2017-12-26 05:29:13 2019-04-17 16:29:00

A vulnerability has been identified in SIMATIC S7-200 Smart (All versions < V2.03.01), SIMATIC S7-400 PN V6 (All versions < V6.0.6), SIMATIC S7-400 H V6 (All versions < V6.0.8), SIMATIC S7-400 PN/DP V7 (All versions < V7.0.2), SIMATIC S7-410 V8 (All versions < V8.2.1), SIMATIC S7-300 (All versions < V3.X.16), SIMATIC S7-1200 (All versions < V4.2.3), SIMATIC S7-1500 (All versions < V2.0), SIMATIC S7-1500 Software Controller (All versions < V2.0), SIMATIC WinAC RTX 2010 incl. F (All versions), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.2), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP IM155-5 PN HF (All versions < V4.2), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN HF (All versions < V4.2.0), SIMATIC ET 200SP IM155-6 PN HA (All versions < V1.1.0), SIMATIC ET 200SP IM155-6 PN BA (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions), SIMATIC ET 200SP IM155-6 PN HS (All versions), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions < V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions < V4.5), SIMOTION D (All versions < V5.1 HF1), SIMOTION C (All versions < V5.1 HF1), SIMOTION P V4.4 and V4.5 (All versions < V4.5 HF5), SIMOTION P V5 (All versions < V5.1 HF1), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF6), SINAMICS DCP w. PN (All versions < V1.2 HF2), SINAMICS G110M w. PN (All versions < V4.7 SP9 HF1), SINAMICS G120 (C/P/D) w. PN (All versions < V4.7 SP9 HF1), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF6), SINAMICS S120 prior to V4.7 w. PN (All versions < V4.7), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS S120 V4.7 SP1 w. PN (All versions), SINAMICS S120 V4.8 w. PN (All versions < V4.8 HF5), SINAMICS S150 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS S150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS V90 w. PN (All versions < V1.02), SINUMERIK 840D sl (All versions), SIMATIC Compact Field Unit (All versions), SIMATIC PN/PN Coupler (All versions < V4.2.0), SIMOCODE pro V PROFINET (All versions < V2.1.1), SIRIUS Soft Starter 3RW44 PN (All versions), SIMOCODE pro V EIP (All versions < V1.0.2). Specially crafted packets sent to port 161/udp could cause a Denial-of-Service condition. The affected devices must be restarted manually.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE
Siemens Sinumerik 840d sl firmware - (not an official CPE) Siemens Sirius soft starter 3rw44pn firmware - (not an official CPE) Siemens Sinamics v90pn firmware - (not an official CPE) Siemens Sinamics s150 v4.8 firmware - (not an official CPE) Siemens Sinamics s110pn firmware - (not an official CPE) Siemens Sinamics s150 v4.7 firmware - (not an official CPE) Siemens Sinamics s120 firmware - (not an official CPE) Siemens Sinamics g150 firmware - (not an official CPE) Siemens Sinamics g130 firmware - (not an official CPE) Siemens Sinamics g110m/g120pn firmware 4.7 (not an official CPE) Siemens Sinamics dcp firmware - (not an official CPE) Siemens Sinamics dcm firmware - (not an official CPE) Siemens Simotion p firmware 5.1 (not an official CPE) Siemens Simotion d firmware 5.1 (not an official CPE) Siemens Simotion c firmware 5.1 (not an official CPE) Siemens Simocode pro v profinet firmware - (not an official CPE) Siemens Simatic winac rtx f 2010 firmware - (not an official CPE) Siemens Simatic s7-410 v8 firmware - (not an official CPE) Siemens Simatic s7-400pn/dp v7 firmware - (not an official CPE) Siemens Simatic s7-300 firmware - (not an official CPE) Siemens Simatic s7-1500 controller firmware 2.0 (not an official CPE) Siemens Simatic s7-1200 firmware - (not an official CPE) Siemens Simatic pn/pn coupler firmware - (not an official CPE) Siemens Simatic et 200al firmware - (not an official CPE) Siemens Simatic et 200ecopn firmware - (not an official CPE) Siemens Simatic et 200m firmware - (not an official CPE) Siemens Simatic et 200mp firmware - (not an official CPE) Siemens Simatic et 200pro firmware - (not an official CPE) Siemens Simatic et 200s firmware - (not an official CPE) Siemens Simatic et 200sp firmware - (not an official CPE) Siemens Simatic compact field unit firmware - (not an official CPE) Siemens Ek-ertec 200pn io firmware - (not an official CPE) Siemens Dk standard ethernet controller firmware - (not an official CPE)