What is the severity of CVE-2017-6017?

CVE-2017-6017 has been classified as a high severity vulnerability due to its potential for resource exhaustion and disruption of services.

How do I fix CVE-2017-6017?

To mitigate CVE-2017-6017, it is recommended to update the affected Schneider Electric Modicon M340 PLC firmware to the latest secure version.

What software versions are affected by CVE-2017-6017?

CVE-2017-6017 affects Schneider Electric Modicon M340 PLCs running firmware version 2.8.

What type of issues does CVE-2017-6017 cause?

CVE-2017-6017 can lead to resource exhaustion that affects the availability of the PLC, potentially causing service disruptions.

Is there a workaround for CVE-2017-6017?

Implementing network segmentation and monitoring for unusual traffic can help mitigate the risks posed by CVE-2017-6017 until a firmware update is applied.

Vulnerability/
CVE-2017-6017

high

7.8

CWE

400

30/6/2017

5/8/2024

CVE-2017-6017

First published: Fri Jun 30 2017(Updated: )

A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
schneider-electric BMXNOC0401	=2.8
Schneider Electric Modicon M340 BMXNOC0401
Schneider Electric BMXNOE0100 Firmware	=2.8
schneider-electric bmxnoe0100
schneider-electric BMXNOE0110H	=2.8
schneider-electric BMXNOE0110H
Schneider Electric BMXNOE0110H Firmware	=2.8
Schneider Electric BMXNOE0110H Firmware
Schneider Electric BMXNOR0200H Firmware	=2.8
Schneider Electric BMXNOR200H
Schneider Electric BMXP341000 Firmware	=2.8
Schneider Electric BMXP341000 Firmware
Schneider Electric BMXP342000 Firmware	=2.8
Schneider Electric BMXP342000 Firmware
Schneider Electric BMXP3420102 Firmware	=2.8
Schneider Electric BMXP3420102 Firmware
schneider-electric bmxp3420102cl firmware	=2.8
Schneider Electric BMXP3420102CL
schneider-electric BMXP342020H firmware	=2.8
schneider-electric BMXP342020H firmware
schneider-electric BMXP342020H firmware	=2.8
schneider-electric BMXP342020H firmware
Schneider Electric BMXP342030	=2.8
Schneider Electric BMXP342030
Schneider Electric BMXP3420302H firmware	=2.8
Schneider Electric BMXP3420302H firmware
Schneider Electric BMXP3420302H firmware	=2.8
Schneider Electric BMXP3420302H firmware
Schneider Electric BMXP342030 Firmware	=2.8
schneider-electric BMXP342030H firmware
All of
schneider-electric BMXNOC0401	=2.8
Schneider Electric Modicon M340 BMXNOC0401
All of
Schneider Electric BMXNOE0100 Firmware	=2.8
schneider-electric bmxnoe0100
All of
schneider-electric BMXNOE0110H	=2.8
schneider-electric BMXNOE0110H
All of
Schneider Electric BMXNOE0110H Firmware	=2.8
Schneider Electric BMXNOE0110H Firmware
All of
Schneider Electric BMXNOR0200H Firmware	=2.8
Schneider Electric BMXNOR200H
All of
Schneider Electric Modicon M340 BMXP341000 Firmware	=2.8
Schneider Electric Modicon M340 BMXP341000
All of
Schneider Electric Modicon M340 BMXP342000 Firmware	=2.8
Schneider Electric Modicon M340 BMXP342000 Firmware
All of
Schneider Electric Modicon M340 BMXP3420102 Firmware	=2.8
Schneider Electric Modicon M340 BMXP3420102
All of
Schneider Electric Modicon M340 BMXP3420102CL Firmware	=2.8
Schneider Electric Modicon M340 BMXP3420102CL Firmware
All of
Schneider Electric Modicon M340 BMXP342020 Firmware	=2.8
Schneider Electric Modicon M340 BMXP342020
All of
Schneider Electric Modicon M340 BMXP342020H Firmware	=2.8
Schneider Electric Modicon M340 BMXP342020H
All of
Schneider Electric Modicon M340 BMXP342030 Firmware	=2.8
Schneider Electric Modicon M340 BMXP342030H
All of
Schneider Electric Modicon M340 BMXP3420302 Firmware	=2.8
Schneider Electric Modicon M340 BMXP3420302 Firmware
All of
Schneider Electric Modicon M340 BMXP3420302H Firmware	=2.8
Schneider Electric Modicon M340 BMXP3420302H Firmware
All of
Schneider Electric Modicon M340 BMXP342030H Firmware	=2.8
Schneider Electric Modicon M340 BMXP342030H

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6017?
CVE-2017-6017 has been classified as a high severity vulnerability due to its potential for resource exhaustion and disruption of services.
How do I fix CVE-2017-6017?
To mitigate CVE-2017-6017, it is recommended to update the affected Schneider Electric Modicon M340 PLC firmware to the latest secure version.
What software versions are affected by CVE-2017-6017?
CVE-2017-6017 affects Schneider Electric Modicon M340 PLCs running firmware version 2.8.
What type of issues does CVE-2017-6017 cause?
CVE-2017-6017 can lead to resource exhaustion that affects the availability of the PLC, potentially causing service disruptions.
Is there a workaround for CVE-2017-6017?
Implementing network segmentation and monitoring for unusual traffic can help mitigate the risks posed by CVE-2017-6017 until a firmware update is applied.

agent/type
agent/author
agent/severity
agent/references
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
agent/software-canonical-lookup
vendor/schneider-electric
canonical/schneider-electric bmxnoc0401
version/schneider-electric bmxnoc0401/2.8
canonical/schneider electric modicon m340 bmxnoc0401
canonical/schneider electric bmxnoe0100 firmware
version/schneider electric bmxnoe0100 firmware/2.8
canonical/schneider-electric bmxnoe0100
canonical/schneider-electric bmxnoe0110h
version/schneider-electric bmxnoe0110h/2.8
canonical/schneider electric bmxnoe0110h firmware
version/schneider electric bmxnoe0110h firmware/2.8
canonical/schneider electric bmxnor0200h firmware
version/schneider electric bmxnor0200h firmware/2.8
canonical/schneider electric bmxnor200h
canonical/schneider electric bmxp341000 firmware
version/schneider electric bmxp341000 firmware/2.8
canonical/schneider electric bmxp342000 firmware
version/schneider electric bmxp342000 firmware/2.8
canonical/schneider electric bmxp3420102 firmware
version/schneider electric bmxp3420102 firmware/2.8
canonical/schneider-electric bmxp3420102cl firmware
version/schneider-electric bmxp3420102cl firmware/2.8
canonical/schneider electric bmxp3420102cl
canonical/schneider-electric bmxp342020h firmware
version/schneider-electric bmxp342020h firmware/2.8
canonical/schneider electric bmxp342030
version/schneider electric bmxp342030/2.8
canonical/schneider electric bmxp3420302h firmware
version/schneider electric bmxp3420302h firmware/2.8
canonical/schneider electric bmxp342030 firmware
version/schneider electric bmxp342030 firmware/2.8
canonical/schneider-electric bmxp342030h firmware
canonical/schneider electric modicon m340 bmxp341000 firmware
version/schneider electric modicon m340 bmxp341000 firmware/2.8
canonical/schneider electric modicon m340 bmxp341000
canonical/schneider electric modicon m340 bmxp342000 firmware
version/schneider electric modicon m340 bmxp342000 firmware/2.8
canonical/schneider electric modicon m340 bmxp3420102 firmware
version/schneider electric modicon m340 bmxp3420102 firmware/2.8
canonical/schneider electric modicon m340 bmxp3420102
canonical/schneider electric modicon m340 bmxp3420102cl firmware
version/schneider electric modicon m340 bmxp3420102cl firmware/2.8
canonical/schneider electric modicon m340 bmxp342020 firmware
version/schneider electric modicon m340 bmxp342020 firmware/2.8
canonical/schneider electric modicon m340 bmxp342020
canonical/schneider electric modicon m340 bmxp342020h firmware
version/schneider electric modicon m340 bmxp342020h firmware/2.8
canonical/schneider electric modicon m340 bmxp342020h
canonical/schneider electric modicon m340 bmxp342030 firmware
version/schneider electric modicon m340 bmxp342030 firmware/2.8
canonical/schneider electric modicon m340 bmxp342030h
canonical/schneider electric modicon m340 bmxp3420302 firmware
version/schneider electric modicon m340 bmxp3420302 firmware/2.8
canonical/schneider electric modicon m340 bmxp3420302h firmware
version/schneider electric modicon m340 bmxp3420302h firmware/2.8
canonical/schneider electric modicon m340 bmxp342030h firmware
version/schneider electric modicon m340 bmxp342030h firmware/2.8

CVE-2017-6017

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6017?

How do I fix CVE-2017-6017?

What software versions are affected by CVE-2017-6017?

What type of issues does CVE-2017-6017 cause?

Is there a workaround for CVE-2017-6017?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-6017?

How do I fix CVE-2017-6017?

What software versions are affected by CVE-2017-6017?

What type of issues does CVE-2017-6017 cause?

Is there a workaround for CVE-2017-6017?