CVE-2019-13940

🗓️ 11 Feb 2020 15:36:10Reported by siemensType

Vulnerability in SIMATIC devices could cause web server denial of servic

Reporter	Title	Published	Views	Family All 11
CNVD	Multiple Siemens Products Resource Consumption Vulnerability	12 Feb 202000:00	–	cnvd
Cvelist	CVE-2019-13940	11 Feb 202015:36	–	cvelist
EUVD	EUVD-2019-5207	7 Oct 202500:30	–	euvd
ICS	Siemens SIMATIC S7 (Update B)	11 Feb 202000:00	–	ics
NVD	CVE-2019-13940	11 Feb 202016:15	–	nvd
OSV	CVE-2019-13940	11 Feb 202016:15	–	osv
Tenable Nessus	Siemens S7-1200 Uncontrolled Resource Consumption	27 May 202000:00	–	nessus
Tenable Nessus	Siemens SIMATIC S7 Uncontrolled Resource Consumption (CVE-2019-13940)	7 Feb 202200:00	–	nessus
Prion	Race condition	11 Feb 202016:15	–	prion
Positive Technologies	PT-2020-9415 · Siemens · Simatic S7-300 Cpu 317Tf-3 Pn/Dp +14	11 Feb 202000:00	–	ptsecurity

NVD

Node

siemens s7-1200_cpu_1211c_firmwareRange<4.1

AND

siemens s7-1200_cpu_1211cMatch-

Node

siemens s7-1200_cpu_1212c_firmwareRange<4.1

AND

siemens s7-1200_cpu_1212cMatch-

Node

siemens s7-1200_cpu_1214c_firmwareRange<4.1

AND

siemens s7-1200_cpu_1214cMatch-

Node

siemens s7-1200_cpu_1215c_firmwareRange<4.1

AND

siemens s7-1200_cpu_1215cMatch-

Node

siemens s7-1200_cpu_1217c_firmwareRange<4.1

AND

siemens s7-1200_cpu_1217cMatch-

Node

siemens s7-1200_cpu_1212fc_firmwareRange<4.1

AND

siemens s7-1200_cpu_1212fcMatch-

Node

siemens s7-1200_cpu_1214fc_firmwareRange<4.1

AND

siemens s7-1200_cpu_1214fcMatch-

Node

siemens s7-1200_cpu_1215fc_firmwareRange<4.1

AND

siemens s7-1200_cpu_1215fcMatch-

Node

siemens siplus_s7-1200_firmwareRange<4.1

AND

siemens siplus_s7-1200Match-

Node

siemens siplus_cpu_1211c_firmwareRange<4.1

AND

siemens siplus_cpu_1211cMatch-

Node

siemens siplus_cpu_1212c_firmwareRange<4.1

AND

siemens siplus_cpu_1212cMatch-

Node

siemens siplus_cpu_1214c_firmwareRange≤4.1

AND

siemens siplus_cpu_1214cMatch-

Node

siemens siplus_cpu_1215c_firmwareRange<4.1

AND

siemens siplus_cpu_1215cMatch-

Node

siemens simatic_s7-300_cpu_319-3_pn/dp_firmware

AND

siemens simatic_s7-300_cpu_319-3_pn/dpMatch-

Node

siemens simatic_s7-300_cpu_315-2dp_firmware

AND

siemens simatic_s7-300_cpu_315-2dpMatch-

Node

siemens simatic_s7-300_cpu_315-2_pn/dp_firmware

AND

siemens simatic_s7-300_cpu_315-2_pn/dpMatch-

Node

siemens simatic_s7-300_cpu_317-2_dp_firmware

AND

siemens simatic_s7-300_cpu_317-2_dpMatch-

Node

siemens simatic_s7-300_cpu_317-2_pn/dp_firmware

AND

siemens simatic_s7-300_cpu_317-2_pn/dpMatch-

Node

siemens simatic_s7-300_cpu_319-3_pn/dp_firmware

AND

siemens simatic_s7-300_cpu_319-3_pn/dpMatch-

Node

siemens siplus_s7-300_cpu_314_firmware

AND

siemens siplus_s7-300_cpu_314Match-

Node

siemens siplus_s7-300_cpu_315-2_dp_firmware

AND

siemens siplus_s7-300_cpu_315-2_dpMatch-

Node

siemens siplus_s7-300_cpu_315-2_pn/dp_firmware

AND

siemens siplus_s7-300_cpu_315-2_pn/dpMatch-

Node

siemens siplus_s7-300_cpu_317-2_pn/dp_firmware

AND

siemens siplus_s7-300_cpu_317-2_pn/dpMatchv6

Node

siemens simatic_s7-400_pn/dp_cpu_firmware

AND

siemens simatic_s7-400_pn/dp_cpuMatchv7

Node

siemens simatic_winac_rtx_(f)_2010

[
  {
    "vendor": "Siemens",
    "product": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC ET 200S IM151-8 PN/DP CPU",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC ET 200S IM151-8F PN/DP CPU",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
    "versions": [
      {
        "version": "All versions < V4.1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-300 CPU 314C-2 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-300 CPU 315-2 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-300 CPU 315F-2 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-300 CPU 315T-3 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-300 CPU 317-2 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-300 CPU 317F-2 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-300 CPU 317T-3 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-300 CPU 319-3 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-300 CPU 319F-3 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)",
    "versions": [
      {
        "version": "All versions",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
    "versions": [
      {
        "version": "All versions",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC WinAC RTX 2010",
    "versions": [
      {
        "version": "All versions",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC WinAC RTX F 2010",
    "versions": [
      {
        "version": "All versions",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIPLUS ET 200S IM151-8 PN/DP CPU",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIPLUS ET 200S IM151-8F PN/DP CPU",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIPLUS S7-300 CPU 314C-2 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIPLUS S7-300 CPU 315-2 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIPLUS S7-300 CPU 315F-2 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIPLUS S7-300 CPU 317-2 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIPLUS S7-300 CPU 317F-2 PN/DP",
    "versions": [
      {
        "version": "All versions < V3.X.17",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf

21 Nov 2024 04:25Current

7.3High risk

Vulners AI Score7.3

CVSS 25

CVSS 3.15.3 - 7.5

EPSS0.00604

CWE-400

cve-2019-13940 simatic et 200pro im154 im151 s7-1200 s7-300 s7-400 winac rtx siplus denial of service web server http vulnerability nvd