CVE-2017-12736

Description

After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions.

CVSS breakdown

Affected products

• Siemens / RUGGEDCOM i8000 – V4.3.4
• Siemens / RUGGEDCOM i800NC0 – V4.3.4
• Siemens / RUGGEDCOM i8010 – V4.3.4
• Siemens / RUGGEDCOM i801NC0 – V4.3.4
• Siemens / RUGGEDCOM i8020 – V4.3.4
• Siemens / RUGGEDCOM i802NC0 – V4.3.4
• Siemens / RUGGEDCOM i8030 – V4.3.4
• Siemens / RUGGEDCOM i803NC0 – V4.3.4
• Siemens / RUGGEDCOM M21000 – V4.3.4
• Siemens / RUGGEDCOM M2100NC0 – V4.3.4
• Siemens / RUGGEDCOM M22000 – V4.3.4
• Siemens / RUGGEDCOM M2200NC0 – V4.3.4
• Siemens / RUGGEDCOM M9690 – V4.3.4
• Siemens / RUGGEDCOM M969NC0 – V4.3.4
• Siemens / RUGGEDCOM RMC300 – V4.3.4
• Siemens / RUGGEDCOM RMC30NC0 – V4.3.4
• Siemens / RUGGEDCOM RMC8388NC V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RMC8388NC V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RMC8388 V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RMC8388 V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RP1100 – V4.3.4
• Siemens / RUGGEDCOM RP110NC0 – V4.3.4
• Siemens / RUGGEDCOM RS16000 – V4.3.4
• Siemens / RUGGEDCOM RS1600F0 – V4.3.4
• Siemens / RUGGEDCOM RS1600FNC0 – V4.3.4
• Siemens / RUGGEDCOM RS1600NC0 – V4.3.4
• Siemens / RUGGEDCOM RS1600T0 – V4.3.4
• Siemens / RUGGEDCOM RS1600TNC0 – V4.3.4
• Siemens / RUGGEDCOM RS4000 – V4.3.4
• Siemens / RUGGEDCOM RS400NC0 – V4.3.4
• Siemens / RUGGEDCOM RS4010 – V4.3.4
• Siemens / RUGGEDCOM RS401NC0 – V4.3.4
• Siemens / RUGGEDCOM RS4160 – V4.3.4
• Siemens / RUGGEDCOM RS416NC0 – V4.3.4
• Siemens / RUGGEDCOM RS416NCv2 V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RS416NCv2 V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RS416P0 – V4.3.4
• Siemens / RUGGEDCOM RS416PNC0 – V4.3.4
• Siemens / RUGGEDCOM RS416PNCv2 V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RS416PNCv2 V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RS416Pv2 V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RS416Pv2 V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RS416v2 V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RS416v2 V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RS80000 – V4.3.4
• Siemens / RUGGEDCOM RS8000A0 – V4.3.4
• Siemens / RUGGEDCOM RS8000ANC0 – V4.3.4
• Siemens / RUGGEDCOM RS8000H0 – V4.3.4
• Siemens / RUGGEDCOM RS8000HNC0 – V4.3.4
• Siemens / RUGGEDCOM RS8000NC0 – V4.3.4
• Siemens / RUGGEDCOM RS8000T0 – V4.3.4
• Siemens / RUGGEDCOM RS8000TNC0 – V4.3.4
• Siemens / RUGGEDCOM RS9000 – V4.3.4
• Siemens / RUGGEDCOM RS900 (32M) V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RS900 (32M) V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RS900G0 – V4.3.4
• Siemens / RUGGEDCOM RS900G (32M) V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RS900G (32M) V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RS900GNC0 – V4.3.4
• Siemens / RUGGEDCOM RS900GNC(32M) V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RS900GNC(32M) V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RS900GP0 – V4.3.4
• Siemens / RUGGEDCOM RS900GPNC0 – V4.3.4
• Siemens / RUGGEDCOM RS900L0 – V4.3.4
• Siemens / RUGGEDCOM RS900LNC0 – V4.3.4
• Siemens / RUGGEDCOM RS900M-GETS-C010 – V4.3.4
