Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2019-6569.NASL
HistoryApr 11, 2023 - 12:00 a.m.

Siemens SCALANCE X Expected Behavior Violation (CVE-2019-6569)

2023-04-1100:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28
siemens
scalance x
monitor barrier
data forwarding
malicious packets
mirrored network
advisory
tenable.ot

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.0%

JSON

The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior.

Matching for this plugin is performed on model name, as they are listed in the Siemens advisory. For the exact MLFBs matching, please refer to the Siemens ssa-557804.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501032);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");

  script_cve_id("CVE-2019-6569");

  script_name(english:"Siemens SCALANCE X Expected Behavior Violation (CVE-2019-6569)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"The monitor barrier of the affected products insufficiently blocks
data from being forwarded over the mirror port into the mirrored
network. An attacker could use this behavior to transmit malicious
packets to systems in the mirrored network, possibly influencing their
configuration and runtime behavior.

Matching for this plugin is performed on model name, as they are
listed in the Siemens advisory. For the exact MLFBs matching, please
refer to the Siemens ssa-557804. 

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-557804.pdf");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-19-085-01");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Siemens has provided the following specific updates that users can implement to mitigate this vulnerability:

Users of the following products Update to v5.2.6 or later

- SCALANCE X204-2 (6GK5204-2BB10-2AA3)
- SCALANCE X204-2FM (6GK5204-2BB11- 2AA3)
- SCALANCE X204-2LD (6GK5204-2BC10- 2AA3)
- SCALANCE X204-2LD TS (6GK5204-2BC10- 2CA2)
- SCALANCE X204-2TS (6GK5204-2BB10- 2CA2)
- SCALANCE X206-1 (6GK5206-1BB10-2AA3)
- SCALANCE X206-1LD (6GK5206-1BC10- 2AA3)
- SCALANCE X208 (6GK5208-0BA10-2AA3)
- SCALANCE X208PRO (6GK5208-0HA10- 2AA6)
- SCALANCE X212-2 (6GK5212-2BB00-2AA3)
- SCALANCE X212-2LD (6GK5212-2BC00- 2AA3)
- SCALANCE X216 (6GK5216-0BA00-2AA3)
- SCALANCE X224 (6GK5224-0BA00-2AA3)

Users of the following products Update to v4.1.3 or later

- SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3)
- SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3)
- SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3)
- SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3)
- SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3)
- SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3)
- SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3)
- SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3)
- SCALANCE X304-2FE (6GK5304-2BD00-2AA3)
- SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3)
- SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3)
- SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3)
- SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3)
- SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3)
- SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3)
- SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3)
- SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3)
- SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3)
- SCALANCE X307-3 (6GK5307-3BL00-2AA3)
- SCALANCE X307-3 (6GK5307-3BL10-2AA3)
- SCALANCE X307-3LD (6GK5307-3BM00-2AA3)
- SCALANCE X307-3LD (6GK5307-3BM10-2AA3)
- SCALANCE X308-2 (6GK5308-2FL00-2AA3)
- SCALANCE X308-2 (6GK5308-2FL10-2AA3)
- SCALANCE X308-2LD (6GK5308-2FM00-2AA3)
- SCALANCE X308-2LD (6GK5308-2FM10-2AA3)
- SCALANCE X308-2LH (6GK5308-2FN00-2AA3)
- SCALANCE X308-2LH (6GK5308-2FN10-2AA3)
- SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3)
- SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3)
- SCALANCE X308-2M (6GK5308-2GG00-2AA2)
- SCALANCE X308-2M (6GK5308-2GG10-2AA2)
- SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2)
- SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2)
- SCALANCE X308-2M TS (6GK5308-2GG00-2CA2)
- SCALANCE X308-2M TS (6GK5308-2GG10-2CA2)
- SCALANCE X310 (6GK5310-0FA00-2AA3)
- SCALANCE X310 (6GK5310-0FA10-2AA3)
- SCALANCE X310FE (6GK5310-0BA00-2AA3)
- SCALANCE X310FE (6GK5310-0BA10-2AA3)
- SCALANCE X320-1 FE (6GK5320-1BD00-2AA3)
- SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3)
- SCALANCE X408-2 (6GK5408-2FD00-2AA2)
- SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2) 
- SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2) 
- SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2) 
- SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2)
- SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)(6GK5324-4GG00-4ER2)
- SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)(6GK5324-4GG10-4ER2)
- SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)(6GK5324-4GG00-4JR2)
- SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)(6GK5324-4GG10-4JR2)
- SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2)
- SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2)
- SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2) 
- SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2) 
- SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)(6GK5324-4GG00-3ER2)
- SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)(6GK5324-4GG10-3ER2) 
- SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2)
- SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2)
- SCALANCE XR324-4M PoE (24V, ports on front) (6GK5 324-4QG10-1AR2)
- SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2)
- SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5 324-4QG10-1HR2)
- SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2)
- SCALANCE XR324-4M PoE (230V, ports on front) (6GK5 324-4QG10-3AR2)
- SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2)
- SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5 324-4QG10-3HR2)
- SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2)
- SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5 324-4QG10-1CR2)
- SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2)
- SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2)
- SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2)
- SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2)
- SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2)
- SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2)
- SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2)
- SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2)
- SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2)
- SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2)
- SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2)
- SIPLUS NET SCALANCE X308-2 (6AG1308-2FL10-4AA3)

