Ek Ertec 200 Firmware

ek-ertec_200_firmware

Vendor: Siemens • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-13946 1Siemens 52Dk Standard Ethernet Controller Ek Ertec 200 FirmwareEk Ertec 200p Firmware+49 more Nov 21, 2024 Feb 11, 2020 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of ser...Show more Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.Show less
CVE-2019-10936 1Siemens 66Dk Standard Ethernet Controller Firmware Ek Ertec 200 FirmwareEk Ertec 200p Firmware+63 more Nov 21, 2024 Oct 10, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.
CVE-2019-10923 1Siemens 40Cp1604 Firmware Cp1616 FirmwareDk Standard Ethernet Controller Firmware+37 more Nov 21, 2024 Oct 10, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.