cvelistv5 - cve-2017-9938

CVE-2017-9938 (GCVE-0-2017-9938)

Vulnerability from cvelistv5

Published

2017-08-08 00:00

Modified

2024-08-05 17:25

Severity ?

CWE

CWE-787 - Out-of-bounds Write

Summary

References

URL

	Vendor	Product	Version
	n/a	SIMATIC Logon All versions before V1.6	Version: SIMATIC Logon All versions before V1.6

icsa-17-192-01

Vulnerability from csaf_cisa

Published

2017-07-11 00:00

Modified

2017-07-11 00:00

Summary

Siemens SIMATIC Logon

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

ATTENTION: Remotely exploitable/low skill level to exploit.

Critical infrastructure sectors

Chemical, Energy, Food and Agriculture, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Tenable Network Security",
        "summary": "reporting this vulnerability to Siemens"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Chemical, Energy, Food and Agriculture, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-192-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-192-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-192-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-192-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-192-01"
      }
    ],
    "title": "Siemens SIMATIC Logon",
    "tracking": {
      "current_release_date": "2017-07-11T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-192-01",
      "initial_release_date": "2017-07-11T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-07-11T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 1.6",
                "product": {
                  "name": "SIMATIC Logon: All versions prior to V1.6",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC Logon"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-9938",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Specially crafted packets sent to the SIMATIC Logon Remote Access service on Port 16389/TCP could cause a denial-of-service condition. The service restarts automatically.CVE-2017-9938 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9938"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Siemens created a software upgrade V1.6 for SIMATIC Logon which fixes the vulnerability, and they recommend users upgrade to the newest version. Please contact the local Siemens representative or customer support at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://www.siemens.de/automation/partner",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.siemens.de/automation/partner"
        },
        {
          "category": "vendor_fix",
          "details": "Siemens strongly recommends users protect network access to the Port 16389/TCP of the SIMATIC Logon Remote Access service with appropriate mechanisms. Siemens also advises that users configure the operational environment according to Siemens \u0027 Operational Guidelines for Industrial Security:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://www.siemens.com/cert/operational-guidelines-industrial-security",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
        },
        {
          "category": "vendor_fix",
          "details": "For a more specific list of affected products and more detailed mitigation instructions, please see Siemens Security Advisory SSA-804859 at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "http://www.siemens.com/cert/advisories",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.siemens.com/cert/advisories"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

ICSA-17-192-01

Vulnerability from csaf_cisa

Published

2017-07-11 00:00

Modified

2017-07-11 00:00

Summary

Siemens SIMATIC Logon

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

Risk evaluation

ATTENTION: Remotely exploitable/low skill level to exploit.

Critical infrastructure sectors

Chemical, Energy, Food and Agriculture, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Tenable Network Security",
        "summary": "reporting this vulnerability to Siemens"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Chemical, Energy, Food and Agriculture, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-192-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-192-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-192-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-192-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-192-01"
      }
    ],
    "title": "Siemens SIMATIC Logon",
    "tracking": {
      "current_release_date": "2017-07-11T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-192-01",
      "initial_release_date": "2017-07-11T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-07-11T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 1.6",
                "product": {
                  "name": "SIMATIC Logon: All versions prior to V1.6",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC Logon"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-9938",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Specially crafted packets sent to the SIMATIC Logon Remote Access service on Port 16389/TCP could cause a denial-of-service condition. The service restarts automatically.CVE-2017-9938 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9938"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Siemens created a software upgrade V1.6 for SIMATIC Logon which fixes the vulnerability, and they recommend users upgrade to the newest version. Please contact the local Siemens representative or customer support at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://www.siemens.de/automation/partner",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.siemens.de/automation/partner"
        },
        {
          "category": "vendor_fix",
          "details": "Siemens strongly recommends users protect network access to the Port 16389/TCP of the SIMATIC Logon Remote Access service with appropriate mechanisms. Siemens also advises that users configure the operational environment according to Siemens \u0027 Operational Guidelines for Industrial Security:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://www.siemens.com/cert/operational-guidelines-industrial-security",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
        },
        {
          "category": "vendor_fix",
          "details": "For a more specific list of affected products and more detailed mitigation instructions, please see Siemens Security Advisory SSA-804859 at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "http://www.siemens.com/cert/advisories",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.siemens.com/cert/advisories"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

fkie_cve-2017-9938

Vulnerability from fkie_nvd

Published

2017-08-08 00:29

Modified

2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
productcert@siemens.com	http://www.securityfocus.com/bid/99539	Third Party Advisory, VDB Entry
productcert@siemens.com	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf	Vendor Advisory
productcert@siemens.com	https://www.tenable.com/security/research/tra-2017-34
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99539	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.tenable.com/security/research/tra-2017-34

Impacted products

	Vendor	Product	Version
	siemens	simatic_logon	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_logon:*:sp3_update_2:*:*:*:*:*:*",
              "matchCriteriaId": "16917185-6CDC-4D28-BE16-AC0DA0504995",
              "versionEndIncluding": "1.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto una vulnerabilidad en Siemens SIMATIC Logon (todas las versiones anteriores a la V1.6) que podr\u00eda permitir que se enviasen paquetes especialmente manipulados al servicio SIMATIC Logon Remote Access en el puerto 16389/tcp para provocar una denegaci\u00f3n de servicio. El servicio se reinicia autom\u00e1ticamente."
    }
  ],
  "id": "CVE-2017-9938",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-08-08T00:29:00.353",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99539"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://www.tenable.com/security/research/tra-2017-34"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99539"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.tenable.com/security/research/tra-2017-34"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

var-201708-1515

Vulnerability from variot

A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically. Siemens SIMATIC Logon Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. SIMATIC Logon is automation software. Siemens SIMATIC Logon is prone to a denial-of-service vulnerability. A remote attacker can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed. SIMATIC Logon versions prior to 1.6 are vulnerable

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201708-1515",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic logon",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.5"
      },
      {
        "model": "simatic logon sp3 update",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "1.52"
      },
      {
        "model": "simatic logon",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic logon",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "all versions"
      },
      {
        "model": "simatic logon",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "1.6"
      },
      {
        "model": "simatic",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1.6"
      },
      {
        "model": "simatic logon",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1.5"
      },
      {
        "model": "simatic logon",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic logon",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      },
      {
        "db": "BID",
        "id": "99539"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9938"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_logon",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Tenable Network Security.",
    "sources": [
      {
        "db": "BID",
        "id": "99539"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2017-9938",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-9938",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-16932",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-118141",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-9938",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-9938",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-9938",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-16932",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201707-562",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-118141",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118141"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9938"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically. Siemens SIMATIC Logon Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. SIMATIC Logon is automation software. Siemens SIMATIC Logon is prone to a denial-of-service vulnerability. \nA remote attacker can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed. \nSIMATIC Logon versions prior to 1.6 are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-9938"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      },
      {
        "db": "BID",
        "id": "99539"
      },
      {
        "db": "IVD",
        "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118141"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-9938",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "99539",
        "trust": 2.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-804859",
        "trust": 1.7
      },
      {
        "db": "TENABLE",
        "id": "TRA-2017-34",
        "trust": 1.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-192-01",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201707-562",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16932",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "37140",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "290A99A5-4F45-432A-A5E4-EC7CF1ADCB24",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-118141",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118141"
      },
      {
        "db": "BID",
        "id": "99539"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9938"
      }
    ]
  },
  "id": "VAR-201708-1515",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118141"
      }
    ],
    "trust": 1.73333335
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      }
    ]
  },
  "last_update_date": "2024-11-23T23:12:23.966000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-804859",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf"
      },
      {
        "title": "Siemens SIMATIC Logon cross-border write denial of service vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/98944"
      },
      {
        "title": "Siemens SIMATIC Logon Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71697"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-787",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-118141"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9938"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/99539"
      },
      {
        "trust": 1.7,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9938"
      },
      {
        "trust": 1.1,
        "url": "https://www.tenable.com/security/research/tra-2017-34"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-192-01"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9938"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/37140"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118141"
      },
      {
        "db": "BID",
        "id": "99539"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9938"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118141"
      },
      {
        "db": "BID",
        "id": "99539"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9938"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-27T00:00:00",
        "db": "IVD",
        "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24"
      },
      {
        "date": "2017-07-27T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      },
      {
        "date": "2017-08-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-118141"
      },
      {
        "date": "2017-07-11T00:00:00",
        "db": "BID",
        "id": "99539"
      },
      {
        "date": "2017-09-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      },
      {
        "date": "2017-07-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      },
      {
        "date": "2017-08-08T00:29:00.353000",
        "db": "NVD",
        "id": "CVE-2017-9938"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-27T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-16932"
      },
      {
        "date": "2017-11-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-118141"
      },
      {
        "date": "2017-07-11T00:00:00",
        "db": "BID",
        "id": "99539"
      },
      {
        "date": "2017-09-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      },
      {
        "date": "2017-07-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      },
      {
        "date": "2024-11-21T03:37:12.900000",
        "db": "NVD",
        "id": "CVE-2017-9938"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC Logon Input validation vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006994"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "290a99a5-4f45-432a-a5e4-ec7cf1adcb24"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201707-562"
      }
    ],
    "trust": 0.8
  }
}

cnvd-2017-16932

Vulnerability from cnvd

Title

Siemens SIMATIC Logon越界写拒绝服务漏洞

Description

SIMATIC Logon是自动化软件。 SIMATIC Logon 16389/TCP端口上的远程访问服务在处理构造的数据包中存在安全漏洞，允许远程攻击者利用漏洞提交特殊的请求，进行拒绝服务攻击。

