CVE-2019-13946

Published: Feb 11, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD (Secondary)

Description

Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.

Affected (55)

Siemens

52 products

Dk Standard Ethernet Controller

Profinet Driver

Simatic Ipc Support

Ek Ertec 200 Firmware

Ek Ertec 200p Firmware

Ruggedcom Rm1224 Firmware

Scalance M 800 Firmware

Scalance S615 Firmware

Scalance W700 Ieee 802.11n Firmware

Scalance Xc 200 Firmware

Scalance Xf 200 Firmware

Scalance Xp 200 Firmware

Scalance Xb 200 Firmware

Scalance X 200irt Firmware

Scalance X 300 Firmware

Scalance Xf 200ba Firmware

Scalance Xr 300wg Firmware

Scalance X 400 Firmware

Scalance Xm 400 Firmware

Scalance Xr524 Firmware

Scalance Xr526 Firmware

Scalance Xr528 Firmware

Scalance Xr552 Firmware

Simatic Cp 1616 Firmware

Simatic Cp 1604 Firmware

Simatic Cp 343 1 Firmware

Simatic Cp 343 1 Advanced Firmware

Simatic Cp 343 1 Erpc Firmware

Simatic Cp 343 1 Lean Firmware

Simatic Cp 443 1 Firmware

Simatic Cp 443 1 Advanced Firmware

Simatic Cp 443 1 Opc Ua Firmware

Simatic Et200al Im 157 1 Pn Firmware

Simatic Et200m Im153 4 Pn Io Hf Firmware

Simatic Et200m Im153 4 Pn Io St Firmware

Simatic Et200mp Im155 5 Pn Hf Firmware

Simatic Et200mp Im155 5 Pn St Firmware

Simatic Et200s Firmware

Simatic Et200sp Im155 6 Pn Basic Firmware

Simatic Et200sp Im155 6 Pn Hf Firmware

Simatic Et200sp Im155 6 Pn St Firmware

Simatic Et200ecopn Firmware

Simatic Et200pro Firmware

Im 154 3 Pn Hf Firmware

Im 154 4 Pn Hf Firmware

Simatic Mv440 Firmware

Simatic Mv420 Firmware

Simatic Pn/pn Coupler Firmware

Simatic Rf180c Firmware

Simatic Rf182c Firmware

Simatic Rf600 Firmware

Sinamics Dcp Firmware

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Siemens Dk Standard Ethernet Controller	All versions
Siemens Profinet Driver	Before 2.1
Siemens Simatic Ipc Support	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Ek Ertec 200 Firmware	Before 4.5

Running on/with	Platform Versions
Siemens Ek Ertec 200	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Ek Ertec 200p Firmware	Before 4.6

Running on/with	Platform Versions
Siemens Ek Ertec 200p	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Ruggedcom Rm1224 Firmware	Before 4.3

Running on/with	Platform Versions
Siemens Ruggedcom Rm1224	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance M 800 Firmware	Before 4.3

Running on/with	Platform Versions
Siemens Scalance M 800	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance S615 Firmware	Before 4.3

Running on/with	Platform Versions
Siemens Scalance S615	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance W700 Ieee 802.11n Firmware	Up to 6.0.1

Running on/with	Platform Versions
Siemens Scalance W700 Ieee 802.11n	All versions

Configuration H

1 vulnerable

Vulnerable Software	Affected Versions
Siemens Scalance Xc 200 Firmware	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf 200 Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance Xf 200	All versions

Configuration J

1 vulnerable

Vulnerable Software	Affected Versions
Siemens Scalance Xp 200 Firmware	All versions

Configuration K

1 vulnerable

Vulnerable Software	Affected Versions
Siemens Scalance Xb 200 Firmware	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X 200irt Firmware	Before 5.3

Running on/with	Platform Versions
Siemens Scalance X 200irt	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X 300 Firmware	All versions

Running on/with	Platform Versions
Siemens Scalance X 300	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xb 200 Firmware	Before 3.0

