Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability

BID:101964

CVE-2017-12741 |

Info

Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability

Bugtraq ID: 101964
Class: Input Validation Error
CVE: CVE-2017-12741
Remote: Yes
Local: No
Published: Nov 23 2017 12:00AM
Updated: Apr 10 2019 07:00AM
Credit: George Lashenko, Security researcher at CyberX
Vulnerable: Siemens Softnet PROFINET IO 0
Siemens SIRIUS Soft starter 3RW44 PN 0
Siemens SINUMERIK 840D sl 4.7
Siemens SINUMERIK 840D 0
Siemens SINAMICS SM150 4.7
Siemens SINAMICS SM120 4.7
Siemens SINAMICS SL150 4.7.5
Siemens SINAMICS SL150 4.7.4
Siemens SINAMICS SL150 4.7
Siemens Sinamics S150 -
Siemens Sinamics S120 0
Siemens Sinamics S120 -
Siemens SINAMICS GM150 4.7
Siemens SINAMICS GL150 4.7
Siemens SINAMICS GH150 4.7
Siemens Sinamics G150 -
Siemens Sinamics G130 -
Siemens Sinamics G120 -
Siemens SINAMICS DCP 0
Siemens SINAMICS DCM 0
Siemens SIMOTION 0
Siemens SIMOCODE pro V EIP 1.0.1
Siemens SIMOCODE pro V EIP 1.0
Siemens SIMATIC WinAC RTX 2010 0
Siemens SIMATIC WinAC RTX F 2010 SP2
Siemens SIMATIC WinAC RTX 2010 SP2
Siemens SIMATIC S7-410 8
Siemens SIMATIC S7-400 PN V6 0
Siemens SIMATIC S7-400 PN 0
Siemens SIMATIC S7-400 H V6 0
Siemens SIMATIC S7-300 0
Siemens SIMATIC S7-200 0
Siemens SIMATIC S7-1500 1.8.3
Siemens SIMATIC S7-1500 1.6
Siemens SIMATIC S7-1500 1.5.0
Siemens SIMATIC S7-1500 0
Siemens SIMATIC S7-1200 4.1.3
Siemens SIMATIC S7-1200 4.0
Siemens SIMATIC S7-1200 3.0.1
Siemens SIMATIC S7-1200 3.0.0
Siemens SIMATIC S7-1200 3.0
Siemens SIMATIC S7-1200 2.0.3
Siemens SIMATIC S7-1200 2.0.2
Siemens SIMATIC ET 200 0
Siemens SIMATIC Compact Field Unit 0
Siemens PROFINET IO 1.4.1
Siemens PROFINET IO 0
Not Vulnerable: Siemens SINAMICS SM120 4.8 SP2
Siemens SINAMICS SL150 4.8 SP2
Siemens SINAMICS GM150 4.8 SP2
Siemens SINAMICS GL150 4.8 SP2
Siemens SINAMICS GH150 4.8 SP2
Siemens Sinamics G120p -
Siemens Sinamics G120d -
Siemens Sinamics G120c -
Siemens Sinamics G120 Update 4.7 SP9 HF1
Siemens SINAMICS G110M 0
Siemens SIMOTION P 5.1 HF1
Siemens SIMOTION C 5.1 HF1
Siemens SIMOCODE pro V EIP 1.0.2
Siemens SIMATIC S7-400 PN V6 6.0.6
Siemens SIMATIC S7-200 SMART 2.3.1

Discussion

Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability

Multiple Siemens products are prone to a denial-of-service vulnerability.

Attackers can exploit this issue to crash the affected device, denying service to legitimate users.

Exploit / POC

Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]

Solution / Fix

Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

References

© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report