Lucene search

[email protected]NVD:CVE-2019-10936

HistoryOct 10, 2019 - 2:15 p.m.

CVE-2019-10936

2019-10-1014:15:14

CWE-400

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%

JSON

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SIMATIC CFU PA, SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET200AL, SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants), SIMATIC ET200pro, SIMATIC ET200S (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN BA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC PROFINET Driver, SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-400 CPU 412-2 PN V7, SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010, SIMATIC WinAC RTX F 2010, SINAMICS DCM, SINAMICS DCP, SINAMICS G110M V4.7 PN Control Unit, SINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants), SINAMICS G130 V4.7 Control Unit, SINAMICS G150 Control Unit, SINAMICS GH150 V4.7 Control Unit, SINAMICS GL150 V4.7 Control Unit, SINAMICS GM150 V4.7 Control Unit, SINAMICS S110 Control Unit, SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS S150 Control Unit, SINAMICS SL150 V4.7 Control Unit, SINAMICS SM120 V4.7 Control Unit, SINUMERIK 828D, SINUMERIK 840D sl, SIPLUS ET 200S IM151-8 PN/DP CPU, SIPLUS ET 200S IM151-8F PN/DP CPU, SIPLUS NET PN/PN Coupler, SIPLUS S7-300 CPU 314C-2 PN/DP, SIPLUS S7-300 CPU 315-2 PN/DP, SIPLUS S7-300 CPU 315F-2 PN/DP, SIPLUS S7-300 CPU 317-2 PN/DP, SIPLUS S7-300 CPU 317F-2 PN/DP, SIPLUS S7-400 CPU 414-3 PN/DP V7, SIPLUS S7-400 CPU 416-3 PN/DP V7. Affected devices improperly handle large amounts of specially crafted UDP packets.

This could allow an unauthenticated remote attacker to trigger a denial of service condition.

Affected configurations

NVD

Node

siemensdk_standard_ethernet_controller_firmware

AND

siemensdk_standard_ethernet_controllerMatch-

Node

siemensek-ertec_200_firmware

AND

siemensek-ertec_200Match-

Node

siemensek-ertec_200p_firmwareRange<4.6

siemensek-ertec_200p_firmwareMatch4.6-

AND

siemensek-ertec_200pMatch-

Node

siemenssimatic_cfu_pa_firmwareRange<1.2.0

AND

siemenssimatic_cfu_paMatch-

Node

siemenssimatic_et_200al_firmware

AND

siemenssimatic_et_200alMatch-

Node

siemenssimatic_et_200m_firmware

AND

siemenssimatic_et_200mMatch-

Node

siemenssimatic_et_200mp_im_155-5_pn_ba_firmwareRange<4.3.0

AND

siemenssimatic_et_200mp_im_155-5_pn_baMatch-

Node

siemenssimatic_et_200mp_im_155-5_pn_hf_firmwareRange<4.4.0

AND

siemenssimatic_et_200mp_im_155-5_pn_hfMatch-

Node

siemenssimatic_et_200mp_im_155-5_pn_st_firmware

AND

siemenssimatic_et_200mp_im_155-5_pn_stMatch-

Node

siemenssimatic_et_200s_firmware

AND

siemenssimatic_et_200sMatch-

Node

siemenssimatic_et_200sp_im_155-6_pn_ba_firmware

AND

siemenssimatic_et_200sp_im_155-6_pn_baMatch-

Node

siemenssimatic_et_200sp_im_155-6_pn_ha_firmware

AND

siemenssimatic_et_200sp_im_155-6_pn_haMatch-

Node

siemenssimatic_et_200sp_im_155-6_pn_hf_firmwareRange<4.2.2

AND

siemenssimatic_et_200sp_im_155-6_pn_hfMatch-

Node

siemenssimatic_et_200sp_im_155-6_pn_hs_firmware

AND

siemenssimatic_et_200sp_im_155-6_pn_hsMatch-

Node

siemenssimatic_et_200sp_im_155-6_pn_st_firmware

AND

siemenssimatic_et_200sp_im_155-6_pn_stMatch-

Node

siemenssimatic_et_200sp_im_155-6_pn\/2_hf_firmwareRange<4.2.2

AND

siemenssimatic_et_200sp_im_155-6_pn\/2_hfMatch-

Node

siemenssimatic_et_200sp_im_155-6_pn\/3_hf_firmwareRange<4.2.1

AND

siemenssimatic_et_200sp_im_155-6_pn\/3_hfMatch-

Node

siemenssimatic_et_200ecopn_firmware

AND

siemenssimatic_et_200ecopnMatch-

Node

siemenssimatic_et_200pro_firmware

AND

siemenssimatic_et_200proMatch-

Node

siemenssimatic_hmi_comfort_outdoor_panels_7\"_firmware

AND

siemenssimatic_hmi_comfort_outdoor_panels_7\"Match-

Node

siemenssimatic_hmi_comfort_outdoor_panels_15\"_firmware

AND

siemenssimatic_hmi_comfort_outdoor_panels_15\"Match-

Node

siemenssimatic_hmi_comfort_panels_4\"_firmware

AND

siemenssimatic_hmi_comfort_panels_4\"Match-

Node

siemenssimatic_hmi_comfort_panels_22\"_firmware

AND

siemenssimatic_hmi_comfort_panels_22\"Match-

Node

siemenssimatic_hmi_ktp_mobile_panels_firmware

AND

siemenssimatic_hmi_ktp_mobile_panelsMatch-

Node

siemenssimatic_pn\/pn_coupler_firmwareRange<4.2.1

AND

siemenssimatic_pn\/pn_couplerMatch-

Node

siemenssimatic_profinet_driver_firmwareRange<2.1

AND

siemenssimatic_profinet_driverMatch-

Node

siemenssimatic_s7-1200_cpu_firmwareRange<4.4.0

AND

siemenssimatic_s7-1200_cpuMatch-

Node

siemenssimatic_s7-1200_cpu_1211c_firmwareRange<4.4.0

AND

siemenssimatic_s7-1200_cpu_1211cMatch-

Node

siemenssimatic_s7-1200_cpu_1212c_firmwareRange<4.4.0

AND

siemenssimatic_s7-1200_cpu_1212cMatch-

Node

siemenssimatic_s7-1200_cpu_1214c_firmwareRange<4.4.0

AND

siemenssimatic_s7-1200_cpu_1214cMatch-

Node

siemenssimatic_s7-1500_cpu_firmwareRange<2.0

AND

siemenssimatic_s7-1500_cpuMatch-

Node

siemenssimatic_s7-1500s_cpu_firmwareRange<2.0

AND

siemenssimatic_s7-1500s_cpuMatch-

Node

siemenssimatic_s7-1500t_cpu_firmwareRange<2.0

AND

siemenssimatic_s7-1500t_cpuMatch-

Node

siemenssimatic_s7-1500_cpu_1518_firmwareRange<2.0

AND

siemenssimatic_s7-1500_cpu_1518Match-

Node

siemenssimatic_s7-1500_cpu_1511c_firmwareRange<2.0

