.7

Vendor

Siemens AG

Product

SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V4.7 HF27

Vendor

Siemens AG

Product

SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V4.8 HF4

Vendor

Siemens AG

Product

SINAMICS S150 V4.7 w. PN

Default Status

unknown

Versions

Affected

All versions < V4.7 HF27

Vendor

Siemens AG

Product

SINAMICS S150 V4.8 w. PN

Default Status

unknown

Versions

Affected

All versions < V4.8 HF4

Vendor

Siemens AG

Product

SINAMICS SL150 V4.7.0 w. PROFINET

Default Status

unknown

Versions

Affected

All versions < V4.7 HF30

Vendor

Siemens AG

Product

SINAMICS SL150 V4.7.4 w. PROFINET

Default Status

unknown

Versions

Affected

All versions < V4.8 SP2

Vendor

Siemens AG

Product

SINAMICS SL150 V4.7.5 w. PROFINET

Default Status

unknown

Versions

Affected

All versions < V4.8 SP2

Vendor

Siemens AG

Product

SINAMICS SM120 V4.7 w. PROFINET

Default Status

unknown

Versions

Affected

All versions < V4.8 SP2

Vendor

Siemens AG

Product

SINAMICS V90 w. PN

Default Status

unknown

Versions

Affected

All versions < V1.01

Vendor

Siemens AG

Product

SINUMERIK 828D V4.5 and prior

Default Status

unknown

Versions

Affected

All versions < V4.5 SP6 HF2

Vendor

Siemens AG

Product

SINUMERIK 828D V4.7

Default Status

unknown

Versions

Affected

All versions < V4.7 SP4 HF1

Vendor

Siemens AG

Product

SINUMERIK 840D sl V4.5 and prior

Default Status

unknown

Versions

Affected

All versions < V4.5 SP6 HF2

Vendor

Siemens AG

Product

SINUMERIK 840D sl V4.7

Default Status

unknown

Versions

Affected

All versions < V4.7 SP4 HF1

Vendor

Siemens AG

Product

SIPLUS ET 200MP IM 155-5 PN HF

Default Status

unknown

Versions

Affected

From 0 before V4.2.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200MP IM 155-5 PN HF

Default Status

unknown

Versions

Affected

From 0 before V4.2.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL

Default Status

unknown

Versions

Affected

From 0 before V4.2.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200MP IM 155-5 PN ST

Default Status

unknown

Versions

Affected

From 0 before V4.1.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200MP IM 155-5 PN ST TX RAIL

Default Status

unknown

Versions

Affected

From 0 before V4.1.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200SP IM 155-6 PN HF

Default Status

unknown

Versions

Affected

From 0 before V4.2.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200SP IM 155-6 PN HF

Default Status

unknown

Versions

Affected

From 0 before V4.2.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL

Default Status

unknown

Versions

Affected

From 0 before V4.2.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200SP IM 155-6 PN ST

Default Status

unknown

Versions

Affected

From 0 before V4.1.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200SP IM 155-6 PN ST BA

Default Status

unknown

Versions

Affected

From 0 before V4.1.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL

Default Status

unknown

Versions

Affected

From 0 before V4.1.0 (custom)

Vendor

Siemens AG

Product

SIPLUS ET 200SP IM 155-6 PN ST TX RAIL

Default Status

unknown

Versions

Affected

From 0 before V4.1.0 (custom)

Vendor

Siemens AG

Product

SIRIUS ACT 3SU1 interface module PROFINET

Default Status

unknown

Versions

Affected

All versions < V1.1.0

Vendor

Siemens AG

Product

SIRIUS Motor Starter M200D PROFINET

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SIRIUS Soft Starter 3RW44 PN

Default Status

unknown

Versions

Affected

All versions

Vendor

Siemens AG

Product

SITOP PSU8600 PROFINET

Default Status

unknown

Versions

Affected

All versions < V1.2.0

Vendor

Siemens AG

Product

SITOP UPS1600 PROFINET (incl. SIPLUS variants)

Default Status

unknown

Versions

Affected

All versions < V2.2.0

Vendor

Siemens AG

Product

Softnet PROFINET IO for PC-based Windows systems

Default Status

unknown

Versions

Affected

All versions < V14 SP1

Problem Types

Type	CWE ID	Description
CWE	CWE-400	CWE-400: Uncontrolled Resource Consumption

Type: CWE

CWE ID: CWE-400

Description: CWE-400: Uncontrolled Resource Consumption

Metrics

Version	Base score	Base severity	Vector
3.1	6.5	MEDIUM	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.0	7.1	HIGH	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Version: 3.1

Base score: 6.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Version: 4.0

Base score: 7.1

Base severity: HIGH

Vector:

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

References

Hyperlink	Resource
http://www.securitytracker.com/id/1038463	vdb-entry x_refsource_SECTRACK
http://www.securityfocus.com/bid/98369	vdb-entry x_refsource_BID
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf	x_refsource_CONFIRM
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02	x_refsource_MISC
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf	x_refsource_CONFIRM
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf	x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf	x_refsource_MISC
https://cert-portal.siemens.com/productcert/html/ssa-293562.html	N/A
https://cert-portal.siemens.com/productcert/html/ssa-284673.html	N/A
https://cert-portal.siemens.com/productcert/html/ssa-546832.html	N/A

