Denial of Service in Siemens SIMATIC S7-400 PN CPU Devices
CVE-2012-3017

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic S7-400 Cpu Firmware; Simatic S7-400 Cpu 414-3 Pn\/dp; Simatic S7-400 Cpu 416-3 Pn\/dp; Simatic S7-400 Cpu 416f-3 Pn\/dp
Vendor: CVE Published:; 31 July 2012

Summary

The Siemens SIMATIC S7-400 PN CPU devices with firmware version 5.x are susceptible to a denial of service vulnerability that can be exploited by remote attackers. These attackers can cause a defect-mode transition and service outage by sending malformed HTTP traffic or malformed IP packets to the device. The result can lead to significant interruptions in service, potentially affecting operational efficiency in systems relying on these devices.

References

http://www.siemens.com/corporate-technology/pool/de/forsc...

x_refsource_CONFIRM

http://www.us-cert.gov/control_systems/pdf/ICSA-12-212-02...

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-61726...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 31, 2012
Vulnerability Reserved
May 30, 2012