CVE-2017-2680 MEDIUM

CVE-2017-2680

Vendor Siemens

Product Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller

Weakness CWE-400

Published May 11, 2017

Last update September 10, 2024

View on NVD All CVEs

CVSS base score

6.5/10

Attack vector Adjacent

Attack complexity Low

Privileges required None

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

Key dates

02Disclosure timeline

May 11, 2017 CVE published

September 10, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-2680 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/400.html

Related vulnerabilities

Identifiers

CVE CVE-2017-2680

CWE CWE-400

CVSS 6.5 / MEDIUM

Affected versions

Vendor Siemens

Product Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller

Affected All versions < V4.1.1 Patch04

Vendor Siemens

Product Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200

Affected All versions < V4.2.1 Patch03

Vendor Siemens

Product Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P

Affected All versions < V4.4.0 Patch01

Vendor Siemens

Product Extension Unit 12" PROFINET

Affected All versions < V01.01.01

Vendor Siemens

Product Extension Unit 15" PROFINET

Affected All versions < V01.01.01

Vendor Siemens

Product Extension Unit 19" PROFINET

Affected All versions < V01.01.01

Vendor Siemens

Product Extension Unit 22" PROFINET

Affected All versions < V01.01.01

Vendor Siemens

Product IE/AS-i Link PN IO

Affected All versions

Vendor Siemens

Product IE/PB-Link (incl. SIPLUS NET variants)

Affected All versions < V3.0

Vendor Siemens

Product SCALANCE M-800 family (incl. S615, MUM-800 and RM1224)

Affected All versions < V4.03

Vendor Siemens

Product SCALANCE W-700 IEEE 802.11n family

Affected All versions < V6.1

Vendor Siemens

Product SCALANCE X-200 family (incl. SIPLUS NET variants)

Affected All versions < V5.2.2

Vendor Siemens

Product SCALANCE X-200IRT family (incl. SIPLUS NET variants)

Affected All versions < V5.4.0

Vendor Siemens

Product SCALANCE X-300 family (incl. X408 and SIPLUS NET variants)

Affected All versions < V4.1.0

Vendor Siemens

Product SCALANCE X408 family

Affected All versions < V4.1.0

Vendor Siemens

Product SCALANCE X414

Affected All versions < V3.10.2

Vendor Siemens

Product SCALANCE XM-400 family

Affected All versions < V6.1

Vendor Siemens

Product SCALANCE XR-500 family

Affected All versions < V6.1

Vendor Siemens

Product SIMATIC CM 1542-1

Affected All versions < V2.0

Vendor Siemens

Product SIMATIC CM 1542SP-1

Affected All versions < V1.0.15

Vendor Siemens

Product SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)

Affected All versions < V2.1.82

Vendor Siemens

Product SIMATIC CP 1243-1 (incl. SIPLUS variants)

Affected All versions < V2.1.82

Vendor Siemens

Product SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)

Affected < *

Vendor Siemens

Product SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)

Affected All versions

Vendor Siemens

Product SIMATIC CP 1243-7 LTE US

Affected All versions < V2.1.82

Vendor Siemens

Product SIMATIC CP 1243-8 IRC

Affected All versions < V2.1.82

Vendor Siemens

Product SIMATIC CP 1243-8 IRC

Affected All versions < V2.1.82

Vendor Siemens

Product SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)

Affected All versions < V1.0.15

Vendor Siemens

Product SIMATIC CP 1543-1 (incl. SIPLUS variants)

Affected All versions < V2.1

Vendor Siemens

Product SIMATIC CP 1543SP-1 (incl. SIPLUS variants)

Affected All versions < V1.0.15

Vendor Siemens

Product SIMATIC CP 1604

Affected All versions < V2.7

Vendor Siemens

Product SIMATIC CP 1616

Affected All versions < V2.7

Vendor Siemens

Product SIMATIC CP 1626

Affected All versions < V1.1

Vendor Siemens

Product SIMATIC CP 343-1 (incl. SIPLUS variants)

Affected All versions < V3.1.3

Vendor Siemens

Product SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)

Affected All versions

Vendor Siemens

Product SIMATIC CP 343-1 Lean (incl. SIPLUS variants)

Affected All versions < V3.1.3

Vendor Siemens

Product SIMATIC CP 443-1 (incl. SIPLUS variants)

