SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-989408604] Siemens Industrial Products

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2018-01-23OtherSiemensSiemens reported this vulnerability to ICS-CERT.N/ACVE-2017-2680 N/AN/AN/A

Source

						
							
								
#
# Siemens Industrial Products
#


### VULNERABLE VENDOR
Siemens


### VULNERABLE PRODUCT
Industrial Products 


### RESEARCHER
Siemens reported this vulnerability to ICS-CERT.


### AFFECTED PRODUCTS
Siemens reports that this vulnerability affects the following products using PROFINET DCP:

SIMATIC CP 1242-7 GPRS V2: All versions prior to V2.1.82,
SIMATIC CP 1243-7 LTE EU/US: All versions prior to V2.1.82,
SIMATIC CP 1243-8: All versions prior to V2.1.82,
SIMATIC CP 1626: All versions,
Extension Unit 12” PROFINET: All versions prior to V01.01.01,
Extension Unit 15” PROFINET: All versions prior to V01.01.01,
Extension Unit 19” PROFINET: All versions prior to V01.01.01, and
Extension Unit 22” PROFINET: All versions prior to V01.01.01



### IMPACT
Successful exploitation of this vulnerability could cause the targeted device to enter a denial-of-service condition, which may require human interaction to recover the system.


### VULNERABILITY OVERVIEW
IMPROPER INPUT VALIDATION CWE-20
Specially crafted PROFINET DCP broadcast packets could cause a denial-of-service condition of affected products on a local Ethernet segment (Layer 2).
Human interaction is required to recover the systems.
PROFIBUS interfaces are not affected.
CVE-2017-2680 has been assigned to this vulnerability.
A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)





### BACKGROUND
Critical Infrastructure Sectors: Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Germany




### MITIGATION

The attacker must have network access to the local Ethernet segment (Layer 2).

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to run the devices in a protected IT environment, Siemens particularly recommends to configure the environment according to Siemens’ Operational Guidelines for Industrial Security and to follow the recommendations in the product manuals. The Operational Guidelines for Industrial Security can be found at:

https://www.siemens.com/cert/operational-guidelines-industrial-security


Additional information on Industrial Security by Siemens can be found at: 
https://www.siemens.com/global/en/home/company/topic-areas/future-of-manufacturing/industrial-security.html


Siemens provides firmware updates to address the vulnerability for the following affected products and recommends users update to the new fixed version:

Extension Unit 12” PROFINET: Update to V01.01.01
Extension Unit 15” PROFINET: Update to V01.01.01
Extension Unit 19” PROFINET: Update to V01.01.01
Extension Unit 22” PROFINET: Update to V01.01.01
https://support.industry.siemens.com/cs/document/109750351


SIMATIC CP 1242-7 GPRS V2: Update to V2.1.82
SIMATIC CP 1243-7 LTE EU/US: Update to V2.1.82
SIMATIC CP 1243-8 IRC: Update to V2.1.82
https://support.industry.siemens.com/cs/ww/en/view/109749515


SIMATIC CP 1626: All versions
Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.

Apply cell protection concept
Use VPN for protecting network communication between cells
Apply Defense-in-Depth
For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-284673 at the following location:

http://www.siemens.com/cert/en/cert-security-advisories.htm