CVE-2017-9938

EPSS 2.9%CWE-787

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 2.9%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

08 Aug 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically.

Affected products

n/a · SIMATIC Logon All versions before V1.6

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-804859.pdf https://www.tenable.com/security/research/tra-2017-34 http://www.securityfocus.com/bid/99539