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC CP 443-1 OPC UA

Affected All versions

Vendor Siemens

Product SIMATIC DK-16xx PN IO

Affected All versions < V2.7

Vendor Siemens

Product SIMATIC ET 200AL IM 157-1 PN

Affected < V1.0.2

Vendor Siemens

Product SIMATIC ET 200M (incl. SIPLUS variants)

Affected All versions

Vendor Siemens

Product SIMATIC ET 200MP IM 155-5 PN BA

Affected < V4.0.1

Vendor Siemens

Product SIMATIC ET 200MP IM 155-5 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIMATIC ET 200MP IM 155-5 PN ST

Affected < V4.1.0

Vendor Siemens

Product SIMATIC ET 200pro IM 154-3 PN HF

Affected < *

Vendor Siemens

Product SIMATIC ET 200pro IM 154-4 PN HF

Affected < *

Vendor Siemens

Product SIMATIC ET 200SP IM 155-6 PN BA

Affected < *

Vendor Siemens

Product SIMATIC ET 200SP IM 155-6 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIMATIC ET 200SP IM 155-6 PN HS

Affected < V4.0.1

Vendor Siemens

Product SIMATIC ET 200SP IM 155-6 PN ST

Affected < V4.1.0

Vendor Siemens

Product SIMATIC ET 200SP IM 155-6 PN ST BA

Affected < V4.1.0

Vendor Siemens

Product SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 4AO U/I 4xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN: IO-Link Master

Affected All versions

Vendor Siemens

Product SIMATIC ET200S (incl. SIPLUS variants)

Affected All versions

Vendor Siemens

Product SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)

Affected All versions < V15.1

Vendor Siemens

Product SIMATIC MV420 SR-B

Affected < V7.0.6

Vendor Siemens

Product SIMATIC MV420 SR-B Body

Affected < V7.0.6

Vendor Siemens

Product SIMATIC MV420 SR-P

Affected < V7.0.6

Vendor Siemens

Product SIMATIC MV420 SR-P Body

Affected < V7.0.6

Vendor Siemens

Product SIMATIC MV440 HR

Affected < V7.0.6

Vendor Siemens

Product SIMATIC MV440 SR

Affected < V7.0.6

Vendor Siemens

Product SIMATIC MV440 UR

Affected < V7.0.6

Vendor Siemens

Product SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)

Affected All versions < V4.0

Vendor Siemens

Product SIMATIC RF650R

Affected All versions < V3.0

Vendor Siemens

Product SIMATIC RF680R

Affected All versions < V3.0

Vendor Siemens

Product SIMATIC RF685R

Affected All versions < V3.0

Vendor Siemens

Product SIMATIC S7-1200 CPU family (incl. SIPLUS variants)

Affected All versions < V4.2.1

Vendor Siemens

Product SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)

Affected All versions < V2.1

Vendor Siemens

Product SIMATIC S7-1500 Software Controller

Affected All versions < V2.1

Vendor Siemens

Product SIMATIC S7-200 SMART

Affected All versions < V2.3

Vendor Siemens

Product SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)

Affected < V3.X.14

Vendor Siemens

Product SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)

Affected < V6.0.7

Vendor Siemens

Product SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)

Affected < V6.0.6

Vendor Siemens

Product SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)

Affected < V7.0.2

Vendor Siemens

Product SIMATIC S7-410 CPU family (incl. SIPLUS variants)

Affected All versions < V8.2

Vendor Siemens

Product SIMATIC TDC CP51M1

Affected < V1.1.8

Vendor Siemens

Product SIMATIC TDC CPU555

Affected < V1.1.1

Vendor Siemens

Product SIMATIC Teleservice Adapter IE Advanced

Affected All versions

Vendor Siemens

Product SIMATIC Teleservice Adapter IE Basic

Affected All versions

Vendor Siemens

Product SIMATIC Teleservice Adapter IE Standard

Affected All versions

Vendor Siemens

Product SIMATIC WinAC RTX 2010

Affected All versions < V2010 SP3

Vendor Siemens

Product SIMATIC WinAC RTX F 2010

Affected All versions < V2010 SP3

Vendor Siemens

Product SIMOCODE pro V PROFINET (incl. SIPLUS variants)

Affected All versions < V2.0.0

Vendor Siemens

Product SIMOTION

Affected All versions < V4.5 HF1

Vendor Siemens

Product SIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)

