CVE-2017-2681
MEDIUMSiemens Simatic CP 343-1 Std Firmware < 3.1.3 - Denial of Service
Title source: ruleDescription
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.
References (5)
Scores
CVSS v3
6.5
EPSS
0.0044
EPSS Percentile
63.0%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (50)
siemens/simatic_cp_343-1_std_firmware
< 3.1.3
siemens/simatic_cp_343-1_lean_firmware
< 3.1.3
siemens/simatic_cp_343-1_adv_firmware
siemens/simatic_cp_443-1_std_firmware
< 3.2.17
siemens/simatic_cp_443-1_adv_firmware
< 3.2.17
siemens/simatic_cp_443-1_opc-ua_firmware
siemens/simatic_cp_1243-1_firmware
< 2.1.82
siemens/simatic_cm_1542-1_firmware
< 2.0
siemens/simatic_cp_1543sp-1_firmware
< 1.0.15
siemens/simatic_cp_1542sp-1_irc_firmware
< 1.0.15
... and 40 more
Published
May 11, 2017
Tracked Since
Feb 18, 2026