CVE-2019-13946
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit
internal resource allocation when multiple legitimate diagnostic package
requests are sent to the DCE-RPC interface.
This could lead to a denial of service condition due to lack of memory
for devices that include a vulnerable version of the stack.
The security vulnerability could be exploited by an attacker with network
access to an affected device. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise the availability of the device.
Las versiones de la pila Profinet-IO (PNIO) anteriores a la V06.00 no limitan adecuadamente la asignación de recursos internos cuando se envían múltiples solicitudes legítimas de paquetes de diagnóstico a la interfaz DCE-RPC. Esto podría conducir a una condición de denegación de servicio debido a la falta de memoria para los dispositivos que incluyen una versión vulnerable de la pila. La vulnerabilidad de seguridad podría ser explotada por un atacante con acceso de red a un dispositivo afectado. La explotación exitosa no requiere privilegios del sistema ni interacción del usuario. Un atacante podría utilizar la vulnerabilidad para comprometer la disponibilidad del dispositivo
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-07-18 CVE Reserved
- 2020-02-11 CVE Published
- 2024-07-10 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (2)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf | 2024-07-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Ek-ertec 200 Firmware Search vendor "Siemens" for product "Ek-ertec 200 Firmware" | < 4.5 Search vendor "Siemens" for product "Ek-ertec 200 Firmware" and version " < 4.5" | - |
Affected
| in | Siemens Search vendor "Siemens" | Ek-ertec 200 Search vendor "Siemens" for product "Ek-ertec 200" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Ek-ertec 200p Firmware Search vendor "Siemens" for product "Ek-ertec 200p Firmware" | < 4.6 Search vendor "Siemens" for product "Ek-ertec 200p Firmware" and version " < 4.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Ek-ertec 200p Search vendor "Siemens" for product "Ek-ertec 200p" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Ruggedcom Rm1224 Firmware Search vendor "Siemens" for product "Ruggedcom Rm1224 Firmware" | < 4.3 Search vendor "Siemens" for product "Ruggedcom Rm1224 Firmware" and version " < 4.3" | - |
Affected
| in | Siemens Search vendor "Siemens" | Ruggedcom Rm1224 Search vendor "Siemens" for product "Ruggedcom Rm1224" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance M-800 Firmware Search vendor "Siemens" for product "Scalance M-800 Firmware" | < 4.3 Search vendor "Siemens" for product "Scalance M-800 Firmware" and version " < 4.3" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance M-800 Search vendor "Siemens" for product "Scalance M-800" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance S615 Firmware Search vendor "Siemens" for product "Scalance S615 Firmware" | < 4.3 Search vendor "Siemens" for product "Scalance S615 Firmware" and version " < 4.3" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance S615 Search vendor "Siemens" for product "Scalance S615" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance W700 Ieee 802.11n Firmware Search vendor "Siemens" for product "Scalance W700 Ieee 802.11n Firmware" | <= 6.0.1 Search vendor "Siemens" for product "Scalance W700 Ieee 802.11n Firmware" and version " <= 6.0.1" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance W700 Ieee 802.11n Search vendor "Siemens" for product "Scalance W700 Ieee 802.11n" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xc-200 Firmware Search vendor "Siemens" for product "Scalance Xc-200 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xc-200 Search vendor "Siemens" for product "Scalance Xc-200" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xf-200 Firmware Search vendor "Siemens" for product "Scalance Xf-200 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xf-200 Search vendor "Siemens" for product "Scalance Xf-200" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xp-200 Firmware Search vendor "Siemens" for product "Scalance Xp-200 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xp-200 Search vendor "Siemens" for product "Scalance Xp-200" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xb-200 Firmware Search vendor "Siemens" for product "Scalance Xb-200 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xb-200 Search vendor "Siemens" for product "Scalance Xb-200" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X-200irt Firmware Search vendor "Siemens" for product "Scalance X-200irt Firmware" | < 5.3 Search vendor "Siemens" for product "Scalance X-200irt Firmware" and version " < 5.3" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X-200irt Search vendor "Siemens" for product "Scalance X-200irt" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr-300wg Firmware Search vendor "Siemens" for product "Scalance Xr-300wg Firmware" | < 3.0 Search vendor "Siemens" for product "Scalance Xr-300wg Firmware" and version " < 3.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr-300wg Search vendor "Siemens" for product "Scalance Xr-300wg" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X-300 Firmware Search vendor "Siemens" for product "Scalance X-300 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X-300 Search vendor "Siemens" for product "Scalance X-300" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xb-200 Firmware Search vendor "Siemens" for product "Scalance Xb-200 Firmware" | < 3.0 Search vendor "Siemens" for product "Scalance Xb-200 Firmware" and version " < 3.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xb-200 Search vendor "Siemens" for product "Scalance Xb-200" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xc-200 Firmware Search vendor "Siemens" for product "Scalance Xc-200 Firmware" | < 3.0 Search vendor "Siemens" for product "Scalance Xc-200 Firmware" and version " < 3.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xc-200 Search vendor "Siemens" for product "Scalance Xc-200" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xp-200 Firmware Search vendor "Siemens" for product "Scalance Xp-200 Firmware" | < 3.0 Search vendor "Siemens" for product "Scalance Xp-200 Firmware" and version " < 3.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xp-200 Search vendor "Siemens" for product "Scalance Xp-200" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xf-200ba Firmware Search vendor "Siemens" for product "Scalance Xf-200ba Firmware" | < 3.0 Search vendor "Siemens" for product "Scalance Xf-200ba Firmware" and version " < 3.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xf-200ba Search vendor "Siemens" for product "Scalance Xf-200ba" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr-300wg Firmware Search vendor "Siemens" for product "Scalance Xr-300wg Firmware" | < 3.0 Search vendor "Siemens" for product "Scalance Xr-300wg Firmware" and version " < 3.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr-300wg Search vendor "Siemens" for product "Scalance Xr-300wg" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X-400 Firmware Search vendor "Siemens" for product "Scalance X-400 Firmware" | < 6.0 Search vendor "Siemens" for product "Scalance X-400 Firmware" and version " < 6.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X-400 Search vendor "Siemens" for product "Scalance X-400" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xm-400 Firmware Search vendor "Siemens" for product "Scalance Xm-400 Firmware" | < 6.0 Search vendor "Siemens" for product "Scalance Xm-400 Firmware" and version " < 6.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xm-400 Search vendor "Siemens" for product "Scalance Xm-400" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr524 Firmware Search vendor "Siemens" for product "Scalance Xr524 Firmware" | < 6.0 Search vendor "Siemens" for product "Scalance Xr524 Firmware" and version " < 6.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr524 Search vendor "Siemens" for product "Scalance Xr524" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr526 Firmware Search vendor "Siemens" for product "Scalance Xr526 Firmware" | < 6.0 Search vendor "Siemens" for product "Scalance Xr526 Firmware" and version " < 6.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr526 Search vendor "Siemens" for product "Scalance Xr526" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr528 Firmware Search vendor "Siemens" for product "Scalance Xr528 Firmware" | < 6.0 Search vendor "Siemens" for product "Scalance Xr528 Firmware" and version " < 6.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr528 Search vendor "Siemens" for product "Scalance Xr528" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xr552 Firmware Search vendor "Siemens" for product "Scalance Xr552 Firmware" | < 6.0 Search vendor "Siemens" for product "Scalance Xr552 Firmware" and version " < 6.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xr552 Search vendor "Siemens" for product "Scalance Xr552" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Cp 1616 Firmware Search vendor "Siemens" for product "Simatic Cp 1616 Firmware" | < 2.8 Search vendor "Siemens" for product "Simatic Cp 1616 Firmware" and version " < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Cp 1616 Search vendor "Siemens" for product "Simatic Cp 1616" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Cp 1604 Firmware Search vendor "Siemens" for product "Simatic Cp 1604 Firmware" | < 2.8 Search vendor "Siemens" for product "Simatic Cp 1604 Firmware" and version " < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Cp 1604 Search vendor "Siemens" for product "Simatic Cp 1604" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Cp 343-1 Firmware Search vendor "Siemens" for product "Simatic Cp 343-1 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Cp 343-1 Search vendor "Siemens" for product "Simatic Cp 343-1" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Cp 343-1 Advanced Firmware Search vendor "Siemens" for product "Simatic Cp 343-1 Advanced Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Cp 343-1 Advanced Search vendor "Siemens" for product "Simatic Cp 343-1 Advanced" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Cp 343-1 Erpc Firmware Search vendor "Siemens" for product "Simatic Cp 343-1 Erpc Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Cp 343-1 Erpc Search vendor "Siemens" for product "Simatic Cp 343-1 Erpc" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Cp 343-1 Lean Firmware Search vendor "Siemens" for product "Simatic Cp 343-1 Lean Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Cp 343-1 Lean Search vendor "Siemens" for product "Simatic Cp 343-1 Lean" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Cp 443-1 Firmware Search vendor "Siemens" for product "Simatic Cp 443-1 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Cp 443-1 Search vendor "Siemens" for product "Simatic Cp 443-1" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Cp 443-1 Advanced Firmware Search vendor "Siemens" for product "Simatic Cp 443-1 Advanced Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Cp 443-1 Advanced Search vendor "Siemens" for product "Simatic Cp 443-1 Advanced" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Cp 443-1 Opc Ua Firmware Search vendor "Siemens" for product "Simatic Cp 443-1 Opc Ua Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Cp 443-1 Opc Ua Search vendor "Siemens" for product "Simatic Cp 443-1 Opc Ua" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200al Im 157-1 Pn Firmware Search vendor "Siemens" for product "Simatic Et200al Im 157-1 Pn Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200al Im 157-1 Pn Search vendor "Siemens" for product "Simatic Et200al Im 157-1 Pn" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200m Im153-4 Pn Io Hf Firmware Search vendor "Siemens" for product "Simatic Et200m Im153-4 Pn Io Hf Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200m Im153-4 Pn Io Hf Search vendor "Siemens" for product "Simatic Et200m Im153-4 Pn Io Hf" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200m Im153-4 Pn Io St Firmware Search vendor "Siemens" for product "Simatic Et200m Im153-4 Pn Io St Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200m Im153-4 Pn Io St Search vendor "Siemens" for product "Simatic Et200m Im153-4 Pn Io St" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200mp Im155-5 Pn Hf Firmware Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn Hf Firmware" | < 4.2.0 Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn Hf Firmware" and version " < 4.2.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200mp Im155-5 Pn Hf Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn Hf" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200mp Im155-5 Pn St Firmware Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn St Firmware" | < 4.1.0 Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn St Firmware" and version " < 4.1.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200mp Im155-5 Pn St Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn St" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200s Firmware Search vendor "Siemens" for product "Simatic Et200s Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200s Search vendor "Siemens" for product "Simatic Et200s" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200sp Im155-6 Pn Basic Firmware Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn Basic Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200sp Im155-6 Pn Basic Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn Basic" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200sp Im155-6 Pn Hf Firmware Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn Hf Firmware" | < 3.3.1 Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn Hf Firmware" and version " < 3.3.1" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200sp Im155-6 Pn Hf Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn Hf" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200sp Im155-6 Pn St Firmware Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn St Firmware" | < 4.1.0 Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn St Firmware" and version " < 4.1.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200sp Im155-6 Pn St Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn St" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200ecopn Firmware Search vendor "Siemens" for product "Simatic Et200ecopn Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200ecopn Search vendor "Siemens" for product "Simatic Et200ecopn" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Et200pro Firmware Search vendor "Siemens" for product "Simatic Et200pro Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et200pro Search vendor "Siemens" for product "Simatic Et200pro" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Im 154-3 Pn Hf Firmware Search vendor "Siemens" for product "Im 154-3 Pn Hf Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Im 154-3 Pn Hf Search vendor "Siemens" for product "Im 154-3 Pn Hf" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Im 154-4 Pn Hf Firmware Search vendor "Siemens" for product "Im 154-4 Pn Hf Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Im 154-4 Pn Hf Search vendor "Siemens" for product "Im 154-4 Pn Hf" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Mv440 Firmware Search vendor "Siemens" for product "Simatic Mv440 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Mv440 Search vendor "Siemens" for product "Simatic Mv440" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Mv420 Firmware Search vendor "Siemens" for product "Simatic Mv420 Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Mv420 Search vendor "Siemens" for product "Simatic Mv420" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Pn\/pn Coupler Firmware Search vendor "Siemens" for product "Simatic Pn\/pn Coupler Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Pn\/pn Coupler Search vendor "Siemens" for product "Simatic Pn\/pn Coupler" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Rf180c Firmware Search vendor "Siemens" for product "Simatic Rf180c Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Rf180c Search vendor "Siemens" for product "Simatic Rf180c" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Rf182c Firmware Search vendor "Siemens" for product "Simatic Rf182c Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Rf182c Search vendor "Siemens" for product "Simatic Rf182c" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Rf600 Firmware Search vendor "Siemens" for product "Simatic Rf600 Firmware" | < 3.0 Search vendor "Siemens" for product "Simatic Rf600 Firmware" and version " < 3.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Rf600 Search vendor "Siemens" for product "Simatic Rf600" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Sinamics Dcp Firmware Search vendor "Siemens" for product "Sinamics Dcp Firmware" | < 1.3 Search vendor "Siemens" for product "Sinamics Dcp Firmware" and version " < 1.3" | - |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics Dcp Search vendor "Siemens" for product "Sinamics Dcp" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Dk Standard Ethernet Controller Search vendor "Siemens" for product "Dk Standard Ethernet Controller" | * | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Profinet Driver Search vendor "Siemens" for product "Profinet Driver" | < 2.1 Search vendor "Siemens" for product "Profinet Driver" and version " < 2.1" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simatic Ipc Support Search vendor "Siemens" for product "Simatic Ipc Support" | * | - |
Affected
| ||||||