VDB
ICSA-17-306-01
ICSA-17-306-01
PUBLISHED
CVSS 4.900000095367432 MEDIUM
Successful exploitation of this vulnerability could allow a remote authenticated attacker to crash services on the devices.
Risk Scores
CVSS 3.1
4.900000095367432
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SIMATIC PCS 7 V8.1: All versions < V8.1 SP1 with WinCC V7.3 Upd 13 | ||
| SIMATIC PCS 7 V8.2: All versions < V8.2 SP1 |
Timeline
- Nov 2, 2017 CVE Published
- Jun 12, 2018 CVE Updated
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-306-01.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-17-306-01 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url
- https://cert-portal.siemens.com/productcert/txt/SSA-523365.txt url
- https://support.industry.siemens.com/cs/ww/en/view/109746452 fix