var-202004-0712
Vulnerability from variot
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200pro IM154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC ET200AL IM157-1 PN, SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 MF HF, SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants), SIMATIC MICRO-DRIVE PDC, SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 H V6 CPU family and below (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0), SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0), SINAMICS S/G Control Unit w. PROFINET, SIPLUS ET 200S IM151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service. Several Siemens products contain resource exhaustion vulnerabilities.Service operation interruption (DoS) It may be put into a state. are all products of the German Siemens (Siemens) company. SIMATIC S7-1500 CPU is a CPU (Central Processing Unit) module. SIMATIC S7-1500 is a programmable logic controller. SIMATIC TDC CP51M1 is an industrial Ethernet communication module of the SIMATIC TDC automation system.
Many Siemens products have resource management error vulnerabilities, which can be exploited by attackers to cause denial of service. PROFINET (All versions)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0712", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": "eq", "trust": 1.6, "vendor": "simatic et200sp im155 6 pn 2 hf", "version": "*" }, { "model": "simatic et 200sp open controller cpu 1515sp pc", "scope": "lt", "trust": 1.6, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500", "scope": "lt", "trust": 1.6, "vendor": "siemens", "version": "2.0" }, { "model": "simatic et 200sp open controller cpu 1515sp pc2", "scope": "lt", "trust": 1.6, "vendor": "siemens", "version": "2.0" }, { "model": "ktk ate530s", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sidoor atd430w", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sidoor ate530s coated", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sidoor ate531s", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu 1517-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 cpu 1511f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic micro-drive pdc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1518-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic pn\\/pn coupler", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-1500 cpu 1513f-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 cpu 1511-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic et200sp im155-6 pn\\/2 hf", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 pn ha", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1513-1 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "sidoor ate530s coated", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sidoor ate531s", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sidoor atd430w", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1516-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "ktk ate530s", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 cpu 1515-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic tdc cpu555", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics s\\/g control unit", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et200mp im155-5 pn hf", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-1500 cpu 1515f-2 pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic tdc cp51m1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic winac rtx \\ 2010", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et200sp im155-6 mf hf", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-300 cpu", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-400 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic et200sp im155-6 pn hf", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-410 cpu", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "ktk ate530s", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et200sp im155 6 pn hf", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic micro drive pdc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic pn pn coupler", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1511 1 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1513 1 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1515 2 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1516 3 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1517 3 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "sidoor atd430w", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1518 4 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1511f 1 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1513f 1 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1515f 2 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1516f 3 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1517f 3 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500 cpu 1518f 4 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 300 cpu", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 400 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "sidoor ate530s coated", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic s7 410 cpu", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic tdc cp51m1", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic tdc cpu555", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic winac rtx f 2010", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "sinamics s g control unit", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "sidoor ate531s", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et 200sp open controller cpu 1515sp pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et 200sp open controller cpu 1515sp pc2", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et200mp im155 5 pn hf", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et200sp im155 6 mf hf", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic et200sp im155 6 pn ha", "version": "*" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "2.0" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc2", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "2.0" }, { "model": "simatic et 200mp im 155-5 pn hf", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 mf hf", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 pn ha", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 pn hf", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-300", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et200sp im155-6 mf hf", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et200mp im155-5 pn hf", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 pn hf", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "4.2" }, { "model": "simatic pn/pn coupler", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "4.2" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-410", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic tdc cp51m1", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et200sp im155-6 pn ha", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et200sp im155-6 pn/2 hf", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "4.2" }, { "model": "simatic et200sp im155-6 pn/3 hf.simatic micro-drive pdc", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "4.2" }, { "model": "simatic micro-drive pdc", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn/dp", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic tdc cpu555", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx 2010", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics s/g control unit w. profinet", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null } ], "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:ktk_ate530s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:ktk_ate530s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:sidoor_atd430w_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:sidoor_atd430w:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:sidoor_ate530s_coated_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:sidoor_ate530s_coated:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:sidoor_ate531s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:sidoor_ate531s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_et200mp_im155-5_pn_hf_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_et200mp_im155-5_pn_hf:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_et200sp_im155-6_mf_hf_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_et200sp_im155-6_mf_hf:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_et200sp_im155-6_pn_ha_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_et200sp_im155-6_pn_ha:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_et200sp_im155-6_pn_hf_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_et200sp_im155-6_pn_hf:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_et200sp_im155-6_pn\\/2_hf_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_et200sp_im155-6_pn\\/2_hf:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_et200sp_im155-6_pn\\/2_hf_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_et200sp_im155-6_pn\\/2_hf:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_micro-drive_pdc_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_micro-drive_pdc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_pn\\/pn_coupler_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_pn\\/pn_coupler:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511-1_pn_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511-1_pn:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513-1_pn_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513-1_pn:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515-2_pn_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