siemens simatic-s7-1500-software-controller CVE-2017-12741 vulnerability in Siemens Products
Published on December 26, 2017

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.

NVD

Weakness Type

What is a Resource Exhaustion Vulnerability?

The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CVE-2017-12741 has been classified to as a Resource Exhaustion vulnerability or weakness.


Products Associated with CVE-2017-12741

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2017-12741 are published in these products:

Siemens Simatic S7 1500 Software Controller
 
Siemens Simatic Winac Rtx F 2010
 
Siemens Sinumerik 840d Sl
 

Affected Versions

Siemens Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller: Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200: Siemens Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P: Siemens SIMATIC Compact Field Unit: Siemens SIMATIC ET 200AL IM 157-1 PN: Siemens SIMATIC ET 200M (incl. SIPLUS variants): Siemens SIMATIC ET 200MP IM 155-5 PN BA: Siemens SIMATIC ET 200MP IM 155-5 PN HF: Siemens SIMATIC ET 200MP IM 155-5 PN ST: Siemens SIMATIC ET 200pro IM 154-3 PN HF: Siemens SIMATIC ET 200pro IM 154-4 PN HF: Siemens SIMATIC ET 200SP IM 155-6 PN BA: Siemens SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants): Siemens SIMATIC ET 200SP IM 155-6 PN HF: Siemens SIMATIC ET 200SP IM 155-6 PN HS: Siemens SIMATIC ET 200SP IM 155-6 PN ST: Siemens SIMATIC ET 200SP IM 155-6 PN ST: Siemens SIMATIC ET 200SP IM 155-6 PN ST BA: Siemens SIMATIC ET 200SP IM 155-6 PN ST BA: Siemens SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12: Siemens SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12: Siemens SIMATIC ET200ecoPN, 4AO U/I 4xM12: Siemens SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12: Siemens SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12: Siemens SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12: Siemens SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12: Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12: Siemens SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12: Siemens SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12: Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12: Siemens SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12: Siemens SIMATIC ET200ecoPN: IO-Link Master: Siemens SIMATIC ET200S (incl. SIPLUS variants): Siemens SIMATIC PN/PN Coupler (incl. SIPLUS NET variants): Siemens SIMATIC S7-1200 CPU family (incl. SIPLUS variants): Siemens SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants): Siemens SIMATIC S7-1500 Software Controller: Siemens SIMATIC S7-200 SMART: Siemens SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants): Siemens SIMATIC S7-400 H V6 and below CPU family (incl. SIPLUS variants): Siemens SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants): Siemens SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants): Siemens SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants): Siemens SIMATIC TDC CP51M1: Siemens SIMATIC TDC CPU555: Siemens SIMATIC WinAC RTX 2010: Siemens SIMATIC WinAC RTX F 2010: Siemens SIMOCODE pro V PROFINET (incl. SIPLUS variants): Siemens SIMOTION C: Siemens SIMOTION D: Siemens SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants): Siemens SIMOTION P V4.4 and V4.5: Siemens SIMOTION P V5: Siemens SINAMICS DCM w. PN: Siemens SINAMICS DCP w. PN: Siemens SINAMICS G110M w. PN: Siemens SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants): Siemens SINAMICS G130 V4.7 w. PN: Siemens SINAMICS G130 V4.8 w. PN: Siemens SINAMICS G150 V4.7 w. PN: Siemens SINAMICS G150 V4.8 w. PN: Siemens SINAMICS GH150 V4.7 w. PROFINET: Siemens SINAMICS GL150 V4.7 w. PROFINET: Siemens SINAMICS GM150 V4.7 w. PROFINET: Siemens SINAMICS S110 w. PN: Siemens SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants): Siemens SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants): Siemens SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants): Siemens SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants): Siemens SINAMICS S150 V4.7 w. PN: Siemens SINAMICS S150 V4.8 w. PN: Siemens SINAMICS SL150 V4.7.0 w. PROFINET: Siemens SINAMICS SL150 V4.7.4 w. PROFINET: Siemens SINAMICS SL150 V4.7.5 w. PROFINET: Siemens SINAMICS SM120 V4.7 w. PROFINET: Siemens SINAMICS V90 w. PN: Siemens SINUMERIK 840D sl: Siemens SIPLUS ET 200MP IM 155-5 PN HF: Siemens SIPLUS ET 200MP IM 155-5 PN HF: Siemens SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL: Siemens SIPLUS ET 200MP IM 155-5 PN ST: Siemens SIPLUS ET 200MP IM 155-5 PN ST TX RAIL: Siemens SIPLUS ET 200SP IM 155-6 PN HF: Siemens SIPLUS ET 200SP IM 155-6 PN HF: Siemens SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL: Siemens SIPLUS ET 200SP IM 155-6 PN ST: Siemens SIPLUS ET 200SP IM 155-6 PN ST: Siemens SIPLUS ET 200SP IM 155-6 PN ST BA: Siemens SIPLUS ET 200SP IM 155-6 PN ST BA: Siemens SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL: Siemens SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL: Siemens SIPLUS ET 200SP IM 155-6 PN ST TX RAIL: Siemens SIPLUS ET 200SP IM 155-6 PN ST TX RAIL: Siemens SIRIUS Soft Starter 3RW44 PN:

Exploit Probability

EPSS
5.26%
Percentile
89.77%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.