Vulnetix
Try Vulnetix Request Demo
SSA-725549 PUBLISHED CVSS 5.300000190734863 MEDIUM

The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication services are not affected. Affected devices will resume normal operation after the attack terminates.

Risk Scores

CVSS v3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

Affected Products

VendorProductVersions
SiemensSIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0)
SiemensSIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0)
SiemensSIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0)
SiemensSIMATIC ET 200S IM 151-3 PN HF (6ES7151-3BA23-0AB0)
SiemensSIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0)
SiemensSIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0)
SiemensSIMATIC S7-1200 CPU 1214C AC/DC/Rly (6ES7214-1BG40-0XB0)
SiemensSIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-5XB0)
SiemensSIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL (6AG2214-1AG40-1XB0)
SiemensSIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-5XB0)
SiemensSIMATIC ET 200pro IM 154-3 PN HF (6ES7154-3AB00-0AB0)
SiemensSIMATIC ET 200pro IM 154-4 PN HF (6ES7154-4AB10-0AB0)
SiemensSIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0)
SiemensSIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0)
SiemensSIPLUS ET 200M IM 153-4 PN IO HF (6AG1153-4BA00-7XB0)
SiemensSIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0)
SiemensSIPLUS ET 200SP IM 155-6 PN ST BA (6AG1155-6AA01-7BN0)
SiemensSIPLUS S7-1200 CPU 1214 DC/DC/DC (6AG1214-1AG40-4XB0)
SiemensSIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0)
SiemensSIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0)

…and 147 more

Timeline

References

Open in Interactive Console →