CVE-2012-1800

Published Apr 18, 2012

Last updated 12 years ago

CVSS info 6.1

Overview

Description: Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a crafted DCP frame.
Source: cret@cert.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.1
Impact score: 6.9
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:siemens:scalance_s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EACCA49-A75D-440B-BA66-95BCAD097A55",
            "versionEndIncluding": "2.3.0"
          },
          {
            "criteria": "cpe:2.3:a:siemens:scalance_s_firmware:2.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E451FF6-96D0-4F3F-A1D3-DAC0D31B9180"
          },
          {
            "criteria": "cpe:2.3:a:siemens:scalance_s_firmware:2.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDC7B3EB-62BC-427A-AFF9-4A51378FA9B9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:scalance_s602:v2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBC68DCB-4A60-475F-92EC-8103EA916A48"
          },
          {
            "criteria": "cpe:2.3:h:siemens:scalance_s612:v2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66827C00-1929-4576-88DD-C146C15D7DB4"
          },
          {
            "criteria": "cpe:2.3:h:siemens:scalance_s613:v2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6CCF33D-C441-42FB-9C97-7BFBE56BC00F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References