• Siemens / RUGGEDCOM RS900M-GETS-XX0 – V4.3.4
• Siemens / RUGGEDCOM RS900MNC-GETS-C010 – V4.3.4
• Siemens / RUGGEDCOM RS900MNC-GETS-XX0 – V4.3.4
• Siemens / RUGGEDCOM RS900MNC-STND-XX0 – V4.3.4
• Siemens / RUGGEDCOM RS900MNC-STND-XX-C010 – V4.3.4
• Siemens / RUGGEDCOM RS900M-STND-C010 – V4.3.4
• Siemens / RUGGEDCOM RS900M-STND-XX0 – V4.3.4
• Siemens / RUGGEDCOM RS900NC0 – V4.3.4
• Siemens / RUGGEDCOM RS900NC(32M) V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RS900NC(32M) V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RS900W0 – V4.3.4
• Siemens / RUGGEDCOM RS9100 – V4.3.4
• Siemens / RUGGEDCOM RS910L0 – V4.3.4
• Siemens / RUGGEDCOM RS910LNC0 – V4.3.4
• Siemens / RUGGEDCOM RS910NC0 – V4.3.4
• Siemens / RUGGEDCOM RS910W0 – V4.3.4
• Siemens / RUGGEDCOM RS920L0 – V4.3.4
• Siemens / RUGGEDCOM RS920LNC0 – V4.3.4
• Siemens / RUGGEDCOM RS920W0 – V4.3.4
• Siemens / RUGGEDCOM RS930L0 – V4.3.4
• Siemens / RUGGEDCOM RS930LNC0 – V4.3.4
• Siemens / RUGGEDCOM RS930W0 – V4.3.4
• Siemens / RUGGEDCOM RS940G0 – V4.3.4
• Siemens / RUGGEDCOM RS940GNC0 – V4.3.4
• Siemens / RUGGEDCOM RS9690 – V4.3.4
• Siemens / RUGGEDCOM RS969NC0 – V4.3.4
• Siemens / RUGGEDCOM RSG21000 – V4.3.4
• Siemens / RUGGEDCOM RSG2100 (32M) V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2100 (32M) V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG2100NC0 – V4.3.4
• Siemens / RUGGEDCOM RSG2100NC(32M) V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2100NC(32M) V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG2100P0 – V4.3.4
• Siemens / RUGGEDCOM RSG2100P (32M) V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2100P (32M) V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG2100PNC0 – V4.3.4
• Siemens / RUGGEDCOM RSG2100PNC (32M) V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2100PNC (32M) V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG22000 – V4.3.4
• Siemens / RUGGEDCOM RSG2200NC0 – V4.3.4
• Siemens / RUGGEDCOM RSG2288NC V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2288NC V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG2288 V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2288 V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG2300NC V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2300NC V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG2300PNC V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2300PNC V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG2300P V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2300P V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG2300 V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2300 V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG2488NC V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2488NC V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG2488 V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG2488 V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG907R0 – V5.0.1
• Siemens / RUGGEDCOM RSG908C0 – V5.0.1
• Siemens / RUGGEDCOM RSG909R0 – V5.0.1
• Siemens / RUGGEDCOM RSG910C0 – V5.0.1
• Siemens / RUGGEDCOM RSG920PNC V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG920PNC V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSG920P V4.X0 – V4.3.4