Severity

中

Patch Name

Siemens SIMATIC Logon越界写拒绝服务漏洞的补丁

Patch Description

SIMATIC Logon是自动化软件。 SIMATIC Logon 16389/TCP端口上的远程访问服务在处理构造的数据包中存在安全漏洞，允许远程攻击者利用漏洞提交特殊的请求，进行拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://www.siemens.com/cert/operational-guidelines-industrial-security

Reference

https://nvd.nist.gov/vuln/detail/CVE-2017-9938

Impacted products

Name
['SIEMENS SIMATIC < 1.6', 'Siemens SIMATIC Logon 1.5 SP3 Update 2', 'Siemens SIMATIC Logon 0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "99539"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-9938",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9938"
    }
  },
  "description": "SIMATIC Logon\u662f\u81ea\u52a8\u5316\u8f6f\u4ef6\u3002\r\n\r\nSIMATIC Logon 16389/TCP\u7aef\u53e3\u4e0a\u7684\u8fdc\u7a0b\u8bbf\u95ee\u670d\u52a1\u5728\u5904\u7406\u6784\u9020\u7684\u6570\u636e\u5305\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Tenable Network Security",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://www.siemens.com/cert/operational-guidelines-industrial-security",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-16932",
  "openTime": "2017-07-27",
  "patchDescription": "SIMATIC Logon\u662f\u81ea\u52a8\u5316\u8f6f\u4ef6\u3002\r\n\r\nSIMATIC Logon 16389/TCP\u7aef\u53e3\u4e0a\u7684\u8fdc\u7a0b\u8bbf\u95ee\u670d\u52a1\u5728\u5904\u7406\u6784\u9020\u7684\u6570\u636e\u5305\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SIMATIC Logon\u8d8a\u754c\u5199\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "SIEMENS SIMATIC \u003c 1.6",
      "Siemens SIMATIC Logon 1.5 SP3 Update 2",
      "Siemens SIMATIC Logon  0"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2017-9938",
  "serverity": "\u4e2d",
  "submitTime": "2017-07-17",
  "title": "Siemens SIMATIC Logon\u8d8a\u754c\u5199\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

ghsa-gr6m-h2q8-p89j

Vulnerability from github

Published

2022-05-17 00:22

Modified

2022-05-17 00:22

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-9938"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-08-08T00:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically.",
  "id": "GHSA-gr6m-h2q8-p89j",
  "modified": "2022-05-17T00:22:01Z",
  "published": "2022-05-17T00:22:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9938"
    },
    {
      "type": "WEB",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/research/tra-2017-34"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99539"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2017-AVI-213

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans SCADA les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Siemens	N/A	SIMATIC Logon toutes versions antérieures à 1.6
	Siemens	N/A	SiPass integrated toutes versions antérieures à 2.70

References

Title

Publication Time

gsd-2017-9938

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-9938

Aliases

CVE-2017-9938

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-9938",
    "description": "A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically.",
    "id": "GSD-2017-9938"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-9938"
      ],
      "details": "A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically.",
      "id": "GSD-2017-9938",
      "modified": "2023-12-13T01:21:07.460957Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2017-9938",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SIMATIC Logon All versions before V1.6",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "SIMATIC Logon All versions before V1.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-787: Out-of-bounds Write"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "99539",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/99539"
          },
          {
            "name": "https://www.tenable.com/security/research/tra-2017-34",
            "refsource": "MISC",
            "url": "https://www.tenable.com/security/research/tra-2017-34"
          },
          {
            "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf",
            "refsource": "CONFIRM",
            "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_logon:*:sp3_update_2:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2017-9938"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf"
            },
            {
              "name": "99539",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/99539"
            },
            {
              "name": "https://www.tenable.com/security/research/tra-2017-34",
              "refsource": "MISC",
              "tags": [],
              "url": "https://www.tenable.com/security/research/tra-2017-34"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2017-11-22T02:29Z",
      "publishedDate": "2017-08-08T00:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-9938 (GCVE-0-2017-9938)

Vulnerability from cvelistv5

Vulnerability from csaf_cisa

Vulnerability from csaf_cisa

Vulnerability from fkie_nvd

Vulnerability from variot

Vulnerability from cnvd

Vulnerability from github

Vulnerability from certfr_avis

Solution

Vulnerability from gsd

Tags

Sightings

Nomenclature