Vigil@nce - SIMATIC: denial of service via PROFINET DCP
May 2018 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send malicious PROFINET DCP packets to SIMATIC, in
order to trigger a denial of service.
Impacted products: SIMATIC.
Severity: 2/4.
Creation date: 21/03/2018.
DESCRIPTION OF THE VULNERABILITY
The SIMATIC product has a service to manage received PROFINET DCP
packets.
However, when malicious PROFINET DCP packets are received, a fatal
error occurs.
An attacker can therefore send malicious PROFINET DCP packets to
SIMATIC, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/SIMATIC-denial-of-service-via-PROFINET-DCP-25610