Users of the following products update to v4.1 or later

- SCALANCE XB205-3 (SC) (6GK5205-3BD00-2AB2)
- SCALANCE XB205-3 (SC) (6GK5205-3BD00-2TB2)
- SCALANCE XB205-3 (ST/BFOC) (6GK5205-3BB00-2AB2)
- SCALANCE XB205-3 (ST/BFOC) (6GK5205-3BB00-2TB2)
- SCALANCE XB205-3LD (6GK5205-3BF00-2AB2)
- SCALANCE XB205-3LD (6GK5205-3BF00-2TB2)
- SCALANCE XB208 (6GK5208-0BA00-2AB2)
- SCALANCE XB208 (6GK5208-0BA00-2TB2)
- SCALANCE XB213-3 (SC) (6GK5213-3BD00-2AB2)
- SCALANCE XB213-3 (SC) (6GK5213-3BD00-2TB2)
- SCALANCE XB213-3 (ST/BFOC) (6GK5213-3BB00-2AB2)
- SCALANCE XB213-3 (ST/BFOC) (6GK5213-3BB00-2TB2)
- SCALANCE XB213-3LD (6GK5213-3BF00-2AB2)
- SCALANCE XB213-3LD (6GK5213-3BF00-2TB2)
- SCALANCE XB216 (6GK5216-0BA00-2AB2)
- SCALANCE XB216 (6GK5216-0BA00-2TB2)
- SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2)
- SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2)
- SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2)
- SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2)
- SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2)
- SCALANCE XC206-2SFP G (6GK5206-2GS00-2TC2)
- SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2)
- SCALANCE XC208 (6GK5208-0BA00-2AC2)
- SCALANCE XC208EEC (6GK5208-0BA00-2FC2)
- SCALANCE XC208G (6GK5208-0GA00-2AC2)
- SCALANCE XC208G (6GK5208-0GA00-2TC2)
- SCALANCE XC208G EEC (6GK5208-0GA00-2FC2)
- SCALANCE XC216 (6GK5216-0BA00-2AC2)
- SCALANCE XC216-4C (6GK5216-4BS00-2AC2)
- SCALANCE XC216-4C G (6GK5216-4GS00-2AC2)
- SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2)
- SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2)
- SCALANCE XC216EEC (6GK5216-0BA00-2FC2)
- SCALANCE XC224 (6GK5224-0BA00-2AC2)
- SCALANCE XC224-4C G (6GK5224-4GS00-2AC2)
- SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2)
- SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2)
- SCALANCE XF204 (6GK5204-0BA00-2GF2)
- SCALANCE XF204 DNA (6GK5204-0BA00-2YF2)
- SCALANCE XF204-2BA (6GK5204-2AA00-2GF2)
- SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2)
- SCALANCE XP208 (6GK5208-0HA00-2AS6)
- SCALANCE XP208 (6GK5208-0HA00-2TS6)
- SCALANCE XP208EEC (6GK5208-0HA00-2ES6)
- SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6)
- SCALANCE XP216 (6GK5216-0HA00-2AS6)
- SCALANCE XP216 (6GK5216-0HA00-2TS6)
- SCALANCE XP216EEC (6GK5216-0HA00-2ES6)
- SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6)
- SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3)
- SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3)
- SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3)
- SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3)
- SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3)
- SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3)
- SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3)
- SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3)
- SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2)
- SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2)
- SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2)
- SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2)

Siemens has identified the following specific workarounds/mitigation users can implement to reduce the risk:

- Make sure that no devices that transmit data back into the mirroring network are operated within the mirrored network.

