Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-12736

A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0.1), RUGGEDCOM ROS for all other devices (All versions < ROS V4.3.4), SCALANCE XB-200/XC-200/XP-200/XR300-WG (All versions between V3.0 (including) and V3.0.2 (excluding)), SCALANCE XR-500/XM-400 (All versions between V6.1 (including) and V6.1.1 (excluding)). After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to writeto the device under certain conditions, potentially allowing users located in the adjacentnetwork of the targeted device to perform unauthorized administrative actions.

Published

2017-12-26T04:29:13.643

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 8.8 (HIGH)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:P/I:P/A:P

Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

6.5

Impact Score

6.4

Weaknesses

Type: Secondary
CWE-20
Type: Primary
CWE-665

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	scalance_xb-200_firmware	≥ 3.0	Yes
Hardware	siemens	scalance_xb-200	-	No
Operating System	siemens	scalance_xc-200_firmware	≥ 3.0	Yes
Hardware	siemens	scalance_xc-200	-	No
Operating System	siemens	scalance_xp-200_firmware	≥ 3.0	Yes
Hardware	siemens	scalance_xp-200	-	No
Operating System	siemens	scalance_xr300-wg_firmware	≥ 3.0	Yes
Hardware	siemens	scalance_xr300-wg	-	No
Operating System	siemens	scalance_xr-500_firmware	≥ 6.1	Yes
Hardware	siemens	scalance_xr-500	-	No
Operating System	siemens	scalance_xm-400_firmware	≥ 6.1	Yes
Hardware	siemens	scalance_xm-400	-	No
Operating System	siemens	ruggedcom_ros	< 5.0.1	Yes
Hardware	siemens	ruggedcom_rsl910	-	No
Operating System	siemens	ruggedcom_ros	< 4.3.4	Yes
Hardware	siemens	ruggedcom	-	No

References

http://www.securityfocus.com/bid/101041 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1039463 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1039464 Third Party Advisory, VDB Entry ([email protected])
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf Issue Tracking, Mitigation, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/101041 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039463 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039464 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf Issue Tracking, Mitigation, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)