Vulnerability Details : CVE-2017-12736
A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0.1), RUGGEDCOM ROS for all other devices (All versions < ROS V4.3.4), SCALANCE XB-200/XC-200/XP-200/XR300-WG (All versions between V3.0 (including) and V3.0.2 (excluding)), SCALANCE XR-500/XM-400 (All versions between V6.1 (including) and V6.1.1 (excluding)). After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to writeto the device under certain conditions, potentially allowing users located in the adjacentnetwork of the targeted device to perform unauthorized administrative actions.
Vulnerability category: Input validation
Products affected by CVE-2017-12736
- cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xr300-wg_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xr-500_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-12736
0.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 54 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-12736
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.8
|
MEDIUM | AV:A/AC:L/Au:N/C:P/I:P/A:P |
6.5
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2017-12736
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: productcert@siemens.com (Secondary)
-
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-12736
-
http://www.securityfocus.com/bid/101041
Multiple Siemens Products Discovery Protocol CVE-2017-12736 Remote Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1039463
Siemens Rugged Operating System (ROS) RCDP Access Control Flaw Lets Remote Users Access the Target System - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1039464
Siemens Scalance RCDP Access Control Flaw Lets Remote Users Access the Target System - SecurityTrackerThird Party Advisory;VDB Entry
-
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf
Issue Tracking;Mitigation;Vendor Advisory
Jump to