CVE-2017-6865

Name of the Vulnerable Software and Affected Versions: SIMATIC Automation Tool versions prior to V3.0 SIMATIC NET PC-Software versions prior to V14 SP1 SIMATIC PCS 7 V8.1 all versions SIMATIC PCS 7 V8.2 versions prior to V8.2 SP1 SIMATIC STEP 7 (TIA Portal) V13 versions prior to V13 SP2 SIMATIC STEP 7 (TIA Portal) V14 versions prior to V14 SP1 SIMATIC STEP 7 V5.X versions prior to V5.6 SIMATIC WinAC RTX 2010 SP2 all versions SIMATIC WinAC RTX F 2010 SP2 all versions SIMATIC WinCC (TIA Portal) V13 versions prior to V13 SP2 SIMATIC WinCC (TIA Portal) V14 versions prior to V14 SP1 SIMATIC WinCC V7.2 and prior all versions SIMATIC WinCC V7.3 versions prior to V7.3 Update 15 SIMATIC WinCC V7.4 versions prior to V7.4 SP1 Upd1 SIMATIC WinCC flexible 2008 versions prior to flexible 2008 SP5 Primary Setup Tool (PST) versions prior to V4.2 HF1 SINAUT ST7CC versions installed in conjunction with SIMATIC WinCC prior to V7.3 Update 15 SINEMA Server versions prior to V14 SINUMERIK 808D Programming Tool versions prior to V4.7 SP4 HF2 SMART PC Access versions prior to V2.3 STEP 7 - Micro/WIN SMART versions prior to V2.3 Security Configuration Tool (SCT) versions prior to V5.0

Description: The issue is related to insufficient input validation in the Ethernet segment, which could allow an attacker to cause a Denial-of-Service condition of some services by sending specially crafted PROFINET DCP broadcast packets. The services require manual restart to recover.

Recommendations: For SIMATIC Automation Tool versions prior to V3.0, update to V3.0 or later. For SIMATIC NET PC-Software versions prior to V14 SP1, update to V14 SP1 or later. For SIMATIC PCS 7 V8.1, apply the recommended patch or update. For SIMATIC PCS 7 V8.2 versions prior to V8.2 SP1, update to V8.2 SP1 or later. For SIMATIC STEP 7 (TIA Portal) V13 versions prior to V13 SP2, update to V13 SP2 or later. For SIMATIC STEP 7 (TIA Portal) V14 versions prior to V14 SP1, update to V14 SP1 or later. For SIMATIC STEP 7 V5.X versions prior to V5.6, update to V5.6 or later. For SIMATIC WinAC RTX 2010 SP2, apply the recommended patch or update. For SIMATIC WinAC RTX F 2010 SP2, apply the recommended patch or update. For SIMATIC WinCC (TIA Portal) V13 versions prior to V13 SP2, update to V13 SP2 or later. For SIMATIC WinCC (TIA Portal) V14 versions prior to V14 SP1, update to V14 SP1 or later. For SIMATIC WinCC V7.2 and prior, update to V7.3 or later. For SIMATIC WinCC V7.3 versions prior to V7.3 Update 15, update to V7.3 Update 15 or later. For SIMATIC WinCC V7.4 versions prior to V7.4 SP1 Upd1, update to V7.4 SP1 Upd1 or later. For SIMATIC WinCC flexible 2008 versions prior to flexible 2008 SP5, update to flexible 2008 SP5 or later. For Primary Setup Tool (PST) versions prior to V4.2 HF1, update to V4.2 HF1 or later. For SINAUT ST7CC versions installed in conjunction with SIMATIC WinCC prior to V7.3 Update 15, update SIMATIC WinCC to V7.3 Update 15 or later. For SINEMA Server versions prior to V14, update to V14 or later. For SINUMERIK 808D Programming Tool versions prior to V4.7 SP4 HF2, update to V4.7 SP4 HF2 or later. For SMART PC Access versions prior to V2.3, update to V2.3 or later. For STEP 7 - Micro/WIN SMART versions prior to V2.3, update to V2.3 or later. For Security Configuration Tool (SCT) versions prior to V5.0, update to V5.0 or later. As a temporary workaround, consider restricting access to the vulnerable Ethernet segment to minimize the risk of exploitation.