VDB

SSA-293562

SSA-293562 PUBLISHED CVSS 6.5 MEDIUM

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
SiemensSIMATIC ET 200pro IM 154-3 PN HF (6ES7154-3AB00-0AB0)
SiemensSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)
SiemensSIPLUS ET 200SP IM 155-6 PN ST BA (6AG1155-6AA00-7BN0)
SiemensSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)
SiemensDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller
SiemensSINAMICS DCP w. PN
SiemensSITOP UPS1600 PROFINET (incl. SIPLUS variants)
SiemensSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)
SiemensSIMATIC ET200ecoPN, 8DI, DC24V, 4xM12 (6ES7141-6BF00-0AB0)
SiemensSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12 (6ES7144-6KD50-0AB0)
SiemensSINUMERIK 828D V4.7
SiemensSIMATIC S7-410 CPU family (incl. SIPLUS variants)
SiemensSIMATIC CP 343-1 Lean (incl. SIPLUS variants)
SiemensSIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL (6AG2155-6AA00-4BN0)
SiemensSIMATIC ET 200SP IM 155-6 PN ST BA (6ES7155-6AA00-0BN0)
SiemensSINAMICS G130 V4.7 w. PN
SiemensSIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12 (6ES7142-6BF00-0AB0)
SiemensSIMATIC CP 343-1 (incl. SIPLUS variants)
SiemensSIMATIC CP 443-1 (incl. SIPLUS variants)
SiemensSIMATIC MV440 HR (6GF3440-1GE10)

…and 106 more

Timeline

  • May 8, 2017 CVE Published
  • Sep 10, 2024 CVE Updated

References

…and 30 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›