CVE-2019-18336

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known.

CVSS v3.0 7.5 HIGH
CVSS v2.0 7.8 HIGH

7.5^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_312_ifm_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_312_ifm:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_313_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_313:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_314_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_314:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_314_ifm_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_314_ifm:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_315_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_315:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_dp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_dp:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_316-2_dp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_316-2_dp:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_318-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_318-2:-:*:*:*:*:*:*:*

Configuration 10 (hide)

cpe:2.3:a:siemens:sinumerik_840d_sl:*:*:*:*:*:*:*:*

Configuration 11 (hide)

cpe:2.3:a:siemens:sinumerik_840d_sl:*:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:siemens:simatic_tdc_cp51m1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_tdc_cp51m1:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:siemens:simatic_tdc_cpu555_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_tdc_cpu555:-:*:*:*:*:*:*:*

Information

Published : 2020-03-10 13:15

Updated : 2020-09-28 17:13

NVD link : CVE-2019-18336

Mitre link : CVE-2019-18336

JSON object : View

CWE

CWE-400

Uncontrolled Resource Consumption

Products Affected

siemens

simatic_s7-300_cpu_315_firmware
simatic_s7-300_cpu_315-2_dp
simatic_s7-300_cpu_314_ifm_firmware
simatic_s7-300_cpu_316-2_dp_firmware
simatic_s7-300_cpu_316-2_dp
simatic_s7-300_cpu_318-2_firmware
simatic_s7-300_cpu_314
simatic_s7-300_cpu_312_ifm_firmware
sinumerik_840d_sl
simatic_tdc_cp51m1_firmware
simatic_tdc_cpu555
simatic_s7-300_cpu_312_ifm
simatic_s7-300_cpu_firmware
simatic_tdc_cp51m1
simatic_s7-300_cpu_318-2
simatic_tdc_cpu555_firmware
simatic_s7-300_cpu_313
simatic_s7-300_cpu_315
simatic_s7-300_cpu_313_firmware
simatic_s7-300_cpu_314_ifm
simatic_s7-300_cpu_314_firmware
simatic_s7-300_cpu
simatic_s7-300_cpu_315-2_dp_firmware

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

7.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2019-18336

7.5^/10

7.8^/10

Attach tags to `CVE-2019-18336`