← Back

CVE-2012-1800

nvd nist
Published: Apr 18, 2012Modified: Apr 29, 2026

JSON object

Loading...
6.1
Vector
AV:A/AC:L/Au:N/C:N/I:N/A:C
Exploitability: 6.5 / Impact: 6.9
Source: NVD

Description

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a crafted DCP frame.

Affected (6)

Siemens
4 products
Scalance S Firmware
Scalance S602
Scalance S612
Scalance S613
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Scalance S Firmware
Up to 2.3.0
Scalance S Firmware
Version 2.1.0
Scalance S Firmware
Version 2.2.0
Scalance S602
Version v2
Scalance S612
Version v2
Scalance S613
Version v2

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (8)

Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
Vendor Advisory
Source: cret@cert.org
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource

Timeline

No history available yet.