Detections
Analytics
Siemens SIMATIC ET 200SP 2.0 < 2.1.6 and SIMATIC S7-1500 2.0 < 2.5 DOS
high Nessus Network Monitor Plugin ID 720164
Synopsis
Siemens SIMATIC ET 200SP and SIMATIC S7-1500 controllers vulnerable to denial-of-service (DOS) attack.Description
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5). An attacker can cause a denial-of-service condition on the network stack by sending a large number of specially crafted packets to the PLC. The PLC will lose its ability to communicate over the network. This vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no privileges and no user interaction. An attacker could use this vulnerability to compromise availability of the network connectivity.Solution
Perform vendor recommended mitigations and apply available vendor upgrades.See Also
https://cert-portal.siemens.com/productcert/pdf/ssa-347726.pdf
Plugin Details
Severity: High
ID: 720164
Family: SCADA
Published: 5/8/2019
Updated: 9/30/2019
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Patch Publication Date: 10/9/2018
Vulnerability Publication Date: 10/9/2018
Reference Information
CVE: CVE-2018-13805