ICSA-19-253-03
Vulnerability from csaf_cisa
Published
2019-09-10 00:00
Modified
2022-05-12 00:00
Summary
ICSA-19-253-03_Siemens Industrial Products (Update P)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Risk evaluation
Successful exploitation of these vulnerabilities could cause denial-of-service condition.
Exploitability
No known public exploits specifically target these vulnerabilities.
{ "document": { "acknowledgments": [ { "organization": "Siemens", "summary": "reporting theses vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could cause denial-of-service condition.", "title": "Risk evaluation" }, { "category": "other", "text": "No known public exploits specifically target these vulnerabilities.", "title": "Exploitability" } ], "publisher": { "category": "coordinator", "contact_details": "CISAservicedesk@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-19-253-03 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-253-03.json" }, { "category": "self", "summary": "ICS Advisory ICSA-19-253-03 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-253-03" } ], "title": "ICSA-19-253-03_Siemens Industrial Products (Update P)", "tracking": { "current_release_date": "2022-05-12T00:00:00.000000Z", "generator": { "engine": { "name": "CISA USCert CSAF Generator", "version": "1" } }, "id": "ICSA-19-253-03", "initial_release_date": "2019-09-10T00:00:00.000000Z", "revision_history": [ { "date": "2019-09-10T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "ICSA-19-253-03 Siemens Industrial Products" }, { "date": "2019-10-08T00:00:00.000000Z", "legacy_version": "A", "number": "2", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update A)" }, { "date": "2019-11-14T00:00:00.000000Z", "legacy_version": "B", "number": "3", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update B)" }, { "date": "2019-12-10T00:00:00.000000Z", "legacy_version": "C", "number": "4", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update C)" }, { "date": "2020-02-11T00:00:00.000000Z", "legacy_version": "D", "number": "5", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update D)" }, { "date": "2020-03-10T00:00:00.000000Z", "legacy_version": "E", "number": "6", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update E)" }, { "date": "2020-04-14T00:00:00.000000Z", "legacy_version": "F", "number": "7", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update F)" }, { "date": "2020-06-09T00:00:00.000000Z", "legacy_version": "G", "number": "8", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update G)" }, { "date": "2020-08-11T00:00:00.000000Z", "legacy_version": "H", "number": "9", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update H)" }, { "date": "2020-09-08T00:00:00.000000Z", "legacy_version": "I", "number": "10", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update I)" }, { "date": "2020-10-13T00:00:00.000000Z", "legacy_version": "J", "number": "11", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update J)" }, { "date": "2020-12-08T00:00:00.000000Z", "legacy_version": "K", "number": "12", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update K)" }, { "date": "2021-04-13T00:00:00.000000Z", "legacy_version": "L", "number": "13", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update L)" }, { "date": "2021-05-11T00:00:00.000000Z", "legacy_version": "M", "number": "14", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update M)" }, { "date": "2021-07-13T00:00:00.000000Z", "legacy_version": "N", "number": "15", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update N)" }, { "date": "2021-09-14T00:00:00.000000Z", "legacy_version": "O", "number": "16", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update O)" }, { "date": "2022-03-10T00:00:00.000000Z", "legacy_version": "P", "number": "17", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update P)" }, { "date": "2022-04-14T00:00:00.000000Z", "legacy_version": "Q", "number": "18", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update Q)" }, { "date": "2022-05-12T00:00:00.000000Z", "legacy_version": "R", "number": "19", "summary": "ICSA-19-253-03 Siemens Industrial Products (Update R)" } ], "status": "final", "version": "19" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 3.1.1.0", "product": { "name": "SIMATIC ITC2200 PRO: All versions prior to v3.1.1.0", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "SIMATIC ITC2200 PRO" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 1.3", "product": { "name": "SIMATIC RF188C: All versions prior to v1.3", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "SIMATIC RF188C" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.8.4", "product": { "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB- 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant): All versions prior to v2.8.4", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB- 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0): All versions prior to v4.0", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 1.5.18", "product": { "name": "SIMATIC CP 442-1 RNA (6GK7442-1RX00-0XE0): All versions prior to