CVE-2020-28400

Published: Jul 13, 2021Modified: Dec 10, 2024

8.7

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: productcert@siemens.com (Secondary)

Description

Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.

Affected (79)

Siemens

78 products

Dk Standard Ethernet Controller Evaluation Kit Firmware

Ek Ertec 200 Evaulation Kit Firmware

Ek Ertec 200p Evaluation Kit Firmware

Ruggedcom Rm1224 Firmware

Scalance M 800 Firmware

Scalance S615 Firmware

Scalance W700 Firmware

Scalance W1700 Firmware

Scalance X200 4 P Irt Firmware

Scalance X201 3p Irt Firmware

Scalance X201 3p Irt Pro Firmware

Scalance X202 2 Irt Firmware

Scalance X202 2p Irt Pro Firmware

Scalance X204 Irt Firmware

Scalance X204 Irt Pro Firmware

Scalance X204 2 Firmware

Scalance X204 2fm Firmware

Scalance X204 2ld Firmware

Scalance X204 2ld Ts Firmware

Scalance X204 2ts Firmware

Scalance X206 1 Firmware

Scalance X206 1ld Firmware

Scalance X208 Firmware

Scalance X208pro Firmware

Scalance X212 2 Firmware

Scalance X212 2ld Firmware

Scalance X216 Firmware

Scalance X224 Firmware

Scalance X302 7eec Firmware

Scalance X304 2fe Firmware

Scalance X306 1ldfe Firmware

Scalance X307 2eec Firmware

Scalance X307 3 Firmware

Scalance X307 3ld Firmware

Scalance X308 2 Firmware

Scalance X308 2ld Firmware

Scalance X308 2lh+ Firmware

Scalance X308 2m Firmware

Scalance X308 2m Poe Firmware

Scalance X308 2m Ts Firmware

Scalance X310 Firmware

Scalance X310fe Firmware

Scalance X320 1fe Firmware

Scalance X320 3ldfe Firmware

Scalance Xb 200 Firmware

Scalance Xc 200 Firmware

Scalance Xf201 3p Irt Firmware

Scalance Xf202 2p Irt Firmware

Scalance Xf204 Firmware

Scalance Xf204 Irt Firmware

Scalance Xf204 2 Firmware

Scalance Xf204 2ba Irt Firmware

Scalance Xf206 1 Firmware

Scalance Xf208 Firmware

Scalance Xf 200ba Firmware

Scalance Xm400 Firmware

Scalance Xp 200 Firmware

Scalance Xr324 4m Eec Firmware

Scalance Xr324 4m Poe Firmware

Scalance Xr324 4m Poe Ts Firmware

Scalance Xr324 12m Firmware

Scalance Xr324 12m Ts Firmware

Scalance Xr500 Firmware

Scalance Xr 300wg Firmware

Simatic Cfu Pa Firmware

Simatic Ie/pb Link V3 Firmware

Simatic Mv500 Firmware

Simatic Net Cm 1542 1 Firmware

Simatic Net Cp1616 Firmware

Simatic Net Cp1604 Firmware

Simatic Net Cp1626 Firmware

Simatic Net Dk 16xx Pn Io

Simatic Power Line Booster Plb Firmware

Simatic Profinet Driver Firmware

Simatic S7 1200 Firmware

Simocode Prov Ethernet/ip Firmware

Simocode Prov Profinet Firmware

Softnet Ie Pnio Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Dk Standard Ethernet Controller Evaluation Kit Firmware	All versions

Running on/with	Platform Versions
Siemens Dk Standard Ethernet Controller Evaluation Kit	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Ek Ertec 200 Evaulation Kit Firmware	All versions

Running on/with	Platform Versions
Siemens Ek Ertec 200 Evaulation Kit	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Ek Ertec 200p Evaluation Kit Firmware	Before 4.7

Running on/with	Platform Versions
Siemens Ek Ertec 200p Evaluation Kit	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Ruggedcom Rm1224 Firmware	Before 6.4

Running on/with	Platform Versions
Siemens Ruggedcom Rm1224	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance M 800 Firmware	Before 6.4

Running on/with	Platform Versions
Siemens Scalance M 800	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance S615 Firmware	Before 6.4

Running on/with	Platform Versions
Siemens Scalance S615	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance W700 Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance W700	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance W1700 Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance W1700	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X200 4 P Irt Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance X200 4 P Irt	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X201 3p Irt Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance X201 3p Irt	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X201 3p Irt Pro Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance X201 3p Irt Pro	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X202 2 Irt Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance X202 2 Irt	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X202 2p Irt Pro Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance X202 2p Irt Pro	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X204 Irt Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance X204 Irt	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X204 Irt Pro Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance X204 Irt Pro	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X204 2 Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X204 2	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X204 2fm Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X204 2fm	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X204 2ld Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X204 2ld	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X204 2ld Ts Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X204 2ld Ts	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X204 2ts Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X204 2ts	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X206 1 Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X206 1	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X206 1ld Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X206 1ld	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X208 Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X208	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X208pro Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X208pro	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X212 2 Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X212 2	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X212 2ld Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X212 2ld	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X216 Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X216	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X224 Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance X224	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X302 7eec Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X302 7eec	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X304 2fe Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X304 2fe	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X306 1ldfe Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X306 1ldfe	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X307 2eec Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X307 2eec	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X307 3 Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X307 3	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X307 3ld Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X307 3ld	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X308 2 Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X308 2	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X308 2ld Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X308 2ld	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X308 2lh Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X308 2lh	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X308 2lh+ Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X308 2lh+	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X308 2m Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X308 2m	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X308 2m Poe Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X308 2m Poe	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X308 2m Ts Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X308 2m Ts	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X310 Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X310	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X310fe Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X310fe	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X320 1fe Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X320 1fe	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X320 3ldfe Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X320 3ldfe	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xb 200 Firmware	Before 4.3

Running on/with	Platform Versions
Siemens Scalance Xb 200	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xc 200 Firmware	Before 4.3

Running on/with	Platform Versions
Siemens Scalance Xc 200	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf201 3p Irt Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance Xf201 3p Irt	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf202 2p Irt Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance Xf202 2p Irt	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf204 Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance Xf204	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf204 Irt Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance Xf204 Irt	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf204 2 Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance Xf204 2	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf204 2ba Irt Firmware	Before 5.5.0

Running on/with	Platform Versions
Siemens Scalance Xf204 2ba Irt	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf206 1 Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance Xf206 1	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf208 Firmware	Before 5.2.5

Running on/with	Platform Versions
Siemens Scalance Xf208	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf 200ba Firmware	Before 4.3

Running on/with	Platform Versions
Siemens Scalance Xf 200ba	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xm400 Firmware	Before 6.3.1

Running on/with	Platform Versions
Siemens Scalance Xm400	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xp 200 Firmware	Before 4.3

Running on/with	Platform Versions
Siemens Scalance Xp 200	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324 4m Eec Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance Xr324 4m Eec	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324 4m Poe Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance Xr324 4m Poe	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324 4m Poe Ts Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance Xr324 4m Poe Ts	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324 12m Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance Xr324 12m	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr324 12m Ts Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance Xr324 12m Ts	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr500 Firmware	Before 6.3.1

Running on/with	Platform Versions
Siemens Scalance Xr500	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr 300wg Firmware	Before 4.3

Running on/with	Platform Versions
Siemens Scalance Xr 300wg	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Cfu Pa Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Cfu Pa	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Ie/pb Link V3 Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Ie/pb Link V3	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Mv500 Firmware	Before 3.0

Running on/with	Platform Versions
Siemens Simatic Mv500	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cm 1542 1 Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Net Cm 1542 1	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp1616 Firmware	Up to 2.7

Running on/with	Platform Versions
Siemens Simatic Net Cp1616	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp1604 Firmware	Up to 2.7

Running on/with	Platform Versions
Siemens Simatic Net Cp1604	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp1626 Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Net Cp1626	All versions

Configuration U

1 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Net Dk 16xx Pn Io	Up to 2.7

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Power Line Booster Plb Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Power Line Booster Plb	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Profinet Driver Firmware	Before 2.3

Running on/with	Platform Versions
Siemens Simatic Profinet Driver	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic S7 1200 Firmware	Before 4.5

Running on/with	Platform Versions
Siemens Simatic S7 1200	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simocode Prov Ethernet/ip Firmware	Before 1.1.3

Running on/with	Platform Versions
Siemens Simocode Prov Ethernet/ip	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simocode Prov Profinet Firmware	Before 2.1.3

Running on/with	Platform Versions
Siemens Simocode Prov Profinet	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Softnet Ie Pnio Firmware	All versions

Running on/with	Platform Versions
Siemens Softnet Ie Pnio	All versions

Related CWEs

CWE-770

Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (6)

https://cert-portal.siemens.com/productcert/html/ssa-599968.html

Source: productcert@siemens.com

https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf

Source: productcert@siemens.com

PatchVendor Advisory

https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03

Source: productcert@siemens.com

Third Party AdvisoryUS Government Resource

https://cert-portal.siemens.com/productcert/html/ssa-599968.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.