Hyperlink: http://www.securitytracker.com/id/1038463

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://www.securityfocus.com/bid/98369

Resource:

vdb-entry

x_refsource_BID

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf

Resource:

x_refsource_CONFIRM

Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02

Resource:

x_refsource_MISC

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf

Resource:

x_refsource_CONFIRM

Hyperlink: https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf

Resource:

x_refsource_CONFIRM

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf

Resource:

x_refsource_MISC

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-293562.html

Resource: N/A

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-284673.html

Resource: N/A

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-546832.html

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CISA ADP Vulnrichment

Metrics Other Info

2. CVE Program Container

References

Hyperlink	Resource
http://www.securitytracker.com/id/1038463	vdb-entry x_refsource_SECTRACK x_transferred
http://www.securityfocus.com/bid/98369	vdb-entry x_refsource_BID x_transferred
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf	x_refsource_CONFIRM x_transferred
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02	x_refsource_MISC x_transferred
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf	x_refsource_CONFIRM x_transferred
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf	x_refsource_CONFIRM x_transferred
https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf	x_refsource_MISC x_transferred
https://cert-portal.siemens.com/productcert/html/ssa-293562.html	x_transferred
https://cert-portal.siemens.com/productcert/html/ssa-284673.html	x_transferred
https://cert-portal.siemens.com/productcert/html/ssa-546832.html	x_transferred

Hyperlink: http://www.securitytracker.com/id/1038463

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://www.securityfocus.com/bid/98369

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-293562.html

Resource:

x_transferred

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-284673.html

Resource:

x_transferred

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-546832.html

Resource:

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:productcert@siemens.com

Published At:11 May, 2017 | 01:29

Updated At:20 Apr, 2025 | 01:37

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	7.1	HIGH	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.1	6.5	MEDIUM	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary	3.1	6.5	MEDIUM	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary	2.0	6.1	MEDIUM	AV:A/AC:L/Au:N/C:N/I:N/A:C

Type: Secondary

Version: 4.0

Base score: 7.1

Base severity: HIGH

Vector:

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.1

Base score: 6.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Type: Primary

Version: 3.1

Base score: 6.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Type: Primary

Version: 2.0

Base score: 6.1

Base severity: MEDIUM

Vector:

AV:A/AC:L/Au:N/C:N/I:N/A:C

CPE Matches

Siemens AG

>>simatic_cp_343-1_std_firmware>>Versions before 3.1.3(exclusive)

cpe:2.3:o:siemens:simatic_cp_343-1_std_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_343-1_std>>-

cpe:2.3:h:siemens:simatic_cp_343-1_std:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_343-1_lean_firmware>>Versions before 3.1.3(exclusive)

cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_343-1_lean>>-

cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_343-1_adv_firmware>>*

cpe:2.3:o:siemens:simatic_cp_343-1_adv_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_343-1_adv>>-

cpe:2.3:h:siemens:simatic_cp_343-1_adv:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_443-1_std_firmware>>Versions before 3.2.17(exclusive)

cpe:2.3:o:siemens:simatic_cp_443-1_std_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_443-1_std>>-

cpe:2.3:h:siemens:simatic_cp_443-1_std:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_443-1_adv_firmware>>Versions before 3.2.17(exclusive)

cpe:2.3:o:siemens:simatic_cp_443-1_adv_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_443-1_adv>>-

cpe:2.3:h:siemens:simatic_cp_443-1_adv:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_443-1_opc-ua_firmware>>*

cpe:2.3:o:siemens:simatic_cp_443-1_opc-ua_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_443-1_opc-ua>>-

cpe:2.3:h:siemens:simatic_cp_443-1_opc-ua:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1243-1_firmware>>Versions before 2.1.82(exclusive)

cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1243-1>>-

cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cm_1542-1_firmware>>Versions before 2.0(exclusive)

cpe:2.3:o:siemens:simatic_cm_1542-1_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cm_1542-1>>-

cpe:2.3:h:siemens:simatic_cm_1542-1:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1542sp-1_firmware>>Versions before 1.0.15(exclusive)

cpe:2.3:o:siemens:simatic_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1542sp-1>>-

cpe:2.3:h:siemens:simatic_cp_1542sp-1:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1542sp-1_irc_firmware>>Versions before 1.0.15(exclusive)

cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1542sp-1_irc>>-

cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1543sp-1_firmware>>Versions before 1.0.15(exclusive)

cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1543sp-1>>-

cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1543-1_firmware>>Versions before 2.1(exclusive)

cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1543-1>>-

cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_rf650r_firmware>>Versions before 3.0(exclusive)

cpe:2.3:o:siemens:simatic_rf650r_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_rf650r>>-

cpe:2.3:h:siemens:simatic_rf650r:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_rf680r_firmware>>Versions before 3.0(exclusive)

