CVE-2017-12741

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

8.7HIGH

EPSS

5.3%

top 10.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simatic ET 200al IM 157-1 PN Siemens Simatic ET 200mp IM 155-5 PN BA Siemens Simatic ET 200mp IM 155-5 PN HF +81 more

Timeline

PublishedDec 26

Latest updateMay 13

Description

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages84 packages

▶CVEListV5siemens/simatic_tdc_cp51m1< V1.1.8

▶CVEListV5siemens/simatic_tdc_cpu555< V1.1.1

▶NVDsiemens/ek-ertec_200p_firmware< 4.5

▶NVDsiemens/simatic_s7-200_firmware< 2.03.01

▶NVDsiemens/simatic_s7-1500_firmware< 2.0

🔴Vulnerability Details

GHSA

GHSA-89jc-9q2j-97hr: A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for P↗2022-05-13

▶

CVEList

CVE-2017-12741: Specially crafted packets sent to port 161/udp could cause a denial of service condition↗2017-12-26

▶