v1.5.18", "product_id": "CSAFPID-0005" } } ], "category": "product_name", "name": "SIMATIC CP 442-1 RNA (6GK7442-1RX00-0XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2): All versions prior to v6.2", "product_id": "CSAFPID-0006" } } ], "category": "product_name", "name": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0): All versions prior to v4.0", "product_id": "CSAFPID-0007" } } ], "category": "product_name", "name": "SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0): All versions prior to v4.0", "product_id": "CSAFPID-0008" } } ], "category": "product_name", "name": "SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M876-3 (6GK5876-3AA02-2BA2): All versions prior to v6.2", "product_id": "CSAFPID-0009" } } ], "category": "product_name", "name": "SCALANCE M876-3 (6GK5876-3AA02-2BA2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0): All versions prior to v4.0", "product_id": "CSAFPID-00010" } } ], "category": "product_name", "name": "SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.1.1.0", "product": { "name": "SIMATIC ITC1900: All versions prior to v3.1.1.0", "product_id": "CSAFPID-00011" } } ], "category": "product_name", "name": "SIMATIC ITC1900" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M804PB (6GK5804-0AP00-2AA2): All versions prior to v6.2", "product_id": "CSAFPID-00012" } } ], "category": "product_name", "name": "SCALANCE M804PB (6GK5804-0AP00-2AA2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.0.1", "product": { "name": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2): All versions prior to v2.0.1", "product_id": "CSAFPID-00013" } } ], "category": "product_name", "name": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 1.3", "product": { "name": "SIMATIC RF186C: All versions prior to v1.3", "product_id": "CSAFPID-00014" } } ], "category": "product_name", "name": "SIMATIC RF186C" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.2", "product": { "name": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0): All versions prior to v3.2", "product_id": "CSAFPID-00015" } } ], "category": "product_name", "name": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0): All versions prior to v4.0", "product_id": "CSAFPID-00016" } } ], "category": "product_name", "name": "SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.8.4", "product": { "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0): All versions prior to v2.8.4", "product_id": "CSAFPID-00017" } } ], "category": "product_name", "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "RUGGEDCOM RM1224 (6GK6108-4AM00): All versions prior to v6.2", "product_id": "CSAFPID-00018" } } ], "category": "product_name", "name": "RUGGEDCOM RM1224 (6GK6108-4AM00)" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "TIM 3V-IE DNP3 (incl. SIPLUS NET variants): All versions", "product_id": "CSAFPID-00019" } } ], "category": "product_name", "name": "TIM 3V-IE DNP3 (incl. SIPLUS NET variants)" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "TIM 4R-IE (incl. SIPLUS NET variants): All versions", "product_id": "CSAFPID-00020" } } ], "category": "product_name", "name": "TIM 4R-IE (incl. SIPLUS NET variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.0.1", "product": { "name": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2): All versions prior to v2.0.1", "product_id": "CSAFPID-00021" } } ], "category": "product_name", "name": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2): All versions prior to v6.2", "product_id": "CSAFPID-00022" } } ], "category": "product_name", "name": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.1", "product": { "name": "SCALANCE S623: All versions prior to v4.1", "product_id": "CSAFPID-00023" } } ], "category": "product_name", "name": "SCALANCE S623" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0): All versions prior to v4.0", "product_id": "CSAFPID-00024" } } ], "category": "product_name", "name": "SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 1.5.18", "product": { "name": "SIMATIC CP 443-1 RNA (6GK7443-1RX00-0XE0): All versions prior to v1.5.18", "product_id": "CSAFPID-00025" } } ], "category": "product_name", "name": "SIMATIC CP 443-1 RNA (6GK7443-1RX00-0XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 8.6.0", "product": { "name": "SCALANCE W1750D: All versions prior to v8.6.0", "product_id": "CSAFPID-00026" } } ], "category": "product_name", "name": "SCALANCE W1750D" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants): All versions prior to v2.1", "product_id": "CSAFPID-00027" } } ], "category": "product_name", "name": "SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2): All versions prior to v6.2", "product_id": "CSAFPID-00028" } } ], "category": "product_name", "name": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.13.3", "product": { "name": "ROX II: All versions prior to 2.13.3", "product_id": "CSAFPID-00029" } } ], "category": "product_name", "name": "ROX II" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.1", "product": { "name": "SCALANCE S612: All versions prior to v4.1", "product_id": "CSAFPID-00030" } } ], "category": "product_name", "name": "SCALANCE