Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-6575

A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication.

Security Impact Summary

This vulnerability carries a HIGH severity rating with a CVSS v3.1 score of 7.5, indicating it can be exploited remotely over the network with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts and availability (service disruption) for affected systems. Impacting 43 products from siemens, from siemens, from siemens and 40 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

First disclosed in 2019, this vulnerability was reported during a period defined by widespread IoT adoption challenges, mobile security concerns, and the emergence of advanced persistent threat (APT) techniques. Contemporary mitigation strategies focused on secure development practices and third-party component vetting.

Published

2019-04-17T14:29:03.760

Last Modified

2024-11-21T04:46:43.960

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

6.9

Weaknesses

Type: Secondary
CWE-248
Type: Secondary
CWE-755

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	simatic_cp443-1_opc_ua_firmware	*	Yes
Hardware	siemens	simatic_cp443-1_opc_ua	-	No
Operating System	siemens	simatic_et_200_open_controller_cpu_1515sp_pc2_firmware	< 2.7	Yes
Hardware	siemens	simatic_et_200_open_controller_cpu_1515sp_pc2	-	No
Operating System	siemens	simatic_ipc_diagmonitor_firmware	*	Yes
Hardware	siemens	simatic_ipc_diagmonitor	-	No
Operating System	siemens	simatic_net_pc_software_firmware	*	Yes
Hardware	siemens	simatic_net_pc_software	-	No
Operating System	siemens	simatic_rf188c_firmware	*	Yes
Hardware	siemens	simatic_rf188c	-	No
Operating System	siemens	simatic_rf600r_firmware	*	Yes
Hardware	siemens	simatic_rf600r	-	No
Operating System	siemens	simatic_s7-1500_firmware	≤ 2.5	Yes
Hardware	siemens	simatic_s7-1500	-	No
Application	siemens	opc_unified_architecture	*	Yes
Application	siemens	simatic_s7-1500_software_controller	≤ 2.5	Yes
Application	siemens	simatic_wincc_oa	< 3.15-p018	Yes
Application	siemens	simatic_wincc_runtime_advanced	*	Yes
Application	siemens	simatic_wincc_runtime_comfort	*	Yes
Application	siemens	simatic_wincc_runtime_hsp_comfort	*	Yes
Application	siemens	simatic_wincc_runtime_mobile	*	Yes
Application	siemens	sinec-nms	< 1.0	Yes
Application	siemens	sinec-nms	1.0	Yes
Application	siemens	sinema_server	*	Yes
Application	siemens	sinumerik_opc_ua_server	< 2.1	Yes
Application	siemens	telecontrol_server_basic	< 3.1.1	Yes
Operating System	siemens	simatic_s7-1500f_firmware	≤ 2.5	Yes
Hardware	siemens	simatic_s7-1500f	-	No
Operating System	siemens	simatic_s7-1500s_firmware	≤ 2.5	Yes
Hardware	siemens	simatic_s7-1500s	-	No
Operating System	siemens	simatic_s7-1500t_firmware	≤ 2.5	Yes
Hardware	siemens	simatic_s7-1500t	-	No
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_comfort_outdoor_panels	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels_ktp900	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels_ktp700	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-	No

References

https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For siemens's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.