// For flags

CVE-2019-13946

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit
internal resource allocation when multiple legitimate diagnostic package
requests are sent to the DCE-RPC interface.
This could lead to a denial of service condition due to lack of memory
for devices that include a vulnerable version of the stack.

The security vulnerability could be exploited by an attacker with network
access to an affected device. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise the availability of the device.

Las versiones de la pila Profinet-IO (PNIO) anteriores a la V06.00 no limitan adecuadamente la asignación de recursos internos cuando se envían múltiples solicitudes legítimas de paquetes de diagnóstico a la interfaz DCE-RPC. Esto podría conducir a una condición de denegación de servicio debido a la falta de memoria para los dispositivos que incluyen una versión vulnerable de la pila. La vulnerabilidad de seguridad podría ser explotada por un atacante con acceso de red a un dispositivo afectado. La explotación exitosa no requiere privilegios del sistema ni interacción del usuario. Un atacante podría utilizar la vulnerabilidad para comprometer la disponibilidad del dispositivo

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2019-07-18 CVE Reserved
  • 2020-02-11 CVE Published
  • 2024-07-10 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-400: Uncontrolled Resource Consumption
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Siemens
Search vendor "Siemens"
Ek-ertec 200 Firmware
Search vendor "Siemens" for product "Ek-ertec 200 Firmware"
< 4.5
Search vendor "Siemens" for product "Ek-ertec 200 Firmware" and version " < 4.5"
-
Affected
in Siemens
Search vendor "Siemens"
Ek-ertec 200
Search vendor "Siemens" for product "Ek-ertec 200"
--
Safe
Siemens
Search vendor "Siemens"
Ek-ertec 200p Firmware
Search vendor "Siemens" for product "Ek-ertec 200p Firmware"
< 4.6
Search vendor "Siemens" for product "Ek-ertec 200p Firmware" and version " < 4.6"
-
Affected
in Siemens
Search vendor "Siemens"
Ek-ertec 200p
Search vendor "Siemens" for product "Ek-ertec 200p"
--
Safe
Siemens
Search vendor "Siemens"
Ruggedcom Rm1224 Firmware
Search vendor "Siemens" for product "Ruggedcom Rm1224 Firmware"
< 4.3
Search vendor "Siemens" for product "Ruggedcom Rm1224 Firmware" and version " < 4.3"
-
Affected
in Siemens
Search vendor "Siemens"
Ruggedcom Rm1224
Search vendor "Siemens" for product "Ruggedcom Rm1224"
--
Safe
Siemens
Search vendor "Siemens"
Scalance M-800 Firmware
Search vendor "Siemens" for product "Scalance M-800 Firmware"
< 4.3
Search vendor "Siemens" for product "Scalance M-800 Firmware" and version " < 4.3"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance M-800
Search vendor "Siemens" for product "Scalance M-800"
--
Safe
Siemens
Search vendor "Siemens"
Scalance S615 Firmware
Search vendor "Siemens" for product "Scalance S615 Firmware"
< 4.3
Search vendor "Siemens" for product "Scalance S615 Firmware" and version " < 4.3"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance S615
Search vendor "Siemens" for product "Scalance S615"
--
Safe
Siemens
Search vendor "Siemens"
Scalance W700 Ieee 802.11n Firmware
Search vendor "Siemens" for product "Scalance W700 Ieee 802.11n Firmware"
<= 6.0.1
Search vendor "Siemens" for product "Scalance W700 Ieee 802.11n Firmware" and version " <= 6.0.1"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance W700 Ieee 802.11n
Search vendor "Siemens" for product "Scalance W700 Ieee 802.11n"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xc-200 Firmware
Search vendor "Siemens" for product "Scalance Xc-200 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xc-200
Search vendor "Siemens" for product "Scalance Xc-200"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf-200 Firmware
Search vendor "Siemens" for product "Scalance Xf-200 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf-200
Search vendor "Siemens" for product "Scalance Xf-200"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xp-200 Firmware
Search vendor "Siemens" for product "Scalance Xp-200 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xp-200
Search vendor "Siemens" for product "Scalance Xp-200"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xb-200 Firmware
Search vendor "Siemens" for product "Scalance Xb-200 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xb-200
