Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2019-19281
HistoryMar 10, 2020 - 8:15 p.m.

CVE-2019-19281

2020-03-1020:15:18
CWE-400
[email protected]
web.nvd.nist.gov
3

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

47.2%

JSON

A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V2.5 and < V20.8), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 and < V2.8), SIMATIC S7-1500 Software Controller (All versions >= V2.5 and < V20.8). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a Denial-of-Service condition. The vulnerability can be triggered if specially crafted UDP packets are sent to the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the device availability.

Affected configurations

Nvd
Node
siemenssimatic_et_200sp_open_controller_cpu_1515sp_pc2_firmwareRange2.520.8
AND
siemenssimatic_et_200sp_open_controller_cpu_1515sp_pc2Match-
Node
siemenssimatic_s7-1500_cpu_1511-1_pn_firmwareRange2.52.8
AND
siemenssimatic_s7-1500_cpu_1511-1_pnMatch-
Node
siemenssimatic_s7-1500_cpu_1513-1_pn_firmwareRange2.52.8
AND
siemenssimatic_s7-1500_cpu_1513-1_pnMatch-
Node
siemenssimatic_s7-1500_cpu_1515-2_pn_firmwareRange2.52.8
AND
siemenssimatic_s7-1500_cpu_1515-2_pnMatch-
Node
siemenssimatic_s7-1500_cpu_1516-3_pn_firmwareRange2.52.8
AND
siemenssimatic_s7-1500_cpu_1516-3_pnMatch-
Node
siemenssimatic_s7-1500_cpu_1516-3_dp_firmwareRange2.52.8
AND
siemenssimatic_s7-1500_cpu_1516-3_dpMatch-
Node
siemenssimatic_s7-1500_cpu_1517-3_pn_firmwareRange2.52.8
AND
siemenssimatic_s7-1500_cpu_1517-3_pnMatch-
Node
siemenssimatic_s7-1500_cpu_1517-3_dp_firmwareRange2.52.8
AND
siemenssimatic_s7-1500_cpu_1517-3_dpMatch-
Node
siemenssimatic_s7-1500_cpu_1518-4_pn_firmwareRange2.52.8
AND
siemenssimatic_s7-1500_cpu_1518-4_pnMatch-
Node
siemenssimatic_s7-1500_cpu_1518-4_dp_firmwareRange2.52.8
AND
siemenssimatic_s7-1500_cpu_1518-4_dpMatch-
Node
siemenssimatic_s7-1500_cpu_1507s_firmwareRange2.520.8
AND
siemenssimatic_s7-1500_cpu_1507sMatch-
Node
siemenssimatic_s7-1500_cpu_1508s_firmwareRange2.520.8
AND
siemenssimatic_s7-1500_cpu_1508sMatch-
Node
siemenssimatic_s7-1500_cpu_1507s_f_firmwareRange2.520.8
AND
siemenssimatic_s7-1500_cpu_1507s_fMatch-
Node
siemenssimatic_s7-1500_cpu_1508s_f_firmwareRange2.520.8
AND
siemenssimatic_s7-1500_cpu_1508s_fMatch-
VendorProductVersionCPE
siemenssimatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware*cpe:2.3:o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*
siemenssimatic_et_200sp_open_controller_cpu_1515sp_pc2-cpe:2.3:h:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*
siemenssimatic_s7-1500_cpu_1511-1_pn_firmware*cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511-1_pn_firmware:*:*:*:*:*:*:*:*
siemenssimatic_s7-1500_cpu_1511-1_pn-cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511-1_pn:-:*:*:*:*:*:*:*
siemenssimatic_s7-1500_cpu_1513-1_pn_firmware*cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513-1_pn_firmware:*:*:*:*:*:*:*:*
siemenssimatic_s7-1500_cpu_1513-1_pn-cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513-1_pn:-:*:*:*:*:*:*:*
siemenssimatic_s7-1500_cpu_1515-2_pn_firmware*cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515-2_pn_firmware:*:*:*:*:*:*:*:*
siemenssimatic_s7-1500_cpu_1515-2_pn-cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2_pn:-:*:*:*:*:*:*:*
siemenssimatic_s7-1500_cpu_1516-3_pn_firmware*cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516-3_pn_firmware:*:*:*:*:*:*:*:*
siemenssimatic_s7-1500_cpu_1516-3_pn-cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 281

Related

nessus 2
prion 1
ics 1
cvelist 1
cve 1
nessus
nessus
Siemens SIMATIC S7-1500 Uncontrolled Resource Consumption (CVE-2019-19281)
2022-02-07 00:00:00
Siemens Simatic Uncontrolled Resource Consumption
2020-05-27 00:00:00
prion
prion
Race condition
2020-03-10 20:15:00
ics
ics
Siemens SIMATIC S7-1500 (Update A)
2020-03-10 12:00:00
cvelist
cvelist
CVE-2019-19281
2020-03-10 19:16:17
cve
cve
CVE-2019-19281
2020-03-10 20:15:18

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

47.2%

JSON
Related for NVD:CVE-2019-19281
nessus2prion1ics1cvelist1cve1