{"id": "CVE-2017-12736", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "productcert@siemens.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2017-12-26T04:29:13.643", "references": [{"url": "http://www.securityfocus.com/bid/101041", "tags": ["Third Party Advisory", "VDB Entry"], "source": "productcert@siemens.com"}, {"url": "http://www.securitytracker.com/id/1039463", "tags": ["Third Party Advisory", "VDB Entry"], "source": "productcert@siemens.com"}, {"url": "http://www.securitytracker.com/id/1039464", "tags": ["Third Party Advisory", "VDB Entry"], "source": "productcert@siemens.com"}, {"url": "https://cert-portal.siemens.com/productcert/html/ssa-856721.html", "source": "productcert@siemens.com"}, {"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf", "tags": ["Issue Tracking", "Mitigation", "Vendor Advisory"], "source": "productcert@siemens.com"}, {"url": "http://www.securityfocus.com/bid/101041", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1039463", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1039464", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf", "tags": ["Issue Tracking", "Mitigation", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-1188"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-665"}]}], "descriptions": [{"lang": "en", "value": "After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to write to the device under certain conditions.\r\n\r\nThis could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions."}, {"lang": "es", "value": "Se identific\u00f3 una vulnerabilidad en RUGGEDCOM ROS para los dispositivos RSL910 (todas las versiones anteriores a ROS V5.0.1), RUGGEDCOM ROS para todos los dem\u00e1s dispositivos (todas las versiones anteriores a ROS V4.3.4), SCALANCE XB-200/XC-200/XP-200/XR300-WG (Todas las versiones entre V3.0 (incluido) y V3.0.2 (excluyendo), SCALANCE XR-500/XM-400 (Todas las versiones entre V6.1 (incluido) y V6.1.1 (excluyendo). Despu\u00e9s de la configuraci\u00f3n inicial, el Ruggedcom Discovery Protocol (RCDP) a\u00fan puede escribir hacia el dispositivo bajo ciertas condiciones, esto potencialmente permite que los usuarios ubicados en la red adyacente del dispositivo destino realicen acciones administrativas no autorizadas."}], "lastModified": "2025-08-12T12:15:26.210", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA12DF53-5DB1-4279-9E46-6031258ACE68", "versionStartIncluding": "3.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5501093A-B4A4-4E9C-AE5A-38A012B81E07", "versionStartIncluding": "3.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7719E194-EE3D-4CE8-8C85-CF0D82A553AA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F5B80A4-0EFC-4488-A569-574B942FC7D9", "versionStartIncluding": "3.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8F962FC7-0616-467F-8CCA-ADEA224B5F7B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xr300-wg_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DEF3486-F27F-4FC3-ADE5-A5BCAD477C47", "versionStartIncluding": "3.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xr300-wg:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "43C240D0-5169-4800-B336-A2B889475CD6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xr-500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C6310FD-6DD7-4420-BE94-C791D18CA1E1", "versionStartIncluding": "6.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xr-500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "96EA9D9A-AD86-4983-8FD2-33B1E447D7D1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF503997-A9E6-4722-A774-D3089B3468B3", "versionStartIncluding": "6.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "798E900F-5EF9-4B39-B8C2-79FAE659E7F5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8AEFEF0-6AA1-4C07-BE94-0FBD7CECA354", "versionEndExcluding": "5.0.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcom_rsl910:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F0C8879-659D-4A28-BA72-7BE05B5215CC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF1FAD6D-C62C-46CF-A752-E0844A496344", "versionEndExcluding": "4.3.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcom:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9EABA893-37F5-4877-BC13-3557C654857E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "productcert@siemens.com"}
