← Back

CVE-2016-3949

nvd nist
Published: Jun 27, 2016Modified: May 6, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial of service (defect-mode transition) via crafted (1) ISO-TSAP or (2) Profibus packets.

Affected (2)

Siemens
2 products
Simatic S7 300 With Profitnet Support Firmware
Simatic S7 300 Without Profitnet Support Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic S7 300 With Profitnet Support Firmware
Version 3.2.11
Running on/withPlatform Versions
Siemens
Simatic S7 300 With Profitnet Support
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic S7 300 Without Profitnet Support Firmware
Version 3.3.11
Running on/withPlatform Versions
Siemens
Simatic S7 300 Without Profitnet Support
All versions

Related CWEs

CWE-399
CWE-399

References (8)

Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
MitigationThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationThird Party AdvisoryUS Government Resource

Timeline

No history available yet.