CVE-2018-16557

Name of the Vulnerable Software and Affected Versions SIMATIC S7-400 CPU 412-1 DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 412-2 DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 412-2 PN V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 414-2 DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 414-3 DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 414-3 PN/DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 414F-3 PN/DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 416-2 DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 416-3 DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 416-3 PN/DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 416F-2 DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 416F-3 PN/DP V7 versions prior to V7.0.3 SIMATIC S7-400 CPU 417-4 DP V7 versions prior to V7.0.3 SIMATIC S7-400 H V4.5 and below CPU family versions prior to V4.5 SIMATIC S7-400 H V6 CPU family versions prior to V6.0.9 SIMATIC S7-400 PN/DP V6 and below CPU family versions prior to V6 SIMATIC S7-410 CPU family versions prior to V8.2.1 SIPLUS S7-400 CPU 414-3 PN/DP V7 versions prior to V7.0.3 SIPLUS S7-400 CPU 416-3 PN/DP V7 versions prior to V7.0.3 SIPLUS S7-400 CPU 416-3 V7 versions prior to V7.0.3 SIPLUS S7-400 CPU 417-4 V7 versions prior to V7.0.3

Description The issue is related to errors in input validation by the Ethernet, PROFIBUS, and MPI interfaces, which could allow a remote attacker to cause a denial of service condition by sending specially crafted packets to port 102/tcp. Successful exploitation requires network access to the device and no user interaction is required. If no access protection is configured, no privileges are required to exploit the security vulnerability. The vulnerability could compromise the availability of the system.

Recommendations For SIMATIC S7-400 CPU 412-1 DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 412-2 DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 412-2 PN V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 414-2 DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 414-3 DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 414-3 PN/DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 414F-3 PN/DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 416-2 DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 416-3 DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 416-3 PN/DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 416F-2 DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 416F-3 PN/DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 CPU 417-4 DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 H V4.5 and below CPU family versions prior to V4.5, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 H V6 CPU family versions prior to V6.0.9, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-400 PN/DP V6 and below CPU family versions prior to V6, flashing with a firmware image may be required to recover the CPU. For SIMATIC S7-410 CPU family versions prior to V8.2.1, flashing with a firmware image may be required to recover the CPU. For SIPLUS S7-400 CPU 414-3 PN/DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIPLUS S7-400 CPU 416-3 PN/DP V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIPLUS S7-400 CPU 416-3 V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. For SIPLUS S7-400 CPU 417-4 V7 versions prior to V7.0.3, flashing with a firmware image may be required to recover the CPU. As a temporary workaround, consider restricting access to port 102/tcp via Ethernet interface or to the PROFIBUS or Multi Point Interfaces (MPI) to minimize the risk of exploitation.