Running on/with	Platform Versions
Siemens Scalance Xb 200	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xc 200 Firmware	Before 3.0

Running on/with	Platform Versions
Siemens Scalance Xc 200	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xp 200 Firmware	Before 3.0

Running on/with	Platform Versions
Siemens Scalance Xp 200	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xf 200ba Firmware	Before 3.0

Running on/with	Platform Versions
Siemens Scalance Xf 200ba	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr 300wg Firmware	Before 3.0

Running on/with	Platform Versions
Siemens Scalance Xr 300wg	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance X 400 Firmware	Before 6.0

Running on/with	Platform Versions
Siemens Scalance X 400	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xm 400 Firmware	Before 6.0

Running on/with	Platform Versions
Siemens Scalance Xm 400	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr524 Firmware	Before 6.0

Running on/with	Platform Versions
Siemens Scalance Xr524	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr526 Firmware	Before 6.0

Running on/with	Platform Versions
Siemens Scalance Xr526	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr528 Firmware	Before 6.0

Running on/with	Platform Versions
Siemens Scalance Xr528	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Xr552 Firmware	Before 6.0

Running on/with	Platform Versions
Siemens Scalance Xr552	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Cp 1616 Firmware	Before 2.8

Running on/with	Platform Versions
Siemens Simatic Cp 1616	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Cp 1604 Firmware	Before 2.8

Running on/with	Platform Versions
Siemens Simatic Cp 1604	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Cp 343 1 Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Cp 343 1	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Cp 343 1 Advanced Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Cp 343 1 Advanced	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Cp 343 1 Erpc Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Cp 343 1 Erpc	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Cp 343 1 Lean Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Cp 343 1 Lean	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Cp 443 1 Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Cp 443 1	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Cp 443 1 Advanced Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Cp 443 1 Advanced	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Cp 443 1 Opc Ua Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Cp 443 1 Opc Ua	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200al Im 157 1 Pn Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Et200al Im 157 1 Pn	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200m Im153 4 Pn Io Hf Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Et200m Im153 4 Pn Io Hf	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200m Im153 4 Pn Io St Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Et200m Im153 4 Pn Io St	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200mp Im155 5 Pn Hf Firmware	Before 4.2.0

Running on/with	Platform Versions
Siemens Simatic Et200mp Im155 5 Pn Hf	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200mp Im155 5 Pn St Firmware	Before 4.1.0

Running on/with	Platform Versions
Siemens Simatic Et200mp Im155 5 Pn St	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200s Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Et200s	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200sp Im155 6 Pn Basic Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Et200sp Im155 6 Pn Basic	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200sp Im155 6 Pn Hf Firmware	Before 3.3.1

Running on/with	Platform Versions
Siemens Simatic Et200sp Im155 6 Pn Hf	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200sp Im155 6 Pn St Firmware	Before 4.1.0

Running on/with	Platform Versions
Siemens Simatic Et200sp Im155 6 Pn St	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200ecopn Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Et200ecopn	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Et200pro Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Et200pro	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Im 154 3 Pn Hf Firmware	All versions

Running on/with	Platform Versions
Siemens Im 154 3 Pn Hf	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Im 154 4 Pn Hf Firmware	All versions

Running on/with	Platform Versions
Siemens Im 154 4 Pn Hf	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Mv440 Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Mv440	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Mv420 Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Mv420	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Pn/pn Coupler Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Pn/pn Coupler	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Rf180c Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Rf180c	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Rf182c Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Rf182c	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Rf600 Firmware	Before 3.0

Running on/with	Platform Versions
Siemens Simatic Rf600	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Sinamics Dcp Firmware	Before 1.3

Running on/with	Platform Versions
Siemens Sinamics Dcp	All versions

Related CWEs

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (4)

https://cert-portal.siemens.com/productcert/html/ssa-780073.html

Source: productcert@siemens.com

https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf

Source: productcert@siemens.com

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-780073.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.