Vulnerability Description
A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Simatic Logon | <= 1.5 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/99539Third Party AdvisoryVDB Entry
- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdfVendor Advisory
- https://www.tenable.com/security/research/tra-2017-34
- http://www.securityfocus.com/bid/99539Third Party AdvisoryVDB Entry
- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdfVendor Advisory
- https://www.tenable.com/security/research/tra-2017-34
FAQ
What is CVE-2017-9938?
CVE-2017-9938 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause...
How severe is CVE-2017-9938?
CVE-2017-9938 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-9938?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Simatic Logon.