Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-10936

Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.

Published

2019-10-10T14:15:14.707

Last Modified

2024-11-21T04:20:11.257

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-400
Type: Secondary
CWE-400

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	dk_standard_ethernet_controller_firmware	*	Yes
Hardware	siemens	dk_standard_ethernet_controller	-	No
Operating System	siemens	ek-ertec_200_firmware	*	Yes
Hardware	siemens	ek-ertec_200	-	No
Operating System	siemens	ek-ertec_200p_firmware	< 4.6	Yes
Operating System	siemens	ek-ertec_200p_firmware	4.6	Yes
Hardware	siemens	ek-ertec_200p	-	No
Operating System	siemens	simatic_cfu_pa_firmware	< 1.2.0	Yes
Hardware	siemens	simatic_cfu_pa	-	No
Operating System	siemens	simatic_et_200al_firmware	*	Yes
Hardware	siemens	simatic_et_200al	-	No
Operating System	siemens	simatic_et_200m_firmware	*	Yes
Hardware	siemens	simatic_et_200m	-	No
Operating System	siemens	simatic_et_200mp_im_155-5_pn_ba_firmware	< 4.3.0	Yes
Hardware	siemens	simatic_et_200mp_im_155-5_pn_ba	-	No
Operating System	siemens	simatic_et_200mp_im_155-5_pn_hf_firmware	< 4.4.0	Yes
Hardware	siemens	simatic_et_200mp_im_155-5_pn_hf	-	No
Operating System	siemens	simatic_et_200mp_im_155-5_pn_st_firmware	*	Yes
Hardware	siemens	simatic_et_200mp_im_155-5_pn_st	-	No
Operating System	siemens	simatic_et_200s_firmware	*	Yes
Hardware	siemens	simatic_et_200s	-	No
Operating System	siemens	simatic_et_200sp_im_155-6_pn_ba_firmware	*	Yes
Hardware	siemens	simatic_et_200sp_im_155-6_pn_ba	-	No
Operating System	siemens	simatic_et_200sp_im_155-6_pn_ha_firmware	*	Yes
Hardware	siemens	simatic_et_200sp_im_155-6_pn_ha	-	No
Operating System	siemens	simatic_et_200sp_im_155-6_pn_hf_firmware	< 4.2.2	Yes
Hardware	siemens	simatic_et_200sp_im_155-6_pn_hf	-	No
Operating System	siemens	simatic_et_200sp_im_155-6_pn_hs_firmware	*	Yes
Hardware	siemens	simatic_et_200sp_im_155-6_pn_hs	-	No
Operating System	siemens	simatic_et_200sp_im_155-6_pn_st_firmware	*	Yes
Hardware	siemens	simatic_et_200sp_im_155-6_pn_st	-	No
Operating System	siemens	simatic_et_200sp_im_155-6_pn\/2_hf_firmware	< 4.2.2	Yes
Hardware	siemens	simatic_et_200sp_im_155-6_pn\/2_hf	-	No
Operating System	siemens	simatic_et_200sp_im_155-6_pn\/3_hf_firmware	< 4.2.1	Yes
Hardware	siemens	simatic_et_200sp_im_155-6_pn\/3_hf	-	No
Operating System	siemens	simatic_et_200ecopn_firmware	*	Yes
Hardware	siemens	simatic_et_200ecopn	-	No
Operating System	siemens	simatic_et_200pro_firmware	*	Yes
Hardware	siemens	simatic_et_200pro	-	No
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*	Yes
Hardware	siemens	simatic_hmi_comfort_outdoor_panels_7\"	-	No
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*	Yes
Hardware	siemens	simatic_hmi_comfort_outdoor_panels_15\"	-	No
Operating System	siemens	simatic_hmi_comfort_panels_4\"_firmware	*	Yes
Hardware	siemens	simatic_hmi_comfort_panels_4\"	-	No
Operating System	siemens	simatic_hmi_comfort_panels_22\"_firmware	*	Yes
Hardware	siemens	simatic_hmi_comfort_panels_22\"	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_firmware	*	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels	-	No
Operating System	siemens	simatic_pn\/pn_coupler_firmware	< 4.2.1	Yes
Hardware	siemens	simatic_pn\/pn_coupler	-	No
Operating System	siemens	simatic_profinet_driver_firmware	< 2.1	Yes
Hardware	siemens	simatic_profinet_driver	-	No
Operating System	siemens	simatic_s7-1200_cpu_firmware	< 4.4.0	Yes
Hardware	siemens	simatic_s7-1200_cpu	-	No
Operating System	siemens	simatic_s7-1200_cpu_1211c_firmware	< 4.4.0	Yes
Hardware	siemens	simatic_s7-1200_cpu_1211c	-	No
Operating System	siemens	simatic_s7-1200_cpu_1212c_firmware	< 4.4.0	Yes
Hardware	siemens	simatic_s7-1200_cpu_1212c	-	No
Operating System	siemens	simatic_s7-1200_cpu_1214c_firmware	< 4.4.0	Yes
Hardware	siemens	simatic_s7-1200_cpu_1214c	-	No
Operating System	siemens	simatic_s7-1500_cpu_firmware	< 2.0	Yes
Hardware	siemens	simatic_s7-1500_cpu	-	No
Operating System	siemens	simatic_s7-1500s_cpu_firmware	< 2.0	Yes
Hardware	siemens	simatic_s7-1500s_cpu	-	No
Operating System	siemens	simatic_s7-1500t_cpu_firmware	< 2.0	Yes
Hardware	siemens	simatic_s7-1500t_cpu	-	No
Operating System	siemens	simatic_s7-1500_cpu_1518_firmware	< 2.0	Yes
Hardware	siemens	simatic_s7-1500_cpu_1518	-	No