Search vendor "Siemens" for product "Scalance Xb-200"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X-200irt Firmware
Search vendor "Siemens" for product "Scalance X-200irt Firmware"
< 5.3
Search vendor "Siemens" for product "Scalance X-200irt Firmware" and version " < 5.3"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X-200irt
Search vendor "Siemens" for product "Scalance X-200irt"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xr-300wg Firmware
Search vendor "Siemens" for product "Scalance Xr-300wg Firmware"
< 3.0
Search vendor "Siemens" for product "Scalance Xr-300wg Firmware" and version " < 3.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xr-300wg
Search vendor "Siemens" for product "Scalance Xr-300wg"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X-300 Firmware
Search vendor "Siemens" for product "Scalance X-300 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Scalance X-300
Search vendor "Siemens" for product "Scalance X-300"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xb-200 Firmware
Search vendor "Siemens" for product "Scalance Xb-200 Firmware"
< 3.0
Search vendor "Siemens" for product "Scalance Xb-200 Firmware" and version " < 3.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xb-200
Search vendor "Siemens" for product "Scalance Xb-200"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xc-200 Firmware
Search vendor "Siemens" for product "Scalance Xc-200 Firmware"
< 3.0
Search vendor "Siemens" for product "Scalance Xc-200 Firmware" and version " < 3.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xc-200
Search vendor "Siemens" for product "Scalance Xc-200"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xp-200 Firmware
Search vendor "Siemens" for product "Scalance Xp-200 Firmware"
< 3.0
Search vendor "Siemens" for product "Scalance Xp-200 Firmware" and version " < 3.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xp-200
Search vendor "Siemens" for product "Scalance Xp-200"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xf-200ba Firmware
Search vendor "Siemens" for product "Scalance Xf-200ba Firmware"
< 3.0
Search vendor "Siemens" for product "Scalance Xf-200ba Firmware" and version " < 3.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xf-200ba
Search vendor "Siemens" for product "Scalance Xf-200ba"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xr-300wg Firmware
Search vendor "Siemens" for product "Scalance Xr-300wg Firmware"
< 3.0
Search vendor "Siemens" for product "Scalance Xr-300wg Firmware" and version " < 3.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xr-300wg
Search vendor "Siemens" for product "Scalance Xr-300wg"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X-400 Firmware
Search vendor "Siemens" for product "Scalance X-400 Firmware"
< 6.0
Search vendor "Siemens" for product "Scalance X-400 Firmware" and version " < 6.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X-400
Search vendor "Siemens" for product "Scalance X-400"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xm-400 Firmware
Search vendor "Siemens" for product "Scalance Xm-400 Firmware"
< 6.0
Search vendor "Siemens" for product "Scalance Xm-400 Firmware" and version " < 6.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xm-400
Search vendor "Siemens" for product "Scalance Xm-400"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xr524 Firmware
Search vendor "Siemens" for product "Scalance Xr524 Firmware"
< 6.0
Search vendor "Siemens" for product "Scalance Xr524 Firmware" and version " < 6.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xr524
Search vendor "Siemens" for product "Scalance Xr524"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xr526 Firmware
Search vendor "Siemens" for product "Scalance Xr526 Firmware"
< 6.0
Search vendor "Siemens" for product "Scalance Xr526 Firmware" and version " < 6.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xr526
Search vendor "Siemens" for product "Scalance Xr526"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xr528 Firmware
Search vendor "Siemens" for product "Scalance Xr528 Firmware"
< 6.0
Search vendor "Siemens" for product "Scalance Xr528 Firmware" and version " < 6.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xr528
Search vendor "Siemens" for product "Scalance Xr528"
--
Safe
Siemens
Search vendor "Siemens"
Scalance Xr552 Firmware
Search vendor "Siemens" for product "Scalance Xr552 Firmware"
< 6.0
