CVE-2018-4843 - Vulnerability Details

Description

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system.

The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system.

Published: 2018-03-20

Score: 6.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Siemens

SIMATIC S7-400 CPU 414-3 PN/DP V7

unknown

Version	Status	Constraints
`All versions < V7.0.3`	affected	—

Siemens

SIMATIC S7-400 CPU 414F-3 PN/DP V7

unknown

Version	Status	Constraints
`All versions < V7.0.3`	affected	—

Siemens

SIMATIC S7-400 CPU 416-3 PN/DP V7

unknown

Version	Status	Constraints
`All versions < V7.0.3`	affected	—

Siemens

SIMATIC S7-400 CPU 416F-3 PN/DP V7

unknown

Version	Status	Constraints
`All versions < V7.0.3`	affected	—

Siemens

SIMATIC CP 343-1 (incl. SIPLUS variants)

unknown

Version	Status	Constraints
`All versions`	affected	—

Siemens

SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)

unknown

Version	Status	Constraints
`All versions`	affected	—

Siemens

SIMATIC CP 443-1

unknown

Version	Status	Constraints
`All versions < V3.3`	affected	—

Siemens

SIMATIC CP 443-1

unknown

Version	Status	Constraints
`All versions < V3.3`	affected	—

Siemens

SIMATIC CP 443-1 Advanced

unknown

Version	Status	Constraints
`All versions < V3.3`	affected	—

Siemens

SIMATIC ET 200pro IM154-8 PN/DP CPU

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC ET 200pro IM154-8F PN/DP CPU

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC ET 200pro IM154-8FX PN/DP CPU

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC ET 200S IM151-8 PN/DP CPU

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC ET 200S IM151-8F PN/DP CPU

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)

unknown

Version	Status	Constraints
`All versions < V1.7.0`	affected	—

Siemens

SIMATIC S7-1500 Software Controller

unknown

Version	Status	Constraints
`All versions < V1.7.0`	affected	—

Siemens

SIMATIC S7-300 CPU 314C-2 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.3.16`	affected	—

Siemens

SIMATIC S7-300 CPU 315-2 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC S7-300 CPU 315F-2 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC S7-300 CPU 315T-3 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC S7-300 CPU 317-2 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC S7-300 CPU 317F-2 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC S7-300 CPU 317T-3 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC S7-300 CPU 317TF-3 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC S7-300 CPU 319-3 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC S7-300 CPU 319F-3 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIMATIC S7-400 CPU 412-2 PN V7

unknown

Version	Status	Constraints
`All versions < V7.0.3`	affected	—

Siemens

SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)

unknown

Version	Status	Constraints
`All versions < V6.0.9`	affected	—

Siemens

SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)

unknown

Version	Status	Constraints
`All versions < V6.0.7`	affected	—

Siemens

SIMATIC S7-410 CPU family (incl. SIPLUS variants)

unknown

Version	Status	Constraints
`All versions < V8.1`	affected	—

Siemens

SIMATIC WinAC RTX 2010

unknown

Version	Status	Constraints
`All versions < V2010 SP3`	affected	—

Siemens

SIMATIC WinAC RTX F 2010

unknown

Version	Status	Constraints
`All versions < V2010 SP3`	affected	—

Siemens

SINUMERIK 828D

unknown

Version	Status	Constraints
`All versions < V4.7 SP6 HF1`	affected	—

Siemens

SIPLUS ET 200S IM151-8 PN/DP CPU

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIPLUS ET 200S IM151-8F PN/DP CPU

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIPLUS NET CP 443-1

unknown

Version	Status	Constraints
`All versions < V3.3`	affected	—

Siemens

SIPLUS NET CP 443-1 Advanced

unknown

Version	Status	Constraints
`All versions < V3.3`	affected	—

Siemens

SIPLUS S7-300 CPU 314C-2 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.3.16`	affected	—

Siemens

SIPLUS S7-300 CPU 315-2 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIPLUS S7-300 CPU 315F-2 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIPLUS S7-300 CPU 317-2 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIPLUS S7-300 CPU 317F-2 PN/DP

unknown

Version	Status	Constraints
`All versions < V3.2.16`	affected	—

Siemens

SIPLUS S7-400 CPU 414-3 PN/DP V7

unknown

Version	Status	Constraints
`All versions < V7.0.3`	affected	—

Siemens

SIPLUS S7-400 CPU 416-3 PN/DP V7

unknown

Version	Status	Constraints
`All versions < V7.0.3`	affected	—

Siemens

Softnet PROFINET IO for PC-based Windows systems

unknown

Version	Status	Constraints
`All versions`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:siemens:simatic_cp_343-1_firmware:-:*:*:*:advanced:*:*:*

cpe:2.3:h:siemens:simatic_cp_343-1:-:*:*:*:advanced:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:simatic_cp_343-1_firmware:-:*:*:*:standard:*:*:*

cpe:2.3:h:siemens:simatic_cp_343-1:-:*:*:*:standard:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:siemens:simatic_cp_443-1_firmware:-:*:*:*:advanced:*:*:*

cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:advanced:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:siemens:simatic_cp_443-1_firmware:-:*:*:*:standard:*:*:*

cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:standard:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400_h_v6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400_h_v6:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400_pn\/dp_v6_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400_pn\/dp_v6:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400_pn\/dp_v7_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400_pn\/dp_v7:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:siemens:simatic_s7-410_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-410:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:siemens:simatic_winac_rtx_2010_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:siemens:sinumerik_828d_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:siemens:softnet_pn-io_linux_firmware:-:*:*:*:*:windows:*:*

cpe:2.3:h:siemens:softnet_pn-io_linux:-:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2018-16629	A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a denial of service condition of the requesting system. The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. A manual restart is required to recover the system.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.0025.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf

History

No history.

Subscriptions

Siemens Simatic Cp 343-1 Simatic Cp 343-1 Firmware Simatic Cp 443-1 Simatic Cp 443-1 Firmware Simatic S7-1500 Simatic S7-1500 Firmware Simatic S7-300 Simatic S7-300 Firmware Simatic S7-400 H V6 Simatic S7-400 H V6 Firmware Simatic S7-400 Pn\/dp V6 Simatic S7-400 Pn\/dp V6 Firmware Simatic S7-400 Pn\/dp V7 Simatic S7-400 Pn\/dp V7 Firmware Simatic S7-410 Simatic S7-410 Firmware Simatic Winac Rtx 2010 Simatic Winac Rtx 2010 Firmware Sinumerik 828d Sinumerik 828d Firmware Softnet Pn-io Linux Softnet Pn-io Linux Firmware

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2018-03-20T14:00:00.000Z

Updated: 2024-08-05T05:18:26.626Z

Reserved: 2018-01-02T00:00:00.000Z

Link: CVE-2018-4843

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-03-20T14:29:00.413

Modified: 2024-11-21T04:07:34.080

Link: CVE-2018-4843

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-20

Tracking

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object