Operating System	siemens	simatic_s7-1500_cpu_1511c_firmware	< 2.0	Yes
Hardware	siemens	simatic_s7-1500_cpu_1511c	-	No
Operating System	siemens	simatic_s7-1500_cpu_1512c_firmware	< 2.0	Yes
Hardware	siemens	simatic_s7-1500_cpu_1512c	-	No
Operating System	siemens	simatic_s7-300_cpu_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu	-	No
Operating System	siemens	simatic_s7-300_cpu_312_ifm_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_312_ifm	-	No
Operating System	siemens	simatic_s7-300_cpu_313_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_313	-	No
Operating System	siemens	simatic_s7-300_cpu_314_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_314	-	No
Operating System	siemens	simatic_s7-300_cpu_314_ifm_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_314_ifm	-	No
Operating System	siemens	simatic_s7-300_cpu_315_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_315	-	No
Operating System	siemens	simatic_s7-300_cpu_315-2_dp_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_315-2_dp	-	No
Operating System	siemens	simatic_s7-300_cpu_316-2_dp_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_316-2_dp	-	No
Operating System	siemens	simatic_s7-300_cpu_318-2_firmware	< 3.3.17	Yes
Hardware	siemens	simatic_s7-300_cpu_318-2	-	No
Operating System	siemens	simatic_s7-400_pn_v7_firmware	*	Yes
Hardware	siemens	simatic_s7-400_pn_v7	-	No
Operating System	siemens	simatic_s7-400_dp_v7_firmware	*	Yes
Hardware	siemens	simatic_s7-400_dp_v7	-	No
Operating System	siemens	simatic_s7-400_v6_firmware	< 6.0.9	Yes
Hardware	siemens	simatic_s7-400_v6	-	No
Operating System	siemens	simatic_s7-400h_v6_firmware	< 6.0.9	Yes
Hardware	siemens	simatic_s7-400h_v6	-	No
Operating System	siemens	simatic_s7-410_v8_firmware	< 8.2.2	Yes
Hardware	siemens	simatic_s7-410_v8	-	No
Operating System	siemens	simatic_winac_rtx_\(f\)_firmware	< 2010	Yes
Operating System	siemens	simatic_winac_rtx_\(f\)_firmware	2010	Yes
Hardware	siemens	simatic_winac_rtx_\(f\)_2010	-	No
Operating System	siemens	sinamics_dcm_firmware	< 1.5	Yes
Operating System	siemens	sinamics_dcm_firmware	1.5	Yes
Hardware	siemens	sinamics_dcm	-	No
Operating System	siemens	sinamics_dcp_firmware	< 1.3	Yes
Hardware	siemens	sinamics_dcp	-	No
Operating System	siemens	sinamics_g110m_firmware	< 4.7	Yes
Operating System	siemens	sinamics_g110m_firmware	4.7	Yes
Hardware	siemens	sinamics_g110m	-	No
Operating System	siemens	sinamics_g120_firmware	< 4.7	Yes
Operating System	siemens	sinamics_g120_firmware	4.7	Yes
Hardware	siemens	sinamics_g120	-	No
Operating System	siemens	sinamics_g130_firmware	< 5.2	Yes
Operating System	siemens	sinamics_g130_firmware	5.2	Yes
Hardware	siemens	sinamics_g130	-	No
Operating System	siemens	sinamics_g150_firmware	< 5.2	Yes
Operating System	siemens	sinamics_g150_firmware	5.2	Yes
Hardware	siemens	sinamics_g150	-	No
Operating System	siemens	sinamics_gl150_firmware	< 4.8	Yes
Operating System	siemens	sinamics_gl150_firmware	4.8	Yes
Hardware	siemens	sinamics_gl150	-	No
Operating System	siemens	sinamics_gm150_firmware	< 4.8	Yes
Operating System	siemens	sinamics_gm150_firmware	4.8	Yes
Hardware	siemens	sinamics_gm150	-	No
Operating System	siemens	sinamics_s110_firmware	*	Yes
Hardware	siemens	sinamics_s110	-	No
Operating System	siemens	sinamics_s120_firmware	< 5.2	Yes
Operating System	siemens	sinamics_s120_firmware	5.2	Yes
Hardware	siemens	sinamics_s120	-	No
Operating System	siemens	sinamics_s150_firmware	< 5.2	Yes
Operating System	siemens	sinamics_s150_firmware	5.2	Yes
Hardware	siemens	sinamics_s150	-	No
Operating System	siemens	sinamics_sl150_firmware	< 4.7	Yes
Operating System	siemens	sinamics_sl150_firmware	4.7	Yes
Hardware	siemens	sinamics_sl150	-	No
Operating System	siemens	sinamics_sm120_firmware	-	Yes
Hardware	siemens	sinamics_sm120	-	No
Application	siemens	sinumerik_828d	< 4.8	Yes
Application	siemens	sinumerik_828d	4.8	Yes
Application	siemens	sinumerik_828d	4.8	Yes
Application	siemens	sinumerik_828d	4.8	Yes
Application	siemens	sinumerik_828d	4.8	Yes
Application	siemens	sinumerik_828d	4.8	Yes
Application	siemens	sinumerik_840d_sl	*	Yes

References

https://cert-portal.siemens.com/productcert/html/ssa-473245.html ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/html/ssa-473245.html (af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)