Search vendor "Siemens" for product "Scalance Xr552 Firmware" and version " < 6.0"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance Xr552
Search vendor "Siemens" for product "Scalance Xr552"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Cp 1616 Firmware
Search vendor "Siemens" for product "Simatic Cp 1616 Firmware"
< 2.8
Search vendor "Siemens" for product "Simatic Cp 1616 Firmware" and version " < 2.8"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Cp 1616
Search vendor "Siemens" for product "Simatic Cp 1616"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Cp 1604 Firmware
Search vendor "Siemens" for product "Simatic Cp 1604 Firmware"
< 2.8
Search vendor "Siemens" for product "Simatic Cp 1604 Firmware" and version " < 2.8"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Cp 1604
Search vendor "Siemens" for product "Simatic Cp 1604"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Cp 343-1 Firmware
Search vendor "Siemens" for product "Simatic Cp 343-1 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Cp 343-1
Search vendor "Siemens" for product "Simatic Cp 343-1"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Cp 343-1 Advanced Firmware
Search vendor "Siemens" for product "Simatic Cp 343-1 Advanced Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Cp 343-1 Advanced
Search vendor "Siemens" for product "Simatic Cp 343-1 Advanced"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Cp 343-1 Erpc Firmware
Search vendor "Siemens" for product "Simatic Cp 343-1 Erpc Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Cp 343-1 Erpc
Search vendor "Siemens" for product "Simatic Cp 343-1 Erpc"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Cp 343-1 Lean Firmware
Search vendor "Siemens" for product "Simatic Cp 343-1 Lean Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Cp 343-1 Lean
Search vendor "Siemens" for product "Simatic Cp 343-1 Lean"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Cp 443-1 Firmware
Search vendor "Siemens" for product "Simatic Cp 443-1 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Cp 443-1
Search vendor "Siemens" for product "Simatic Cp 443-1"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Cp 443-1 Advanced Firmware
Search vendor "Siemens" for product "Simatic Cp 443-1 Advanced Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Cp 443-1 Advanced
Search vendor "Siemens" for product "Simatic Cp 443-1 Advanced"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Cp 443-1 Opc Ua Firmware
Search vendor "Siemens" for product "Simatic Cp 443-1 Opc Ua Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Cp 443-1 Opc Ua
Search vendor "Siemens" for product "Simatic Cp 443-1 Opc Ua"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200al Im 157-1 Pn Firmware
Search vendor "Siemens" for product "Simatic Et200al Im 157-1 Pn Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200al Im 157-1 Pn
Search vendor "Siemens" for product "Simatic Et200al Im 157-1 Pn"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200m Im153-4 Pn Io Hf Firmware
Search vendor "Siemens" for product "Simatic Et200m Im153-4 Pn Io Hf Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200m Im153-4 Pn Io Hf
Search vendor "Siemens" for product "Simatic Et200m Im153-4 Pn Io Hf"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200m Im153-4 Pn Io St Firmware
Search vendor "Siemens" for product "Simatic Et200m Im153-4 Pn Io St Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200m Im153-4 Pn Io St
Search vendor "Siemens" for product "Simatic Et200m Im153-4 Pn Io St"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200mp Im155-5 Pn Hf Firmware
Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn Hf Firmware"
< 4.2.0
Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn Hf Firmware" and version " < 4.2.0"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200mp Im155-5 Pn Hf
Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn Hf"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200mp Im155-5 Pn St Firmware
Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn St Firmware"
< 4.1.0
Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn St Firmware" and version " < 4.1.0"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200mp Im155-5 Pn St
Search vendor "Siemens" for product "Simatic Et200mp Im155-5 Pn St"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200s Firmware
Search vendor "Siemens" for product "Simatic Et200s Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200s
