Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-6575

A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication.

Published

2019-04-17T14:29:03.760

Last Modified

2024-11-21T04:46:43.960

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

6.9

Weaknesses

Type: Primary
CWE-248
Type: Secondary
CWE-755

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	simatic_cp443-1_opc_ua_firmware	*	Yes
Hardware	siemens	simatic_cp443-1_opc_ua	-	No
Operating System	siemens	simatic_et_200_open_controller_cpu_1515sp_pc2_firmware	< 2.7	Yes
Hardware	siemens	simatic_et_200_open_controller_cpu_1515sp_pc2	-	No
Operating System	siemens	simatic_ipc_diagmonitor_firmware	*	Yes
Hardware	siemens	simatic_ipc_diagmonitor	-	No
Operating System	siemens	simatic_net_pc_software_firmware	*	Yes
Hardware	siemens	simatic_net_pc_software	-	No
Operating System	siemens	simatic_rf188c_firmware	*	Yes
Hardware	siemens	simatic_rf188c	-	No
Operating System	siemens	simatic_rf600r_firmware	*	Yes
Hardware	siemens	simatic_rf600r	-	No
Operating System	siemens	simatic_s7-1500_firmware	≤ 2.5	Yes
Hardware	siemens	simatic_s7-1500	-	No
Application	siemens	opc_unified_architecture	*	Yes
Application	siemens	simatic_s7-1500_software_controller	≤ 2.5	Yes
Application	siemens	simatic_wincc_oa	< 3.15-p018	Yes
Application	siemens	simatic_wincc_runtime_advanced	*	Yes
Application	siemens	simatic_wincc_runtime_comfort	*	Yes
Application	siemens	simatic_wincc_runtime_hsp_comfort	*	Yes
Application	siemens	simatic_wincc_runtime_mobile	*	Yes
Application	siemens	sinec-nms	< 1.0	Yes
Application	siemens	sinec-nms	1.0	Yes
Application	siemens	sinema_server	*	Yes
Application	siemens	sinumerik_opc_ua_server	< 2.1	Yes
Application	siemens	telecontrol_server_basic	< 3.1.1	Yes
Operating System	siemens	simatic_s7-1500f_firmware	≤ 2.5	Yes
Hardware	siemens	simatic_s7-1500f	-	No
Operating System	siemens	simatic_s7-1500s_firmware	≤ 2.5	Yes
Hardware	siemens	simatic_s7-1500s	-	No
Operating System	siemens	simatic_s7-1500t_firmware	≤ 2.5	Yes
Hardware	siemens	simatic_s7-1500t	-	No
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_comfort_outdoor_panels	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels_ktp900	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels_ktp700	-	No
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	< 15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1	Yes
Operating System	siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1	Yes
Hardware	siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-	No

References

https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)