As a general security measure, Siemens strongly recommends users protect network access to devices with appropriate
mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends users configure the
environment according to SiemensҀ™ operational guidelines for Industrial Security, and follow the recommendations in the
product manuals.

Additional information on industrial security by Siemens is available at: https://www.siemens.com/industrialsecurity

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact Siemens.

For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security
Advisory SSA-557804");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-6569");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(440);

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/03/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/04/11");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x-200_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_x-300_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc-200_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf-200_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp-200_series_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Siemens');

var asset = tenable_ot::assets::get(vendor:'Siemens');

var vuln_models = {
    "SCALANCE X204-2" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X204-2 FM" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X204-2LD" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X204-2LD TS" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X204-2TS" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X206-1" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X206-1LD" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X208" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X208PRO" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X212-2" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X212-2LD" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X216" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X224" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE X302-7 EEC" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X304-2FE" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X306-1LD FE" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X307-2 EEC" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X307-3" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X307-3LD" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X308-2" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X308-2LD" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X308-2LH" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X308-2LH+" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X308-2M" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X308-2M PoE" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X308-2M TS" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X310" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X310FE" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X320-1 FE" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X320-1-2LD FE" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE X408-2" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX400"},
    "SCALANCE XB205-3" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XB205-3LD" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XB208" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XB213-3" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XB213-3LD" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XB216" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC206-2" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC206-2SFP" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC206-2SFP EEC" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC206-2SFP G" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC206-2SFP G EEC" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC208" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC208EEC" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC208G" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC208G EEC" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC216" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC216-4C G" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC216-4C G EEC" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC216EEC" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC224" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC224-4C G" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XC224-4C G EEC" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XF204" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE XF204 DNA" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XF204-2" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE XF204-2BA" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XF204-2BA DNA" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XF206-1" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE XF208" :
        {"versionEndExcluding" : "5.2.6", "family" : "SCALANCEX200"},
    "SCALANCE XP208" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XP208EEC" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XP216" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XP216EEC" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XP216POE EEC" :
        {"versionEndExcluding" : "4.1", "family" : "SCALANCEX200"},
    "SCALANCE XR324-12M" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE XR324-12M TS" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE XR324-4M EEC" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE XR324-4M PoE" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE XR324-4M PoE TS" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE XR324WG" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
    "SCALANCE XR328-4C WG" :
        {"versionEndExcluding" : "4.1.3", "family" : "SCALANCEX300"},
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_models, severity:SECURITY_WARNING);
VendorProductVersionCPE
siemensscalance_x-200_series_firmwarecpe:/o:siemens:scalance_x-200_series_firmware
siemensscalance_x-300_series_firmwarecpe:/o:siemens:scalance_x-300_series_firmware
siemensscalance_xc-200_series_firmwarecpe:/o:siemens:scalance_xc-200_series_firmware
siemensscalance_xf-200_series_firmwarecpe:/o:siemens:scalance_xf-200_series_firmware
siemensscalance_xp-200_series_firmwarecpe:/o:siemens:scalance_xp-200_series_firmware

Related

cvelist 1
prion 1
cve 1
ics 1
nvd 1
cvelist
cvelist
CVE-2019-6569
2019-03-26 21:12:43
prion
prion
Design/Logic Flaw
2019-03-26 22:29:00
cve
cve
CVE-2019-6569
2019-03-26 22:29:00
ics
ics
Siemens SCALANCE X (Update D)
2022-07-14 12:00:00
nvd
nvd
CVE-2019-6569
2019-03-26 22:29:00

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.0%

JSON
Related for TENABLE_OT_SIEMENS_CVE-2019-6569.NASL
cvelist1prion1cve1ics1nvd1