Affected All versions < V4.4 HF26

Vendor Siemens

Product SINAMICS DCM w. PN

Affected All versions < V1.4 SP1 HF5

Vendor Siemens

Product SINAMICS DCP w. PN

Affected All versions < V1.2 HF1

Vendor Siemens

Product SINAMICS G110M w. PN

Affected All versions < V4.7 SP6 HF3

Vendor Siemens

Product SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)

Affected All versions < V4.7 SP6 HF3

Vendor Siemens

Product SINAMICS G130 V4.7 w. PN

Affected All versions < V4.7 HF27

Vendor Siemens

Product SINAMICS G130 V4.8 w. PN

Affected All versions < V4.8 HF4

Vendor Siemens

Product SINAMICS G150 V4.7 w. PN

Affected V4.7: All versions < V4.7 HF27

Vendor Siemens

Product SINAMICS G150 V4.8 w. PN

Affected All versions < V4.8 HF4

Vendor Siemens

Product SINAMICS GH150 V4.7 w. PROFINET

Affected All versions < V4.7 SP5 HF7

Vendor Siemens

Product SINAMICS GL150 V4.7 w. PROFINET

Affected All versions < V4.8 SP2

Vendor Siemens

Product SINAMICS GM150 V4.7 w. PROFINET

Affected All versions < V4.7 HF31

Vendor Siemens

Product SINAMICS S110 w. PN

Affected All versions < V4.4 SP3 HF5

Vendor Siemens

Product SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)

Affected All versions < V4.7

Vendor Siemens

Product SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)

Affected All versions

Vendor Siemens

Product SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)

Affected All versions < V4.7 HF27

Vendor Siemens

Product SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)

Affected All versions < V4.8 HF4

Vendor Siemens

Product SINAMICS S150 V4.7 w. PN

Affected All versions < V4.7 HF27

Vendor Siemens

Product SINAMICS S150 V4.8 w. PN

Affected All versions < V4.8 HF4

Vendor Siemens

Product SINAMICS SL150 V4.7.0 w. PROFINET

Affected All versions < V4.7 HF30

Vendor Siemens

Product SINAMICS SL150 V4.7.4 w. PROFINET

Affected All versions < V4.8 SP2

Vendor Siemens

Product SINAMICS SL150 V4.7.5 w. PROFINET

Affected All versions < V4.8 SP2

Vendor Siemens

Product SINAMICS SM120 V4.7 w. PROFINET

Affected All versions < V4.8 SP2

Vendor Siemens

Product SINAMICS V90 w. PN

Affected All versions < V1.01

Vendor Siemens

Product SINUMERIK 828D V4.5 and prior

Affected All versions < V4.5 SP6 HF2

Vendor Siemens

Product SINUMERIK 828D V4.7

Affected All versions < V4.7 SP4 HF1

Vendor Siemens

Product SINUMERIK 840D sl V4.5 and prior

Affected All versions < V4.5 SP6 HF2

Vendor Siemens

Product SINUMERIK 840D sl V4.7

Affected All versions < V4.7 SP4 HF1

Vendor Siemens

Product SIPLUS ET 200MP IM 155-5 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200MP IM 155-5 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200MP IM 155-5 PN ST

Affected < V4.1.0

Vendor Siemens

Product SIPLUS ET 200MP IM 155-5 PN ST TX RAIL

Affected < V4.1.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN ST

Affected < V4.1.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN ST BA

Affected < V4.1.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL

Affected < V4.1.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN ST TX RAIL

Affected < V4.1.0

Vendor Siemens

Product SIRIUS ACT 3SU1 interface module PROFINET

Affected All versions < V1.1.0

Vendor Siemens

Product SIRIUS Motor Starter M200D PROFINET

Affected All versions

Vendor Siemens

Product SIRIUS Soft Starter 3RW44 PN

Affected All versions

Vendor Siemens

Product SITOP PSU8600 PROFINET

Affected All versions < V1.2.0

Vendor Siemens

Product SITOP UPS1600 PROFINET (incl. SIPLUS variants)

Affected All versions < V2.2.0

Vendor Siemens

Product Softnet PROFINET IO for PC-based Windows systems

Affected All versions < V14 SP1

CVE-2017-2680

01Description

02Disclosure timeline

03References

04Related CVE