2_pn:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn\\/dp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1517-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_pn\\/dp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511f-1_pn_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511f-1_pn:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513f-1_pn_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513f-1_pn:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515f-2_pn_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515f-2_pn:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516f-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516f-3_pn\\/dp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1517f-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517f-3_pn\\/dp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn\\/dp_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\\/dp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:simatic_s7-1500:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0", "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-300_cpu_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-300_cpu:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-400_pn\\/dp_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-400_pn\\/dp:v7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-410_cpu_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-410_cpu:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_tdc_cp51m1_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_tdc_cp51m1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_tdc_cpu555_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_tdc_cpu555:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_winac_rtx_\\(f\\)_2010:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:sinamics_s\\/g_control_unit_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:sinamics_s\\/g_control_unit:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-19300" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported this vulnerability to CISA.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-801" } ], "trust": 0.6 }, "cve": "CVE-2019-19300", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2019-015236", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2020-23035", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "53646c4d-c67e-442c-b6e5-e05576895f55", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "b989cd8a-d784-43d6-b848-6040a850cda1", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "40b4fa3b-5945-486b-8125-8431896d5661", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2019-19300", "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2019-015236", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-19300", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2019-19300", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2019-015236", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-23035", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202004-801", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454", "trust": 0.2, "value": "HIGH" }, { "author": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55", "trust": 0.2, "value": "HIGH" }, { "author": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1", "trust": 0.2, "value": "HIGH" }, { "author": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661", "trust": 0.2, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2019-19300", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "VULMON", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "CNNVD", "id": "CNNVD-202004-801" }, { "db": "NVD", "id": "CVE-2019-19300" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200pro IM154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC ET200AL IM157-1 PN, SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 MF HF, SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants), SIMATIC MICRO-DRIVE PDC, SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 H V6 CPU family and below (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0), SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0), SINAMICS S/G Control Unit w. PROFINET, SIPLUS ET 200S IM151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service. Several Siemens products contain resource exhaustion vulnerabilities.Service operation interruption (DoS) It may be put into a state. are all products of the German Siemens (Siemens) company. SIMATIC S7-1500 CPU is a CPU (Central Processing Unit) module. SIMATIC S7-1500 is a programmable logic controller. SIMATIC TDC CP51M1 is an industrial Ethernet communication module of the SIMATIC TDC automation system. \n\r\n\r\nMany Siemens products have resource management error vulnerabilities, which can be exploited by attackers to cause denial of service. PROFINET (All versions)", "sources": [ { "db": "NVD", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "VULMON", "id": "CVE-2019-19300" } ], "trust": 2.97 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-19300", "trust": 3.9 }, { "db": "ICS CERT", "id": "ICSA-20-105-08", "trust": 2.1 }, { "db": "SIEMENS", "id": "SSA-593272", "trust": 1.7 }, { "db": "CNVD", "id": "CNVD-2020-23035", "trust": 1.4 }, { "db": "CNNVD", "id": "CNNVD-202004-801", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU95499848", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-015236", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2020.1345", "trust": 0.6 }, { "db": "IVD", "id": "27A9C9BB-8ADF-48D6-B6BD-C1000A913454", "trust": 0.2 }, { "db": "IVD", "id": "53646C4D-C67E-442C-B6E5-E05576895F55", "trust": 0.2 }, { "db": "IVD", "id": "B989CD8A-D784-43D6-B848-6040A850CDA1", "trust": 0.2 }, { "db": "IVD", "id": "40B4FA3B-5945-486B-8125-8431896D5661", "trust": 0.2 }, { "db": "VULMON", "id": "CVE-2019-19300", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "VULMON", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "CNNVD", "id": "CNNVD-202004-801" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "id": "VAR-202004-0712", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" } ], "trust": 2.112842044347826 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 }, { "category": [ "ICS", "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" } ] }, "last_update_date": "2024-05-14T22:36:22.729000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-593272", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf" }, { "title": "Patch for Multiple Siemens product resource management error vulnerabilities (CNVD-2020-23035)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/214037" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=b6bdf7c5a64c5efcddeb45b5831983cf" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "VULMON", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-400", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.7, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-08" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-19300" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-593272.html" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-19300" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu95499848/index.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.1345/" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-08" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-interniche-segmentsmack-32022" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/400.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-105-08" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "VULMON", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "CNNVD", "id": "CNNVD-202004-801" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNVD", "id": "CNVD-2020-23035" }, { "db": "VULMON", "id": "CVE-2019-19300" }, { "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "db": "CNNVD", "id": "CNNVD-202004-801" }, { "db": "NVD", "id": "CVE-2019-19300" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-04-14T00:00:00", "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "date": "2020-04-14T00:00:00", "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "date": "2020-04-14T00:00:00", "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "date": "2020-04-14T00:00:00", "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "date": "2020-04-16T00:00:00", "db": "CNVD", "id": "CNVD-2020-23035" }, { "date": "2020-04-14T00:00:00", "db": "VULMON", "id": "CVE-2019-19300" }, { "date": "2020-04-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "date": "2020-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-801" }, { "date": "2020-04-14T20:15:14.903000", "db": "NVD", "id": "CVE-2019-19300" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-04-16T00:00:00", "db": "CNVD", "id": "CNVD-2020-23035" }, { "date": "2022-06-14T00:00:00", "db": "VULMON", "id": "CVE-2019-19300" }, { "date": "2020-04-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-015236" }, { "date": "2023-02-15T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-801" }, { "date": "2024-05-14T16:15:16.220000", "db": "NVD", "id": "CVE-2019-19300" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-801" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Variety Siemens Product resource management error vulnerability ( CNVD-2020-23035 )", "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Resource management error", "sources": [ { "db": "IVD", "id": "27a9c9bb-8adf-48d6-b6bd-c1000a913454" }, { "db": "IVD", "id": "53646c4d-c67e-442c-b6e5-e05576895f55" }, { "db": "IVD", "id": "b989cd8a-d784-43d6-b848-6040a850cda1" }, { "db": "IVD", "id": "40b4fa3b-5945-486b-8125-8431896d5661" }, { "db": "CNNVD", "id": "CNNVD-202004-801" } ], "trust": 1.4 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.