cpe:2.3:o:siemens:simatic_rf680r_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_rf680r>>-

cpe:2.3:h:siemens:simatic_rf680r:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_rf685r_firmware>>Versions before 3.0(exclusive)

cpe:2.3:o:siemens:simatic_rf685r_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_rf685r>>-

cpe:2.3:h:siemens:simatic_rf685r:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1616_firmware>>Versions before 2.7(exclusive)

cpe:2.3:o:siemens:simatic_cp_1616_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1616>>-

cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1604_firmware>>Versions before 2.7(exclusive)

cpe:2.3:o:siemens:simatic_cp_1604_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_cp_1604>>-

cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*

Siemens AG

>>simatic_dk-1616_pn_io_firmware>>Versions before 2.7(exclusive)

cpe:2.3:o:siemens:simatic_dk-1616_pn_io_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>simatic_dk-1616_pn_io>>-

cpe:2.3:h:siemens:simatic_dk-1616_pn_io:-:*:*:*:*:*:*:*

Siemens AG

>>scalance_x200_firmware>>Versions before 5.2.2(exclusive)

cpe:2.3:o:siemens:scalance_x200_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>scalance_x200>>-

cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*

Siemens AG

>>scalance_x200_irt_firmware>>Versions before 5.4.0(exclusive)

cpe:2.3:o:siemens:scalance_x200_irt_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>scalance_x200_irt>>-

cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:*

Siemens AG

>>scalance_x300_firmware>>Versions before 4.1.0(exclusive)

cpe:2.3:o:siemens:scalance_x300_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>scalance_x300>>-

cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*

Siemens AG

>>scalance_x408_firmware>>Versions before 4.1.0(exclusive)

cpe:2.3:o:siemens:scalance_x408_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>scalance_x408>>-

cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*

Siemens AG

>>scalance_x414_firmware>>Versions before 3.10.2(exclusive)

cpe:2.3:o:siemens:scalance_x414_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>scalance_x414>>-

cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:*

Siemens AG

>>scalance_xm400_firmware>>Versions before 6.1(exclusive)

cpe:2.3:o:siemens:scalance_xm400_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>scalance_xm400>>-

cpe:2.3:h:siemens:scalance_xm400:-:*:*:*:*:*:*:*

Siemens AG

>>scalance_xr500_firmware>>Versions before 6.1(exclusive)

cpe:2.3:o:siemens:scalance_xr500_firmware:*:*:*:*:*:*:*:*

Siemens AG

>>scalance_xr500>>-

cpe:2.3:h:siemens:scalance_xr500:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-400	Secondary	productcert@siemens.com
CWE-400	Primary	nvd@nist.gov

CWE ID: CWE-400

Type: Secondary

Source: productcert@siemens.com

CWE ID: CWE-400

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.securityfocus.com/bid/98369	productcert@siemens.com	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038463	productcert@siemens.com	Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/html/ssa-284673.html	productcert@siemens.com	N/A
https://cert-portal.siemens.com/productcert/html/ssa-293562.html	productcert@siemens.com	N/A
https://cert-portal.siemens.com/productcert/html/ssa-546832.html	productcert@siemens.com	N/A
https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf	productcert@siemens.com	Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf	productcert@siemens.com	Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf	productcert@siemens.com	Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02	productcert@siemens.com	Third Party Advisory US Government Resource
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf	productcert@siemens.com	Broken Link
http://www.securityfocus.com/bid/98369	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038463	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/html/ssa-284673.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://cert-portal.siemens.com/productcert/html/ssa-293562.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://cert-portal.siemens.com/productcert/html/ssa-546832.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory US Government Resource
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf	af854a3a-2127-422b-91ae-364da2661108	Broken Link

Hyperlink: http://www.securityfocus.com/bid/98369

Source: productcert@siemens.com

Resource:

Third Party Advisory

VDB Entry

Hyperlink: http://www.securitytracker.com/id/1038463

Source: productcert@siemens.com

Resource:

Third Party Advisory

VDB Entry

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-284673.html

Source: productcert@siemens.com

Resource: N/A

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-293562.html

Source: productcert@siemens.com

Resource: N/A

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-546832.html

Source: productcert@siemens.com

Resource: N/A

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf

Source: productcert@siemens.com

Resource:

Vendor Advisory

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf

Source: productcert@siemens.com

Resource:

Vendor Advisory

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf

Source: productcert@siemens.com

Resource:

Vendor Advisory

Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02

Source: productcert@siemens.com

Resource:

Third Party Advisory

US Government Resource

Hyperlink: https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf

Source: productcert@siemens.com

Resource:

Broken Link

Hyperlink: http://www.securityfocus.com/bid/98369

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Third Party Advisory

VDB Entry

Hyperlink: http://www.securitytracker.com/id/1038463

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Third Party Advisory

VDB Entry

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-284673.html

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-293562.html

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-546832.html

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Vendor Advisory

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Vendor Advisory

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Vendor Advisory

Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-18-023-02

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Third Party Advisory

US Government Resource

Hyperlink: https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Broken Link

CVE-2017-2680

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected