CVE-2015-2177

Loading...

General

Score:7.8/10.0
Severity:High
Category:Input Validation Error
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 07/03/15 - Updated on 02/06/18

Description

Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus.

Category: Input Validation Error

CWE-20 (Input Validation)
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Security Notices

US National Vulnerability DatabaseCVE-2015-2177
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2015-AVI-090

Exploits

Exploit-DBEDB-44802

Relative technologies

VendorProduct
siemenssimatic_s7-300_cpu
siemenssimatic_s7-300_cpu_firmware

Share this vulnerability with:

Twitter Facebook LinkedIn Mail