CVE-2016-7987

Опубликовано: 13 фев. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 7.8

EPSS Низкий

Описание

An issue was discovered in Siemens ETA4 firmware (all versions prior to Revision 08) of the SM-2558 extension module for: SICAM AK, SICAM TM 1703, SICAM BC 1703, and SICAM AK 3. Specially crafted packets sent to Port 2404/TCP could cause the affected device to go into defect mode. A cold start might be required to recover the system, a Denial-of-Service Vulnerability.

Ссылки

http://www.securityfocus.com/bid/93832
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-16-299-01
Mitigation
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/93832
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-16-299-01
Mitigation
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:siemens:eta4_firmware:*:*:*:*:*:*:*:*

Версия до 07 (включая)

Одно из

cpe:2.3:h:siemens:sicam_ak:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sicam_ak_3:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sicam_bc_1703:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sicam_tm_1703:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:siemens:eta2_firmware:*:*:*:*:*:*:*:*

Версия до 11.0 (включая)

Одно из

cpe:2.3:h:siemens:sicam_ak:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sicam_bc:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sicam_tm:-:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00844

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-19

Связанные уязвимости

GHSA-q3wf-68hp-39q6