• Siemens / RUGGEDCOM RSG920P V5.X0 – V5.0.1
• Siemens / RUGGEDCOM RSL9100 – V5.0.1
• Siemens / RUGGEDCOM RSL910NC0 – V5.0.1
• Siemens / RUGGEDCOM RST22280 – V5.0.1
• Siemens / RUGGEDCOM RST2228P0 – V5.0.1
• Siemens / RUGGEDCOM RST916C0 – V5.0.1
• Siemens / RUGGEDCOM RST916P0 – V5.0.1
• Siemens / SCALANCE XB205-3LD (SC, E/IP)V3.0 – V3.0.2
• Siemens / SCALANCE XB205-3LD (SC, PN)V3.0 – V3.0.2
• Siemens / SCALANCE XB205-3 (SC, PN)V3.0 – V3.0.2
• Siemens / SCALANCE XB205-3 (ST, E/IP)V3.0 – V3.0.2
• Siemens / SCALANCE XB205-3 (ST, PN)V3.0 – V3.0.2
• Siemens / SCALANCE XB206-2 LDV3.0 – V3.0.2
• Siemens / SCALANCE XB206-2LDV3.0 – V3.0.2
• Siemens / SCALANCE XB206-2 (SC)V3.0 – V3.0.2
• Siemens / SCALANCE XB206-2 STV3.0 – V3.0.2
• Siemens / SCALANCE XB206-2 (ST/BFOC)V3.0 – V3.0.2
• Siemens / SCALANCE XB208 (E/IP)V3.0 – V3.0.2
• Siemens / SCALANCE XB208 (PN)V3.0 – V3.0.2
• Siemens / SCALANCE XB213-3LD (SC, E/IP)V3.0 – V3.0.2
• Siemens / SCALANCE XB213-3LD (SC, PN)V3.0 – V3.0.2
• Siemens / SCALANCE XB213-3 (SC, E/IP)V3.0 – V3.0.2
• Siemens / SCALANCE XB213-3 (SC, PN)V3.0 – V3.0.2
• Siemens / SCALANCE XB213-3 (ST, E/IP)V3.0 – V3.0.2
• Siemens / SCALANCE XB213-3 (ST, PN)V3.0 – V3.0.2
• Siemens / SCALANCE XB216 (E/IP)V3.0 – V3.0.2
• Siemens / SCALANCE XB216 (PN)V3.0 – V3.0.2
• Siemens / SCALANCE XC206-2G PoEV3.0 – V3.0.2
• Siemens / SCALANCE XC206-2G PoE (54 V DC)V3.0 – V3.0.2
• Siemens / SCALANCE XC206-2G PoE EEC (54 V DC)V3.0 – V3.0.2
• Siemens / SCALANCE XC206-2 (SC)V3.0 – V3.0.2
• Siemens / SCALANCE XC206-2SFPV3.0 – V3.0.2
• Siemens / SCALANCE XC206-2SFP EECV3.0 – V3.0.2
• Siemens / SCALANCE XC206-2SFP GV3.0 – V3.0.2
• Siemens / SCALANCE XC206-2SFP G EECV3.0 – V3.0.2
• Siemens / SCALANCE XC206-2SFP G (EIP DEF.)V3.0 – V3.0.2
• Siemens / SCALANCE XC206-2 (ST/BFOC)V3.0 – V3.0.2
• Siemens / SCALANCE XC208V3.0 – V3.0.2
• Siemens / SCALANCE XC208EECV3.0 – V3.0.2
• Siemens / SCALANCE XC208GV3.0 – V3.0.2
• Siemens / SCALANCE XC208G EECV3.0 – V3.0.2
• Siemens / SCALANCE XC208G (EIP def.)V3.0 – V3.0.2
• Siemens / SCALANCE XC208G PoEV3.0 – V3.0.2
• Siemens / SCALANCE XC208G PoE (54 V DC)V3.0 – V3.0.2
• Siemens / SCALANCE XC216V3.0 – V3.0.2
• Siemens / SCALANCE XC216-3G PoEV3.0 – V3.0.2
• Siemens / SCALANCE XC216-3G PoE (54 V DC)V3.0 – V3.0.2
• Siemens / SCALANCE XC216-4CV3.0 – V3.0.2
• Siemens / SCALANCE XC216-4C GV3.0 – V3.0.2
• Siemens / SCALANCE XC216-4C G EECV3.0 – V3.0.2
• Siemens / SCALANCE XC216-4C G (EIP Def.)V3.0 – V3.0.2
• Siemens / SCALANCE XC216EECV3.0 – V3.0.2
• Siemens / SCALANCE XC224V3.0 – V3.0.2
• Siemens / SCALANCE XC224-4C GV3.0 – V3.0.2
• Siemens / SCALANCE XC224-4C G EECV3.0 – V3.0.2
• Siemens / SCALANCE XC224-4C G (EIP Def.)V3.0 – V3.0.2
• Siemens / SCALANCE XF204V3.0 – V3.0.2
• Siemens / SCALANCE XF204-2BAV3.0 – V3.0.2
• Siemens / SCALANCE XF204-2BA DNAV3.0 – V3.0.2
• Siemens / SCALANCE XF204 DNAV3.0 – V3.0.2
• Siemens / SCALANCE XF204GV3.0 – V3.0.2
• Siemens / SCALANCE XM408-4CV6.1.0 – V6.1.1
• Siemens / SCALANCE XM408-4C (L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XM408-8CV6.1.0 – V6.1.1
• Siemens / SCALANCE XM408-8C (L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XM416-4CV6.1.0 – V6.1.1
• Siemens / SCALANCE XM416-4C (L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XP208V3.0 – V3.0.2
• Siemens / SCALANCE XP208EECV3.0 – V3.0.2
• Siemens / SCALANCE XP208 (Ethernet/IP)V3.0 – V3.0.2
• Siemens / SCALANCE XP208GV3.0 – V3.0.2
• Siemens / SCALANCE XP208G EECV3.0 – V3.0.2
• Siemens / SCALANCE XP208G PoE EECV3.0 – V3.0.2
• Siemens / SCALANCE XP208G PPV3.0 – V3.0.2
• Siemens / SCALANCE XP208PoE EECV3.0 – V3.0.2
• Siemens / SCALANCE XP216V3.0 – V3.0.2
• Siemens / SCALANCE XP216EECV3.0 – V3.0.2
• Siemens / SCALANCE XP216EEC (V2)V3.0 – V3.0.2
• Siemens / SCALANCE XP216 (Ethernet/IP)V3.0 – V3.0.2
• Siemens / SCALANCE XP216GV3.0 – V3.0.2
• Siemens / SCALANCE XP216G EECV3.0 – V3.0.2
• Siemens / SCALANCE XP216G PoE EECV3.0 – V3.0.2
• Siemens / SCALANCE XP216POE EECV3.0 – V3.0.2
• Siemens / SCALANCE XP216PoE EEC (V2)V3.0 – V3.0.2
• Siemens / SCALANCE XP216 (V2)V3.0 – V3.0.2
• Siemens / SCALANCE XR324WG (24 x FE, AC 230V)V3.0 – V3.0.2
• Siemens / SCALANCE XR324WG (24 X FE, DC 24V)V3.0 – V3.0.2
• Siemens / SCALANCE XR326-2C PoE WGV3.0 – V3.0.2
• Siemens / SCALANCE XR326-2C PoE WG (without UL)V3.0 – V3.0.2
• Siemens / SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)V3.0 – V3.0.2
• Siemens / SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)V3.0 – V3.0.2
• Siemens / SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)V3.0 – V3.0.2
• Siemens / SCALANCE XR328-4C WG (28xGE, AC 230V)V3.0 – V3.0.2
• Siemens / SCALANCE XR328-4C WG (28xGE, DC 24V)V3.0 – V3.0.2
• Siemens / SCALANCE XR524-8C, 1x230VV6.1.0 – V6.1.1
• Siemens / SCALANCE XR524-8C, 1x230V (L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XR524-8C, 24VV6.1.0 – V6.1.1
• Siemens / SCALANCE XR524-8C, 24V (L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XR524-8C, 2x230VV6.1.0 – V6.1.1
• Siemens / SCALANCE XR524-8C, 2x230V (L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XR526-8C, 1x230VV6.1.0 – V6.1.1
• Siemens / SCALANCE XR526-8C, 1x230V (L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XR526-8C, 24VV6.1.0 – V6.1.1
• Siemens / SCALANCE XR526-8C, 24V (L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XR526-8C, 2x230VV6.1.0 – V6.1.1
• Siemens / SCALANCE XR526-8C, 2x230V (L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XR528-6MV6.1.0 – V6.1.1
• Siemens / SCALANCE XR528-6M (2HR2)V6.1.0 – V6.1.1
• Siemens / SCALANCE XR528-6M (2HR2, L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XR528-6M (L3 int.)V6.1.0 – V6.1.1
• Siemens / SCALANCE XR552-12MV6.1.0 – V6.1.1
• Siemens / SCALANCE XR552-12M (2HR2)V6.1.0 – V6.1.1
• Siemens / SCALANCE XR552-12M (2HR2, L3 int.)V6.1.0 – V6.1.1
• Siemens / SIPLUS NET SCALANCE XC206-2V3.0 – V3.0.2
• Siemens / SIPLUS NET SCALANCE XC206-2SFPV3.0 – V3.0.2
• Siemens / SIPLUS NET SCALANCE XC208V3.0 – V3.0.2
• Siemens / SIPLUS NET SCALANCE XC216-4CV3.0 – V3.0.2

References

• MISChttps://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf
• MISChttp://www.securitytracker.com/id/1039463
• MISChttp://www.securitytracker.com/id/1039464
• MISChttp://www.securityfocus.com/bid/101041
• MISChttps://cert-portal.siemens.com/productcert/html/ssa-856721.html