CVE-2019-13946 Information
Description
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions) Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All Versions V4.5) Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All Versions V4.6) PROFINET Driver for Controller (All Versions V2.1) RUGGEDCOM RM1224 (All versions V4.3) SCALANCE M-800 / S615 (All versions V4.3) SCALANCE W700 IEEE 802.11n (All versions = V6.0.1) SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions) SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All Versions V5.3) SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions) SCALANCE XB-200 XC-200 XP-200 XF-200BA and XR-300WG (All Versions V3.0) SCALANCE XM-400 switch family (All Versions V6.0) SCALANCE XR-500 switch family (All Versions V6.0) SIMATIC ET200AL IM 157-1 PN (All versions) SIMATIC ET200M IM153-4 PN IO HF (incl. SIPLUS variants) (All versions) SIMATIC ET200M IM153-4 PN IO ST (incl. SIPLUS variants) (All versions) SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All Versions V4.2.0) SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants) (All Versions V4.1.0) SIMATIC ET200S (incl. SIPLUS variants) (All versions) SIMATIC ET200SP IM155-6 PN Basic (incl. SIPLUS variants) (All versions) SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All Versions V3.3.1) SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants) (All Versions V4.1.0) SIMATIC ET200ecoPN (except 6ES7141-6BG00-0BB0 6ES7141-6BH00-0BB0 6ES7142-6BG00-0BB0 6ES7142-6BR00-0BB0 6ES7143-6BH00-0BB0 6ES7146-6FF00-0AB0 and 6ES7148-6JD00-0AB0) (All versions) SIMATIC ET200pro IM 154-3 PN HF (All versions) SIMATIC ET200pro IM 154-4 PN HF (All versions) SIMATIC IPC Support Package for VxWorks (All versions) SIMATIC MV400 family (All versions) SIMATIC NET CP 1616 and CP 1604 (All Versions V2.8) SIMATIC NET CP 343-1 (incl. SIPLUS variants) (All versions) SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions) SIMATIC NET CP 343-1 ERPC (All versions) SIMATIC NET CP 343-1 LEAN (incl. SIPLUS variants) (All versions) SIMATIC NET CP 443-1 (incl. SIPLUS variants) (All versions) SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions) SIMATIC NET CP 443-1 OPC UA (All versions) SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant) (All Versions) SIMATIC RF180C (All versions) SIMATIC RF182C (All versions) SIMATIC RF600 family (All versions V3) SINAMICS DCP (All Versions V1.3) SOFTNET-IE PNIO (All versions). Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Reference
https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf https://www.us-cert.gov/ics/advisories/icsa-20-042-04
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
7.5
Share on: