Vulnerability Description
In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Ethernet (Layer 2) broadcast. The affected component requires a manual restart via the main device to recover.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | 7Km Pac Switched Ethernet Profinet Expansion Module Firmware | <= 2.1.2 |
| Siemens | 7Km Pac Switched Ethernet Profinet Expansion Module | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/100562Third Party AdvisoryVDB Entry
- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-771218.pdfVendor Advisory
- http://www.securityfocus.com/bid/100562Third Party AdvisoryVDB Entry
- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-771218.pdfVendor Advisory
FAQ
What is CVE-2017-9945?
CVE-2017-9945 is a vulnerability with a CVSS score of 6.5 (MEDIUM). In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Et...
How severe is CVE-2017-9945?
CVE-2017-9945 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-9945?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens 7Km Pac Switched Ethernet Profinet Expansion Module Firmware, Siemens 7Km Pac Switched Ethernet Profinet Expansion Module.