Summaryinfo

A vulnerability was found in Siemens SIMATIC S7-300 up to 3.2.11 and classified as problematic. This impacts an unknown function. Executing a manipulation can lead to resource management. This vulnerability is tracked as CVE-2016-3949. The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.

Detailsinfo

A vulnerability classified as critical was found in Siemens SIMATIC S7-300 up to 3.2.11 (SCADA Software). This vulnerability affects an unknown code. The manipulation with an unknown input leads to a resource management vulnerability. The CWE definition for the vulnerability is CWE-399. As an impact it is known to affect availability. CVE summarizes:

Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial of service (defect-mode transition) via crafted (1) ISO-TSAP or (2) Profibus packets.

The weakness was disclosed 06/27/2016 (Website). The advisory is shared for download at siemens.com. This vulnerability was named CVE-2016-3949 since 04/05/2016. The exploitation appears to be easy. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. There are neither technical details nor an exploit publicly available.

Upgrading to version 3.2.12 eliminates this vulnerability.

Once again VulDB remains the best source for vulnerability data.

Productinfo

Type

• SCADA Software

Vendor

• Siemens

Name

• SIMATIC S7-300

Version

• 3.2.0
• 3.2.1
• 3.2.2
• 3.2.3
• 3.2.4
• 3.2.5
• 3.2.6
• 3.2.7
• 3.2.8
• 3.2.9
• 3.2.10
• 3.2.11

License

• commercial

Website

• Vendor: https://www.siemens.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion