Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-10923

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

Published

2019-10-10T14:15:14.503

Last Modified

2024-11-21T04:20:09.600

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-400
Type: Secondary
CWE-400

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	cp1604_firmware	< 2.8	Yes
Hardware	siemens	cp1604	-	No
Operating System	siemens	cp1616_firmware	< 2.8	Yes
Hardware	siemens	cp1616	-	No
Operating System	siemens	dk_standard_ethernet_controller_firmware	< 4.1.1	Yes
Operating System	siemens	dk_standard_ethernet_controller_firmware	4.1.1	Yes
Operating System	siemens	dk_standard_ethernet_controller_firmware	4.1.1	Yes
Hardware	siemens	dk_standard_ethernet_controller	-	No
Operating System	siemens	ek-ertec_200_firmware	< 4.5.0	Yes
Operating System	siemens	ek-ertec_200_firmware	4.5.0	Yes
Hardware	siemens	ek-ertec_200	-	No
Operating System	siemens	ek-ertec_200p_firmware	< 4.5.0	Yes
Hardware	siemens	ek-ertec_200p	-	No
Operating System	siemens	scalance_x-200irt_firmware	< 5.2.1	Yes
Hardware	siemens	scalance_x-200irt	-	No
Operating System	siemens	simatic_et_200m_firmware	*	Yes
Hardware	siemens	simatic_et_200m	-	No
Operating System	siemens	simatic_et_200s_firmware	*	Yes
Hardware	siemens	simatic_et_200s	-	No
Operating System	siemens	simatic_et_200ecopn_firmware	*	Yes
Hardware	siemens	simatic_et_200ecopn	-	No
Operating System	siemens	simatic_pn\/pn_coupler_6es7158-3ad01-0xa0_firmware	*	Yes
Hardware	siemens	simatic_pn\/pn_coupler_6es7158-3ad01-0xa0	-	No
Operating System	siemens	simatic_s7-300_cpu_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu	-	No
Operating System	siemens	simatic_s7-300_cpu_312_ifm_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_312_ifm	-	No
Operating System	siemens	simatic_s7-300_cpu_313_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_313	-	No
Operating System	siemens	simatic_s7-300_cpu_314_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_314	-	No
Operating System	siemens	simatic_s7-300_cpu_314_ifm_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_314_ifm	-	No
Operating System	siemens	simatic_s7-300_cpu_315_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_315	-	No
Operating System	siemens	simatic_s7-300_cpu_315-2_dp_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_315-2_dp	-	No
Operating System	siemens	simatic_s7-300_cpu_316-2_dp_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_316-2_dp	-	No
Operating System	siemens	simatic_s7-300_cpu_318-2_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_318-2	-	No
Operating System	siemens	simatic_s7-400_v6_firmware	*	Yes
Hardware	siemens	simatic_s7-400_v6	-	No
Operating System	siemens	simatic_s7-400_pn_v7_firmware	*	Yes
Hardware	siemens	simatic_s7-400_pn_v7	-	No
Operating System	siemens	simatic_s7-400_dp_v7_firmware	*	Yes
Hardware	siemens	simatic_s7-400_dp_v7	-	No
Operating System	siemens	simatic_winac_rtx_\(f\)_firmware	< 2010	Yes
Operating System	siemens	simatic_winac_rtx_\(f\)_firmware	2010	Yes
Operating System	siemens	simatic_winac_rtx_\(f\)_firmware	2010	Yes
Operating System	siemens	simatic_winac_rtx_\(f\)_firmware	2010	Yes
Hardware	siemens	simatic_winac_rtx_\(f\)	-	No
Operating System	siemens	simotion_firmware	*	Yes
Hardware	siemens	simotion	-	No
Operating System	siemens	sinamics_dcm_firmware	< 1.5	Yes
Operating System	siemens	sinamics_dcm_firmware	1.5	Yes
Hardware	siemens	sinamics_dcm	-	No
Operating System	siemens	sinamics_dcp_firmware	< 1.3	Yes
Hardware	siemens	sinamics_dcp	-	No
Operating System	siemens	sinamics_g110m_firmware	< 4.7	Yes
Operating System	siemens	sinamics_g110m_firmware	4.7	Yes
Hardware	siemens	sinamics_g110m	-	No
Operating System	siemens	sinamics_g120_firmware	< 4.7	Yes
Operating System	siemens	sinamics_g120_firmware	4.7	Yes
Hardware	siemens	sinamics_g120	-	No
Operating System	siemens	sinamics_g130_firmware	< 4.7	Yes
Operating System	siemens	sinamics_g130_firmware	4.7	Yes
Hardware	siemens	sinamics_g130	-	No
Operating System	siemens	sinamics_g150_firmware	< 4.8	Yes
Hardware	siemens	sinamics_g150	-	No
Operating System	siemens	sinamics_gh150_firmware	< 4.8	Yes
Operating System	siemens	sinamics_gh150_firmware	4.8	Yes
Hardware	siemens	sinamics_gh150	-	No
Operating System	siemens	sinamics_gl150_firmware	< 4.8	Yes
Operating System	siemens	sinamics_gl150_firmware	4.8	Yes
Hardware	siemens	sinamics_gl150	-	No
Operating System	siemens	sinamics_gm150_firmware	< 4.8	Yes
Operating System	siemens	sinamics_gm150_firmware	4.8	Yes
Hardware	siemens	sinamics_gm150	-	No
Operating System	siemens	sinamics_s110_firmware	*	Yes
Hardware	siemens	sinamics_s110	-	No
Operating System	siemens	sinamics_s120_firmware	< 4.7	Yes
Operating System	siemens	sinamics_s120_firmware	4.7	Yes
Hardware	siemens	sinamics_s120	-	No
Operating System	siemens	sinamics_s150_firmware	< 4.8	Yes
Hardware	siemens	sinamics_s150	-	No
Operating System	siemens	sinamics_sl150_firmware	< 4.7	Yes
Operating System	siemens	sinamics_sl150_firmware	4.7	Yes
Hardware	siemens	sinamics_sl150	-	No
Operating System	siemens	sinamics_sm120_firmware	*	Yes
Hardware	siemens	sinamics_sm120	-	No
Application	siemens	sinumerik_828d	< 4.8	Yes
Application	siemens	sinumerik_828d	4.8	Yes
Application	siemens	sinumerik_828d	4.8	Yes
Application	siemens	sinumerik_828d	4.8	Yes
Application	siemens	sinumerik_828d	4.8	Yes
Application	siemens	sinumerik_828d	4.8	Yes
Application	siemens	sinumerik_840d_sl	*	Yes

References

https://cert-portal.siemens.com/productcert/html/ssa-349422.html ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)