CVE-2017-2680

Name of the Vulnerable Software and Affected Versions: Siemens PROFINET DCP (affected versions not specified)

Description: The issue is related to insufficient input validation in the PROFINET DCP software, which can be exploited by an attacker using specially crafted PROFINET DCP broadcast packets. This could cause a denial of service condition on affected products within a local Ethernet segment (Layer 2), requiring human interaction to recover the systems. It is noted that PROFIBUS interfaces are not affected.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.