CVE-2016-7987
HIGHSiemens ETA4 Firmware < 07 - Denial of Service via Crafted Packets to Port 2404/TCP
Title source: llmDescription
An issue was discovered in Siemens ETA4 firmware (all versions prior to Revision 08) of the SM-2558 extension module for: SICAM AK, SICAM TM 1703, SICAM BC 1703, and SICAM AK 3. Specially crafted packets sent to Port 2404/TCP could cause the affected device to go into defect mode. A cold start might be required to recover the system, a Denial-of-Service Vulnerability.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93832
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-16-299-01
Scores
CVSS v3
7.5
EPSS
0.0084
EPSS Percentile
75.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-19
Status
published
Products (3)
n/a/Siemens SICAM RTU Devices before 08
Siemens SICAM RTU Devices before 08
siemens/eta2_firmware
< 11.0
siemens/eta4_firmware
< 07
Published
Feb 13, 2017
Tracked Since
Feb 18, 2026