What is CVE-2017-9938?

CVE-2017-9938 is a high-severity vulnerability in Siemens Simatic_logon, classified under Out-of-bounds Write. CVSS score: 7.5/10. Published 2017-08-08.

How severe is CVE-2017-9938?

High severity. CVSS v3 base score is 7.5 out of 10.

Buffer overflow in Siemens Simatic_logon

CVE-2017-9938

A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The ser…

Vulnerability class: Buffer Overflow

EPSS: 0.010 (77.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Siemens Simatic_logon
N/a Simatic Logon All Versions Before V1.6 — versions SIMATIC Logon All versions before V1.6

Weakness classification (CWE)

References

productcert@siemens.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
productcert@siemens.com (x_refsource_MISC)
productcert@siemens.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-9938?: CVE-2017-9938 is a high-severity vulnerability in Siemens Simatic_logon, classified under Out-of-bounds Write. CVSS score: 7.5/10. Published 2017-08-08.
How severe is CVE-2017-9938?: High severity. CVSS v3 base score is 7.5 out of 10.