AND

siemenssimatic_s7-1500_cpu_1511cMatch-

Node

siemenssimatic_s7-1500_cpu_1512c_firmwareRange<2.0

AND

siemenssimatic_s7-1500_cpu_1512cMatch-

Node

siemenssimatic_s7-300_cpu_firmwareRange<3.3.17

AND

siemenssimatic_s7-300_cpuMatch-

Node

siemenssimatic_s7-300_cpu_312_ifm_firmwareRange<3.3.17

AND

siemenssimatic_s7-300_cpu_312_ifmMatch-

Node

siemenssimatic_s7-300_cpu_313_firmwareRange<3.3.17

AND

siemenssimatic_s7-300_cpu_313Match-

Node

siemenssimatic_s7-300_cpu_314_firmwareRange<3.3.17

AND

siemenssimatic_s7-300_cpu_314Match-

Node

siemenssimatic_s7-300_cpu_314_ifm_firmwareRange<3.3.17

AND

siemenssimatic_s7-300_cpu_314_ifmMatch-

Node

siemenssimatic_s7-300_cpu_315_firmwareRange<3.3.17

AND

siemenssimatic_s7-300_cpu_315Match-

Node

siemenssimatic_s7-300_cpu_315-2_dp_firmwareRange<3.3.17

AND

siemenssimatic_s7-300_cpu_315-2_dpMatch-

Node

siemenssimatic_s7-300_cpu_316-2_dp_firmwareRange<3.3.17

AND

siemenssimatic_s7-300_cpu_316-2_dpMatch-

Node

siemenssimatic_s7-300_cpu_318-2_firmwareRange<3.3.17

AND

siemenssimatic_s7-300_cpu_318-2Match-

Node

siemenssimatic_s7-400_pn_v7_firmware

AND

siemenssimatic_s7-400_pn_v7Match-

Node

siemenssimatic_s7-400_dp_v7_firmware

AND

siemenssimatic_s7-400_dp_v7Match-

Node

siemenssimatic_s7-400_v6_firmwareRange<6.0.9

AND

siemenssimatic_s7-400_v6Match-

Node

siemenssimatic_s7-400h_v6_firmwareRange<6.0.9

AND

siemenssimatic_s7-400h_v6Match-

Node

siemenssimatic_s7-410_v8_firmwareRange<8.2.2

AND

siemenssimatic_s7-410_v8Match-

Node

siemenssimatic_winac_rtx_\(f\)_firmwareRange<2010

siemenssimatic_winac_rtx_\(f\)_firmwareMatch2010-

AND

siemenssimatic_winac_rtx_\(f\)_2010Match-

Node

siemenssinamics_dcm_firmwareRange<1.5

siemenssinamics_dcm_firmwareMatch1.5-

AND

siemenssinamics_dcmMatch-

Node

siemenssinamics_dcp_firmwareRange<1.3

AND

siemenssinamics_dcpMatch-

Node

siemenssinamics_g110m_firmwareRange<4.7

siemenssinamics_g110m_firmwareMatch4.7-

AND

siemenssinamics_g110mMatch-

Node

siemenssinamics_g120_firmwareRange<4.7

siemenssinamics_g120_firmwareMatch4.7-

AND

siemenssinamics_g120Match-

Node

siemenssinamics_g130_firmwareRange<5.2

siemenssinamics_g130_firmwareMatch5.2-

AND

siemenssinamics_g130Match-

Node

siemenssinamics_g150_firmwareRange<5.2

siemenssinamics_g150_firmwareMatch5.2-

AND

siemenssinamics_g150Match-

Node

siemenssinamics_gl150_firmwareRange<4.8

siemenssinamics_gl150_firmwareMatch4.8-

AND

siemenssinamics_gl150Match-

Node

siemenssinamics_gm150_firmwareRange<4.8

siemenssinamics_gm150_firmwareMatch4.8-

AND

siemenssinamics_gm150Match-

Node

siemenssinamics_s110_firmware

AND

siemenssinamics_s110Match-

Node

siemenssinamics_s120_firmwareRange<5.2

siemenssinamics_s120_firmwareMatch5.2-

AND

siemenssinamics_s120Match-

Node

siemenssinamics_s150_firmwareRange<5.2

siemenssinamics_s150_firmwareMatch5.2-

AND

siemenssinamics_s150Match-

Node

siemenssinamics_sl150_firmwareRange<4.7

siemenssinamics_sl150_firmwareMatch4.7-

AND

siemenssinamics_sl150Match-

Node

siemenssinamics_sm120_firmwareMatch-

AND

siemenssinamics_sm120Match-

Node

siemenssinumerik_828dRange<4.8

siemenssinumerik_828dMatch4.8-

siemenssinumerik_828dMatch4.8sp1

siemenssinumerik_828dMatch4.8sp2

siemenssinumerik_828dMatch4.8sp3

siemenssinumerik_828dMatch4.8sp4

Node

siemenssinumerik_840d_sl

References

cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%

JSON

Related for NVD:CVE-2019-10936

nessus3 ics1 cvelist1 symantec1 prion1 cve1