Vulnerability Description
Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Simatic S7-200 Firmware | < 2.03.01 |
| Siemens | Simatic S7-200 | - |
| Siemens | Simatic S7-400Pn V6 Firmware | < 6.0.6 |
| Siemens | Simatic S7-400Pn V6 | - |
| Siemens | Simatic S7-400H V6 Firmware | < 6.0.8 |
| Siemens | Simatic S7-400H V6 | - |
| Siemens | Simatic S7-400Pn\/Dp V7 Firmware | - |
| Siemens | Simatic S7-400Pn\/Dp V7 | - |
| Siemens | Simatic S7-410 V8 Firmware | - |
| Siemens | Simatic S7-410 V8 | - |
| Siemens | Simatic S7-300 Firmware | - |
| Siemens | Simatic S7-300 | - |
| Siemens | Simatic S7-1200 Firmware | - |
| Siemens | Simatic S7-1200 | - |
| Siemens | Simatic S7-1500 Firmware | < 2.0 |
| Siemens | Simatic S7-1500 | - |
| Siemens | Simatic S7-1500 Controller Firmware | 2.0 |
| Siemens | Simatic S7-1500 Controller | - |
| Siemens | Simatic Winac Rtx F 2010 Firmware | - |
| Siemens | Simatic Winac Rtx F 2010 | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/html/ssa-141614.html
- https://cert-portal.siemens.com/productcert/html/ssa-346262.html
- https://cert-portal.siemens.com/productcert/html/ssa-546832.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf
- https://www.securityfocus.com/bid/101964
- https://cert-portal.siemens.com/productcert/html/ssa-141614.html
- https://cert-portal.siemens.com/productcert/html/ssa-346262.html
- https://cert-portal.siemens.com/productcert/html/ssa-546832.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf
- https://www.securityfocus.com/bid/101964
FAQ
What is CVE-2017-12741?
CVE-2017-12741 is a vulnerability with a CVSS score of 7.5 (HIGH). Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.
How severe is CVE-2017-12741?
CVE-2017-12741 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-12741?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Simatic S7-200 Firmware, Siemens Simatic S7-200, Siemens Simatic S7-400Pn V6 Firmware, Siemens Simatic S7-400Pn V6, Siemens Simatic S7-400H V6 Firmware.