S612" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "SCALANCE M875: All versions", "product_id": "CSAFPID-00031" } } ], "category": "product_name", "name": "SCALANCE M875" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0): All versions prior to v4.0", "product_id": "CSAFPID-00032" } } ], "category": "product_name", "name": "SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.92", "product": { "name": "SINUMERIK 808D: All versions prior to v4.92", "product_id": "CSAFPID-00033" } } ], "category": "product_name", "name": "SINUMERIK 808D" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIMATIC MV540 H (6GF3540-0GE10): All versions prior to v2.1", "product_id": "CSAFPID-00034" } } ], "category": "product_name", "name": "SIMATIC MV540 H (6GF3540-0GE10)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0): All versions prior to v4.0", "product_id": "CSAFPID-00035" } } ], "category": "product_name", "name": "SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0): All versions prior to v4.0", "product_id": "CSAFPID-00036" } } ], "category": "product_name", "name": "SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 9 Linux Image 2019-12-13 | 13 (only affected by CVE-2019-11479)", "product": { "name": "RUGGEDCOM RX 1400 VPE Linux CloudConnect: All versions prior to Debian 9 Linux Image 2019-12-13 13 (only affected by CVE-2019-11479)", "product_id": "CSAFPID-00037" } } ], "category": "product_name", "name": "RUGGEDCOM RX 1400 VPE Linux CloudConnect" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.1.1.0", "product": { "name": "SIMATIC ITC2200: All versions prior to v3.1.1.0", "product_id": "CSAFPID-00038" } } ], "category": "product_name", "name": "SIMATIC ITC2200" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants): All versions", "product_id": "CSAFPID-00039" } } ], "category": "product_name", "name": "SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0): All versions prior to v2.1", "product_id": "CSAFPID-00040" } } ], "category": "product_name", "name": "SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0): All versions prior to v4.0", "product_id": "CSAFPID-00041" } } ], "category": "product_name", "name": "SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 1.1.5", "product": { "name": "CloudConnect 712: All versions prior to 1.1.5", "product_id": "CSAFPID-00042" } } ], "category": "product_name", "name": "CloudConnect 712" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "TIM 3V-IE (incl. SIPLUS NET variants): All versions", "product_id": "CSAFPID-00043" } } ], "category": "product_name", "name": "TIM 3V-IE (incl. SIPLUS NET variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 1.3", "product": { "name": "SIMATIC RF186CI: All versions prior to v1.3", "product_id": "CSAFPID-00044" } } ], "category": "product_name", "name": "SIMATIC RF186CI" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "TIM 1531 IRC (incl. SIPLUS NET variants): All versions prior to 2.1", "product_id": "CSAFPID-00045" } } ], "category": "product_name", "name": "TIM 1531 IRC (incl. SIPLUS NET variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIMATIC MV540 S (6GF3540-0CD10): All versions prior to v2.1", "product_id": "CSAFPID-00046" } } ], "category": "product_name", "name": "SIMATIC MV540 S (6GF3540-0CD10)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.2", "product": { "name": "SIMATIC CP 1242-7C: All versions prior to v3.2", "product_id": "CSAFPID-00047" } } ], "category": "product_name", "name": "SIMATIC CP 1242-7C" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2): All versions prior to v6.2", "product_id": "CSAFPID-00048" } } ], "category": "product_name", "name": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.0.1", "product": { "name": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2): All versions prior to v2.0.1", "product_id": "CSAFPID-00049" } } ], "category": "product_name", "name": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2)" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "SIMATIC CP 443-1 (incl. SIPLUS variants): All versions", "product_id": "CSAFPID-00050" } } ], "category": "product_name", "name": "SIMATIC CP 443-1 (incl. SIPLUS variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 17.0", "product": { "name": "SIMATIC CP 1628 (6GK1162-8AA00): All versions prior to v17.0", "product_id": "CSAFPID-00051" } } ], "category": "product_name", "name": "SIMATIC CP 1628 (6GK1162-8AA00)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.2", "product": { "name": "SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0): All versions prior to v3.2", "product_id": "CSAFPID-00052" } } ], "category": "product_name", "name": "SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0)" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "TIM 4R-IE DNP3 (incl. SIPLUS NET variants): All versions", "product_id": "CSAFPID-00053" } } ], "category": "product_name", "name": "TIM 4R-IE DNP3 (incl. SIPLUS NET variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.1.1.0", "product": { "name": "SIMATIC ITC1900 PRO: All versions prior to v3.1.1.0", "product_id": "CSAFPID-00054" } } ], "category": "product_name", "name": "SIMATIC ITC1900 PRO" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.1.1.0", "product": { "name": "SIMATIC ITC1500 PRO: All versions prior to v3.1.1.0", "product_id": "CSAFPID-00055" } } ], "category": "product_name", "name": "SIMATIC ITC1500 PRO" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.2", "product": { "name": "SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0): All versions prior to v3.2", "product_id": "CSAFPID-00056" } } ], "category": "product_name", "name": "SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.1.1.0", "product": { "name": "SIMATIC ITC1500: All versions prior to v3.1.1.0", "product_id": "CSAFPID-00057" } } ], "category": "product_name", "name": "SIMATIC ITC1500" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0): All versions prior to v2.1", "product_id": "CSAFPID-00058" } } ], "category": "product_name", "name": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0): All versions prior to v4.0", "product_id": "CSAFPID-00059" } } ], "category": "product_name", "name": "SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.0", "product": { "name": "SIMATIC CM 1542-1: All versions prior to 3.0", "product_id": "CSAFPID-00060" } } ], "category": "product_name", "name": "SIMATIC CM 1542-1" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.2", "product": { "name": "SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0): All versions prior to v3.2", "product_id": "CSAFPID-00061" } } ], "category": "product_name", "name": "SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIMATIC MV560 X (6GF3560-0HE10): All versions prior to v2.1", "product_id": "CSAFPID-00062" } } ], "category": "product_name", "name": "SIMATIC MV560 X (6GF3560-0HE10)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2): All versions prior to v6.2", "product_id": "CSAFPID-00063" } } ], "category": "product_name", "name": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.2", "product": { "name": "SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0): All versions prior to v3.2", "product_id": "CSAFPID-00064" } } ], "category": "product_name", "name": "SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIMATIC MV550 S (6GF3550-0CD10): All versions prior to v2.1", "product_id": "CSAFPID-00065" } } ], "category": "product_name", "name": "SIMATIC MV550 S (6GF3550-0CD10)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.2", "product": { "name": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0): All versions prior to v2.2", "product_id": "CSAFPID-00066" } } ], "category": "product_name", "name": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0): All versions prior to v4.0", "product_id": "CSAFPID-00067" } } ], "category": "product_name", "name": "SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0)" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "SIMATIC Teleservice Adapter IE Advanced: All versions", "product_id": "CSAFPID-00068" } } ], "category": "product_name", "name": "SIMATIC Teleservice Adapter IE Advanced" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.1", "product": { "name": "SCALANCE S602: All versions prior to v4.1", "product_id": "CSAFPID-00069" } } ], "category": "product_name", "name": "SCALANCE S602" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "SIMATIC CP 443-1 OPC UA (6GK7443-1UX00-0XE0): All versions", "product_id": "CSAFPID-00070" } } ], "category": "product_name", "name": "SIMATIC CP 443-1 OPC UA (6GK7443-1UX00-0XE0)" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants): All versions", "product_id": "CSAFPID-00071" } } ], "category": "product_name", "name": "SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 1.3", "product": { "name": "SIMATIC RF188CI: All versions prior to v1.3", "product_id": "CSAFPID-00072" } } ], "category": "product_name", "name": "SIMATIC RF188CI" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.1", "product": { "name": "SCALANCE S627-2M: All versions prior to v4.1", "product_id": "CSAFPID-00073" } } ], "category": "product_name", "name": "SCALANCE S627-2M" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2): All versions prior to v6.2", "product_id": "CSAFPID-00074" } } ], "category": "product_name", "name": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "SCALANCE WLC711: All versions", "product_id": "CSAFPID-00075" } } ], "category": "product_name", "name": "SCALANCE WLC711" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "TIM 3V-IE Advanced (incl. SIPLUS NET variants): All versions", "product_id": "CSAFPID-00076" } } ], "category": "product_name", "name": "TIM 3V-IE Advanced (incl. SIPLUS NET variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIMATIC MV560 U (6GF3560-0LE10): All versions prior to v2.1", "product_id": "CSAFPID-00077" } } ], "category": "product_name", "name": "SIMATIC MV560 U (6GF3560-0LE10)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0): All versions prior to v4.0", "product_id": "CSAFPID-00078" } } ], "category": "product_name", "name": "SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SINEMA Remote Connect Server: All versions prior to v2.1", "product_id": "CSAFPID-00079" } } ], "category": "product_name", "name": "SINEMA Remote Connect Server" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "SCALANCE WLC712: All versions", "product_id": "CSAFPID-00080" } } ], "category": "product_name", "name": "SCALANCE WLC712" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 9 Linux Image 2019-12-13", "product": { "name": "RUGGEDCOM RX 1400 VPE Debian Linux: All versions prior to Debian 9 Linux Image 2019-12-13", "product_id": "CSAFPID-00081" } } ], "category": "product_name", "name": "RUGGEDCOM RX 1400 VPE Debian Linux" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M874-3 (6GK5874-3AA00-2AA2): All versions prior to v6.2", "product_id": "CSAFPID-00082" } } ], "category": "product_name", "name": "SCALANCE M874-3 (6GK5874-3AA00-2AA2)" }, { "branches": [ { "category": "product_version", "name": "vers:all/*", "product": { "name": "SIMATIC Teleservice Adapter IE Basic: All versions", "product_id": "CSAFPID-00083" } } ], "category": "product_name", "name": "SIMATIC Teleservice Adapter IE Basic" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.0.1", "product": { "name": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2): All versions prior to v2.0.1", "product_id": "CSAFPID-00084" } } ], "category": "product_name", "name": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE S615 (6GK5615-0AA00-2AA2): All versions prior to v6.2", "product_id": "CSAFPID-00085" } } ], "category": "product_name", "name": "SCALANCE S615 (6GK5615-0AA00-2AA2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0): All versions prior to v4.0", "product_id": "CSAFPID-00086" } } ], "category": "product_name", "name": "SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2): All versions prior to v6.2", "product_id": "CSAFPID-00087" } } ], "category": "product_name", "name": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.0.1", "product": { "name": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2): All versions prior to v2.0.1", "product_id": "CSAFPID-00088" } } ], "category": "product_name", "name": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 14.00.15.00_51.25.00.01", "product": { "name": "SIMATIC CP 1623 (6GK1162-3AA00): All versions prior to v14.00.15.00_51.25.00.01", "product_id": "CSAFPID-00089" } } ], "category": "product_name", "name": "SIMATIC CP 1623 (6GK1162-3AA00)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0): All versions prior to v2.1", "product_id": "CSAFPID-00090" } } ], "category": "product_name", "name": "SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.8 | SP5", "product": { "name": "SINUMERIK 828D: All versions prior to v4.8 SP5", "product_id": "CSAFPID-00091" } } ], "category": "product_name", "name": "SINUMERIK 828D" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0): All versions prior to v2.1", "product_id": "CSAFPID-00092" } } ], "category": "product_name", "name": "SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 9 Linux Image 2019-12-13", "product": { "name": "RUGGEDCOM APE 1404 Linux: All versions prior to Debian 9 Linux Image 2019-12-13", "product_id": "CSAFPID-00093" } } ], "category": "product_name", "name": "RUGGEDCOM APE 1404 Linux" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0): All versions prior to v2.1", "product_id": "CSAFPID-00094" } } ], "category": "product_name", "name": "SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.8 SP5", "product": { "name": "SINUMERIK 840D sl: All versions prior to v4.8 SP5", "product_id": "CSAFPID-00095" } } ], "category": "product_name", "name": "SINUMERIK 840D sl" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.1", "product": { "name": "SIMATIC MV550 H (6GF3550-0GE10): All versions prior to v2.1", "product_id": "CSAFPID-00096" } } ], "category": "product_name", "name": "SIMATIC MV550 H (6GF3550-0GE10)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.2", "product": { "name": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0): All versions prior to v2.2", "product_id": "CSAFPID-00097" } } ], "category": "product_name", "name": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0): All versions prior to v4.0", "product_id": "CSAFPID-00098" } } ], "category": "product_name", "name": "SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0): All versions prior to v4.0", "product_id": "CSAFPID-00099" } } ], "category": "product_name", "name": "SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2): All versions prior to v6.2", "product_id": "CSAFPID-000100" } } ], "category": "product_name", "name": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 3.2", "product": { "name": "SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0): All versions prior to v3.2", "product_id": "CSAFPID-000101" } } ], "category": "product_name", "name": "SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 1.3", "product": { "name": "SIMATIC RF185C: All versions prior to v1.3", "product_id": "CSAFPID-000102" } } ], "category": "product_name", "name": "SIMATIC RF185C" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.2", "product": { "name": "SCALANCE M874-2 (6GK5874-2AA00-2AA2): All versions prior to v6.2", "product_id": "CSAFPID-000103" } } ], "category": "product_name", "name": "SCALANCE M874-2 (6GK5874-2AA00-2AA2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0): All versions prior to v4.0", "product_id": "CSAFPID-000104" } } ], "category": "product_name", "name": "SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 4.0", "product": { "name": "SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0): All versions prior to v4.0", "product_id": "CSAFPID-000105" } } ], "category": "product_name", "name": "SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 6.4", "product": { "name": "SCALANCE W-700 IEEE 802.11n family: All versions prior to v6.4", "product_id": "CSAFPID-000106" } } ], "category": "product_name", "name": "SCALANCE W-700 IEEE 802.11n family" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 2.0", "product": { "name": "SCALANCE W-1700 IEEE 802.11ac family: All versions prior to v2.0", "product_id": "CSAFPID-000107" } } ], "category": "product_name", "name": "SCALANCE W-1700 IEEE 802.11ac family" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-8460", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "The kernel can be forced to make very expensive calls for every incoming TCP Selective Acknowledgement (SACK) packet which can lead to a denial-of-service condition. CVE-2019-8460 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "The following products are discontinued as of October 1, 2019. Siemens recommends upgrading hardware to successor products from the SCALANCE SC-600 family and applying patches when available, or following the manual mitigations addressed below.SCALANCE S602: Update to v4.1 (Update is only available via Siemens Support contact)", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", "CSAFPID-00029", "CSAFPID-00030", "CSAFPID-00031", "CSAFPID-00032", "CSAFPID-00033", "CSAFPID-00034", "CSAFPID-00035", "CSAFPID-00036", "CSAFPID-00037", "CSAFPID-00038", "CSAFPID-00039", "CSAFPID-00040", "CSAFPID-00041", "CSAFPID-00042", "CSAFPID-00043", "CSAFPID-00044", "CSAFPID-00045", "CSAFPID-00046", "CSAFPID-00047", "CSAFPID-00048", "CSAFPID-00049", "CSAFPID-00050", "CSAFPID-00051", "CSAFPID-00052", "CSAFPID-00053", "CSAFPID-00054", "CSAFPID-00055", "CSAFPID-00056", "CSAFPID-00057", "CSAFPID-00058", "CSAFPID-00059", "CSAFPID-00060", "CSAFPID-00061", "CSAFPID-00062", "CSAFPID-00063", "CSAFPID-00064", "CSAFPID-00065", "CSAFPID-00066", "CSAFPID-00067", "CSAFPID-00068", "CSAFPID-00069", "CSAFPID-00070", "CSAFPID-00071", "CSAFPID-00072", "CSAFPID-00073", "CSAFPID-00074", "CSAFPID-00075", "CSAFPID-00076", "CSAFPID-00077", "CSAFPID-00078", "CSAFPID-00079", "CSAFPID-00080", "CSAFPID-00081", "CSAFPID-00082", "CSAFPID-00083", "CSAFPID-00084", "CSAFPID-00085", "CSAFPID-00086", "CSAFPID-00087", "CSAFPID-00088", "CSAFPID-00089", "CSAFPID-00090", "CSAFPID-00091", "CSAFPID-00092", "CSAFPID-00093", "CSAFPID-00094", "CSAFPID-00095", "CSAFPID-00096", "CSAFPID-00097", "CSAFPID-00098", "CSAFPID-00099", "CSAFPID-000100", "CSAFPID-000101", "CSAFPID-000102", "CSAFPID-000103", "CSAFPID-000104", "CSAFPID-000105", "CSAFPID-000106", "CSAFPID-000107" ], "url": "https://support.industry.siemens.com/cs/document/109756957" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", "CSAFPID-00029", "CSAFPID-00030", "CSAFPID-00031", "CSAFPID-00032", "CSAFPID-00033", "CSAFPID-00034", "CSAFPID-00035", "CSAFPID-00036", "CSAFPID-00037", "CSAFPID-00038", "CSAFPID-00039", "CSAFPID-00040", "CSAFPID-00041", "CSAFPID-00042", "CSAFPID-00043", "CSAFPID-00044", "CSAFPID-00045", "CSAFPID-00046", "CSAFPID-00047", "CSAFPID-00048", "CSAFPID-00049", "CSAFPID-00050", "CSAFPID-00051", "CSAFPID-00052", "CSAFPID-00053", "CSAFPID-00054", "CSAFPID-00055", "CSAFPID-00056", "CSAFPID-00057", "CSAFPID-00058", "CSAFPID-00059", "CSAFPID-00060", "CSAFPID-00061", "CSAFPID-00062", "CSAFPID-00063", "CSAFPID-00064", "CSAFPID-00065", "CSAFPID-00066", "CSAFPID-00067", "CSAFPID-00068", "CSAFPID-00069", "CSAFPID-00070", "CSAFPID-00071", "CSAFPID-00072", "CSAFPID-00073", "CSAFPID-00074", "CSAFPID-00075", "CSAFPID-00076", "CSAFPID-00077", "CSAFPID-00078", "CSAFPID-00079", "CSAFPID-00080", "CSAFPID-00081", "CSAFPID-00082", "CSAFPID-00083", "CSAFPID-00084", "CSAFPID-00085", "CSAFPID-00086", "CSAFPID-00087", "CSAFPID-00088", "CSAFPID-00089", "CSAFPID-00090", "CSAFPID-00091", "CSAFPID-00092", "CSAFPID-00093", "CSAFPID-00094", "CSAFPID-00095", "CSAFPID-00096", "CSAFPID-00097", "CSAFPID-00098", "CSAFPID-00099", "CSAFPID-000100", "CSAFPID-000101", "CSAFPID-000102", "CSAFPID-000103", "CSAFPID-000104", "CSAFPID-000105", "CSAFPID-000106", "CSAFPID-000107" ] } ], "title": "CVE-2019-8460" }, { "cve": "CVE-2019-11477", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "The kernel is affected by an integer overflow when handling TCP Selective Acknowledgements, which could allow a remote attacker to cause a denial-of-service condition. CVE-2019-11477 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "The following products are discontinued as of October 1, 2019. Siemens recommends upgrading hardware to successor products from the SCALANCE SC-600 family and applying patches when available, or following the manual mitigations addressed below.SCALANCE S602: Update to v4.1 (Update is only available via Siemens Support contact)", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", "CSAFPID-00029", "CSAFPID-00030", "CSAFPID-00031", "CSAFPID-00032", "CSAFPID-00033", "CSAFPID-00034", "CSAFPID-00035", "CSAFPID-00036", "CSAFPID-00037", "CSAFPID-00038", "CSAFPID-00039", "CSAFPID-00040", "CSAFPID-00041", "CSAFPID-00042", "CSAFPID-00043", "CSAFPID-00044", "CSAFPID-00045", "CSAFPID-00046", "CSAFPID-00047", "CSAFPID-00048", "CSAFPID-00049", "CSAFPID-00050", "CSAFPID-00051", "CSAFPID-00052", "CSAFPID-00053", "CSAFPID-00054", "CSAFPID-00055", "CSAFPID-00056", "CSAFPID-00057", "CSAFPID-00058", "CSAFPID-00059", "CSAFPID-00060", "CSAFPID-00061", "CSAFPID-00062", "CSAFPID-00063", "CSAFPID-00064", "CSAFPID-00065", "CSAFPID-00066", "CSAFPID-00067", "CSAFPID-00068", "CSAFPID-00069", "CSAFPID-00070", "CSAFPID-00071", "CSAFPID-00072", "CSAFPID-00073", "CSAFPID-00074", "CSAFPID-00075", "CSAFPID-00076", "CSAFPID-00077", "CSAFPID-00078", "CSAFPID-00079", "CSAFPID-00080", "CSAFPID-00081", "CSAFPID-00082", "CSAFPID-00083", "CSAFPID-00084", "CSAFPID-00085", "CSAFPID-00086", "CSAFPID-00087", "CSAFPID-00088", "CSAFPID-00089", "CSAFPID-00090", "CSAFPID-00091", "CSAFPID-00092", "CSAFPID-00093", "CSAFPID-00094", "CSAFPID-00095", "CSAFPID-00096", "CSAFPID-00097", "CSAFPID-00098", "CSAFPID-00099", "CSAFPID-000100", "CSAFPID-000101", "CSAFPID-000102", "CSAFPID-000103", "CSAFPID-000104", "CSAFPID-000105", "CSAFPID-000106", "CSAFPID-000107" ], "url": "https://support.industry.siemens.com/cs/document/109756957" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", "CSAFPID-00029", "CSAFPID-00030", "CSAFPID-00031", "CSAFPID-00032", "CSAFPID-00033", "CSAFPID-00034", "CSAFPID-00035", "CSAFPID-00036", "CSAFPID-00037", "CSAFPID-00038", "CSAFPID-00039", "CSAFPID-00040", "CSAFPID-00041", "CSAFPID-00042", "CSAFPID-00043", "CSAFPID-00044", "CSAFPID-00045", "CSAFPID-00046", "CSAFPID-00047", "CSAFPID-00048", "CSAFPID-00049", "CSAFPID-00050", "CSAFPID-00051", "CSAFPID-00052", "CSAFPID-00053", "CSAFPID-00054", "CSAFPID-00055", "CSAFPID-00056", "CSAFPID-00057", "CSAFPID-00058", "CSAFPID-00059", "CSAFPID-00060", "CSAFPID-00061", "CSAFPID-00062", "CSAFPID-00063", "CSAFPID-00064", "CSAFPID-00065", "CSAFPID-00066", "CSAFPID-00067", "CSAFPID-00068", "CSAFPID-00069", "CSAFPID-00070", "CSAFPID-00071", "CSAFPID-00072", "CSAFPID-00073", "CSAFPID-00074", "CSAFPID-00075", "CSAFPID-00076", "CSAFPID-00077", "CSAFPID-00078", "CSAFPID-00079", "CSAFPID-00080", "CSAFPID-00081", "CSAFPID-00082", "CSAFPID-00083", "CSAFPID-00084", "CSAFPID-00085", "CSAFPID-00086", "CSAFPID-00087", "CSAFPID-00088", "CSAFPID-00089", "CSAFPID-00090", "CSAFPID-00091", "CSAFPID-00092", "CSAFPID-00093", "CSAFPID-00094", "CSAFPID-00095", "CSAFPID-00096", "CSAFPID-00097", "CSAFPID-00098", "CSAFPID-00099", "CSAFPID-000100", "CSAFPID-000101", "CSAFPID-000102", "CSAFPID-000103", "CSAFPID-000104", "CSAFPID-000105", "CSAFPID-000106", "CSAFPID-000107" ] } ], "title": "CVE-2019-11477" }, { "cve": "CVE-2019-11478", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "A remote attacker sending specially crafted TCP Selective Acknowledgment (SACK) sequences may cause a denial-of-service condition. CVE-2019-11478 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "The following products are discontinued as of October 1, 2019. Siemens recommends upgrading hardware to successor products from the SCALANCE SC-600 family and applying patches when available, or following the manual mitigations addressed below.SCALANCE S602: Update to v4.1 (Update is only available via Siemens Support contact)", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", "CSAFPID-00029", "CSAFPID-00030", "CSAFPID-00031", "CSAFPID-00032", "CSAFPID-00033", "CSAFPID-00034", "CSAFPID-00035", "CSAFPID-00036", "CSAFPID-00037", "CSAFPID-00038", "CSAFPID-00039", "CSAFPID-00040", "CSAFPID-00041", "CSAFPID-00042", "CSAFPID-00043", "CSAFPID-00044", "CSAFPID-00045", "CSAFPID-00046", "CSAFPID-00047", "CSAFPID-00048", "CSAFPID-00049", "CSAFPID-00050", "CSAFPID-00051", "CSAFPID-00052", "CSAFPID-00053", "CSAFPID-00054", "CSAFPID-00055", "CSAFPID-00056", "CSAFPID-00057", "CSAFPID-00058", "CSAFPID-00059", "CSAFPID-00060", "CSAFPID-00061", "CSAFPID-00062", "CSAFPID-00063", "CSAFPID-00064", "CSAFPID-00065", "CSAFPID-00066", "CSAFPID-00067", "CSAFPID-00068", "CSAFPID-00069", "CSAFPID-00070", "CSAFPID-00071", "CSAFPID-00072", "CSAFPID-00073", "CSAFPID-00074", "CSAFPID-00075", "CSAFPID-00076", "CSAFPID-00077", "CSAFPID-00078", "CSAFPID-00079", "CSAFPID-00080", "CSAFPID-00081", "CSAFPID-00082", "CSAFPID-00083", "CSAFPID-00084", "CSAFPID-00085", "CSAFPID-00086", "CSAFPID-00087", "CSAFPID-00088", "CSAFPID-00089", "CSAFPID-00090", "CSAFPID-00091", "CSAFPID-00092", "CSAFPID-00093", "CSAFPID-00094", "CSAFPID-00095", "CSAFPID-00096", "CSAFPID-00097", "CSAFPID-00098", "CSAFPID-00099", "CSAFPID-000100", "CSAFPID-000101", "CSAFPID-000102", "CSAFPID-000103", "CSAFPID-000104", "CSAFPID-000105", "CSAFPID-000106", "CSAFPID-000107" ], "url": "https://support.industry.siemens.com/cs/document/109756957" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", "CSAFPID-00029", "CSAFPID-00030", "CSAFPID-00031", "CSAFPID-00032", "CSAFPID-00033", "CSAFPID-00034", "CSAFPID-00035", "CSAFPID-00036", "CSAFPID-00037", "CSAFPID-00038", "CSAFPID-00039", "CSAFPID-00040", "CSAFPID-00041", "CSAFPID-00042", "CSAFPID-00043", "CSAFPID-00044", "CSAFPID-00045", "CSAFPID-00046", "CSAFPID-00047", "CSAFPID-00048", "CSAFPID-00049", "CSAFPID-00050", "CSAFPID-00051", "CSAFPID-00052", "CSAFPID-00053", "CSAFPID-00054", "CSAFPID-00055", "CSAFPID-00056", "CSAFPID-00057", "CSAFPID-00058", "CSAFPID-00059", "CSAFPID-00060", "CSAFPID-00061", "CSAFPID-00062", "CSAFPID-00063", "CSAFPID-00064", "CSAFPID-00065", "CSAFPID-00066", "CSAFPID-00067", "CSAFPID-00068", "CSAFPID-00069", "CSAFPID-00070", "CSAFPID-00071", "CSAFPID-00072", "CSAFPID-00073", "CSAFPID-00074", "CSAFPID-00075", "CSAFPID-00076", "CSAFPID-00077", "CSAFPID-00078", "CSAFPID-00079", "CSAFPID-00080", "CSAFPID-00081", "CSAFPID-00082", "CSAFPID-00083", "CSAFPID-00084", "CSAFPID-00085", "CSAFPID-00086", "CSAFPID-00087", "CSAFPID-00088", "CSAFPID-00089", "CSAFPID-00090", "CSAFPID-00091", "CSAFPID-00092", "CSAFPID-00093", "CSAFPID-00094", "CSAFPID-00095", "CSAFPID-00096", "CSAFPID-00097", "CSAFPID-00098", "CSAFPID-00099", "CSAFPID-000100", "CSAFPID-000101", "CSAFPID-000102", "CSAFPID-000103", "CSAFPID-000104", "CSAFPID-000105", "CSAFPID-000106", "CSAFPID-000107" ] } ], "title": "CVE-2019-11478" }, { "cve": "CVE-2019-11479", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "An attacker may exploit a vulnerability in the TCP retransmission queue implementation kernel when handling TCP Selective Acknowledgements (SACK) to cause a denial-of-service condition. CVE-2019-11479 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "The following products are discontinued as of October 1, 2019. Siemens recommends upgrading hardware to successor products from the SCALANCE SC-600 family and applying patches when available, or following the manual mitigations addressed below.SCALANCE S602: Update to v4.1 (Update is only available via Siemens Support contact)", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", "CSAFPID-00029", "CSAFPID-00030", "CSAFPID-00031", "CSAFPID-00032", "CSAFPID-00033", "CSAFPID-00034", "CSAFPID-00035", "CSAFPID-00036", "CSAFPID-00037", "CSAFPID-00038", "CSAFPID-00039", "CSAFPID-00040", "CSAFPID-00041", "CSAFPID-00042", "CSAFPID-00043", "CSAFPID-00044", "CSAFPID-00045", "CSAFPID-00046", "CSAFPID-00047", "CSAFPID-00048", "CSAFPID-00049", "CSAFPID-00050", "CSAFPID-00051", "CSAFPID-00052", "CSAFPID-00053", "CSAFPID-00054", "CSAFPID-00055", "CSAFPID-00056", "CSAFPID-00057", "CSAFPID-00058", "CSAFPID-00059", "CSAFPID-00060", "CSAFPID-00061", "CSAFPID-00062", "CSAFPID-00063", "CSAFPID-00064", "CSAFPID-00065", "CSAFPID-00066", "CSAFPID-00067", "CSAFPID-00068", "CSAFPID-00069", "CSAFPID-00070", "CSAFPID-00071", "CSAFPID-00072", "CSAFPID-00073", "CSAFPID-00074", "CSAFPID-00075", "CSAFPID-00076", "CSAFPID-00077", "CSAFPID-00078", "CSAFPID-00079", "CSAFPID-00080", "CSAFPID-00081", "CSAFPID-00082", "CSAFPID-00083", "CSAFPID-00084", "CSAFPID-00085", "CSAFPID-00086", "CSAFPID-00087", "CSAFPID-00088", "CSAFPID-00089", "CSAFPID-00090", "CSAFPID-00091", "CSAFPID-00092", "CSAFPID-00093", "CSAFPID-00094", "CSAFPID-00095", "CSAFPID-00096", "CSAFPID-00097", "CSAFPID-00098", "CSAFPID-00099", "CSAFPID-000100", "CSAFPID-000101", "CSAFPID-000102", "CSAFPID-000103", "CSAFPID-000104", "CSAFPID-000105", "CSAFPID-000106", "CSAFPID-000107" ], "url": "https://support.industry.siemens.com/cs/document/109756957" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", "CSAFPID-00029", "CSAFPID-00030", "CSAFPID-00031", "CSAFPID-00032", "CSAFPID-00033", "CSAFPID-00034", "CSAFPID-00035", "CSAFPID-00036", "CSAFPID-00037", "CSAFPID-00038", "CSAFPID-00039", "CSAFPID-00040", "CSAFPID-00041", "CSAFPID-00042", "CSAFPID-00043", "CSAFPID-00044", "CSAFPID-00045", "CSAFPID-00046", "CSAFPID-00047", "CSAFPID-00048", "CSAFPID-00049", "CSAFPID-00050", "CSAFPID-00051", "CSAFPID-00052", "CSAFPID-00053", "CSAFPID-00054", "CSAFPID-00055", "CSAFPID-00056", "CSAFPID-00057", "CSAFPID-00058", "CSAFPID-00059", "CSAFPID-00060", "CSAFPID-00061", "CSAFPID-00062", "CSAFPID-00063", "CSAFPID-00064", "CSAFPID-00065", "CSAFPID-00066", "CSAFPID-00067", "CSAFPID-00068", "CSAFPID-00069", "CSAFPID-00070", "CSAFPID-00071", "CSAFPID-00072", "CSAFPID-00073", "CSAFPID-00074", "CSAFPID-00075", "CSAFPID-00076", "CSAFPID-00077", "CSAFPID-00078", "CSAFPID-00079", "CSAFPID-00080", "CSAFPID-00081", "CSAFPID-00082", "CSAFPID-00083", "CSAFPID-00084", "CSAFPID-00085", "CSAFPID-00086", "CSAFPID-00087", "CSAFPID-00088", "CSAFPID-00089", "CSAFPID-00090", "CSAFPID-00091", "CSAFPID-00092", "CSAFPID-00093", "CSAFPID-00094", "CSAFPID-00095", "CSAFPID-00096", "CSAFPID-00097", "CSAFPID-00098", "CSAFPID-00099", "CSAFPID-000100", "CSAFPID-000101", "CSAFPID-000102", "CSAFPID-000103", "CSAFPID-000104", "CSAFPID-000105", "CSAFPID-000106", "CSAFPID-000107" ] } ], "title": "CVE-2019-11479" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.