Search vendor "Siemens" for product "Simatic Et200s"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200sp Im155-6 Pn Basic Firmware
Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn Basic Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200sp Im155-6 Pn Basic
Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn Basic"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200sp Im155-6 Pn Hf Firmware
Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn Hf Firmware"
< 3.3.1
Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn Hf Firmware" and version " < 3.3.1"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200sp Im155-6 Pn Hf
Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn Hf"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200sp Im155-6 Pn St Firmware
Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn St Firmware"
< 4.1.0
Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn St Firmware" and version " < 4.1.0"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200sp Im155-6 Pn St
Search vendor "Siemens" for product "Simatic Et200sp Im155-6 Pn St"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200ecopn Firmware
Search vendor "Siemens" for product "Simatic Et200ecopn Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200ecopn
Search vendor "Siemens" for product "Simatic Et200ecopn"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Et200pro Firmware
Search vendor "Siemens" for product "Simatic Et200pro Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Et200pro
Search vendor "Siemens" for product "Simatic Et200pro"
--
Safe
Siemens
Search vendor "Siemens"
Im 154-3 Pn Hf Firmware
Search vendor "Siemens" for product "Im 154-3 Pn Hf Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Im 154-3 Pn Hf
Search vendor "Siemens" for product "Im 154-3 Pn Hf"
--
Safe
Siemens
Search vendor "Siemens"
Im 154-4 Pn Hf Firmware
Search vendor "Siemens" for product "Im 154-4 Pn Hf Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Im 154-4 Pn Hf
Search vendor "Siemens" for product "Im 154-4 Pn Hf"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Mv440 Firmware
Search vendor "Siemens" for product "Simatic Mv440 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Mv440
Search vendor "Siemens" for product "Simatic Mv440"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Mv420 Firmware
Search vendor "Siemens" for product "Simatic Mv420 Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Mv420
Search vendor "Siemens" for product "Simatic Mv420"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Pn\/pn Coupler Firmware
Search vendor "Siemens" for product "Simatic Pn\/pn Coupler Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Pn\/pn Coupler
Search vendor "Siemens" for product "Simatic Pn\/pn Coupler"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Rf180c Firmware
Search vendor "Siemens" for product "Simatic Rf180c Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Rf180c
Search vendor "Siemens" for product "Simatic Rf180c"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Rf182c Firmware
Search vendor "Siemens" for product "Simatic Rf182c Firmware"
*-
Affected
in Siemens
Search vendor "Siemens"
Simatic Rf182c
Search vendor "Siemens" for product "Simatic Rf182c"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Rf600 Firmware
Search vendor "Siemens" for product "Simatic Rf600 Firmware"
< 3.0
Search vendor "Siemens" for product "Simatic Rf600 Firmware" and version " < 3.0"
-
Affected
in Siemens
Search vendor "Siemens"
Simatic Rf600
Search vendor "Siemens" for product "Simatic Rf600"
--
Safe
Siemens
Search vendor "Siemens"
Sinamics Dcp Firmware
Search vendor "Siemens" for product "Sinamics Dcp Firmware"
< 1.3
Search vendor "Siemens" for product "Sinamics Dcp Firmware" and version " < 1.3"
-
Affected
in Siemens
Search vendor "Siemens"
Sinamics Dcp
Search vendor "Siemens" for product "Sinamics Dcp"
--
Safe
Siemens
Search vendor "Siemens"
Dk Standard Ethernet Controller
Search vendor "Siemens" for product "Dk Standard Ethernet Controller"
*-
Affected
Siemens
Search vendor "Siemens"
Profinet Driver
Search vendor "Siemens" for product "Profinet Driver"
< 2.1
Search vendor "Siemens" for product "Profinet Driver" and version " < 2.1"
-
Affected
Siemens
Search vendor "Siemens"
Simatic Ipc Support
Search vendor "Siemens" for product "Simatic Ipc Support"
*-
Affected