CVE-2019-19281
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V2.5 and < V20.8), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 and < V2.8), SIMATIC S7-1500 Software Controller (All versions >= V2.5 and < V20.8). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a Denial-of-Service condition. The vulnerability can be triggered if specially crafted UDP packets are sent to the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the device availability.
Se ha identificado una vulnerabilidad en SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incluyendo las variantes de SIPLUS) (todas las versiones posteriores a V2.5 incluyéndola y anteriores a V20.8), SIMATIC S7-1500 CPU family (incluyendo las variantes de ET200 CPUs y SIPLUS relacionadas) (todas las versiones posteriores a V2.5 incluyéndola y anteriores a V2.8), SIMATIC S7-1500 Software Controller (todas las versiones posteriores a V2.5 incluyéndola y anteriores a V20.8). Los dispositivos afectados contienen una vulnerabilidad que permite a un atacante no autenticado activar una condición de denegación de servicio. La vulnerabilidad puede ser desencadenada si paquetes UDP especialmente diseñados son enviados hacia el dispositivo. La vulnerabilidad de seguridad podría ser explotada por parte de un atacante con acceso de red a los sistemas afectados. Una explotación con éxito no requiere privilegios system ni una interacción del usuario. Un atacante podría usar la vulnerabilidad para comprometer la disponibilidad del dispositivo.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-11-26 CVE Reserved
- 2020-03-10 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-20-042-11 | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-750824.pdf | 2020-04-02 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Simatic Et 200sp Open Controller Cpu 1515sp Pc2 Firmware Search vendor "Siemens" for product "Simatic Et 200sp Open Controller Cpu 1515sp Pc2 Firmware" | >= 2.5 < 20.8 Search vendor "Siemens" for product "Simatic Et 200sp Open Controller Cpu 1515sp Pc2 Firmware" and version " >= 2.5 < 20.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Et 200sp Open Controller Cpu 1515sp Pc2 Search vendor "Siemens" for product "Simatic Et 200sp Open Controller Cpu 1515sp Pc2" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1511-1 Pn Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1511-1 Pn Firmware" | >= 2.5 < 2.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1511-1 Pn Firmware" and version " >= 2.5 < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1511-1 Pn Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1511-1 Pn" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1513-1 Pn Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1513-1 Pn Firmware" | >= 2.5 < 2.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1513-1 Pn Firmware" and version " >= 2.5 < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1513-1 Pn Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1513-1 Pn" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1515-2 Pn Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1515-2 Pn Firmware" | >= 2.5 < 2.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1515-2 Pn Firmware" and version " >= 2.5 < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1515-2 Pn Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1515-2 Pn" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1516-3 Pn Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1516-3 Pn Firmware" | >= 2.5 < 2.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1516-3 Pn Firmware" and version " >= 2.5 < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1516-3 Pn Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1516-3 Pn" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1516-3 Dp Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1516-3 Dp Firmware" | >= 2.5 < 2.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1516-3 Dp Firmware" and version " >= 2.5 < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1516-3 Dp Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1516-3 Dp" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1517-3 Pn Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1517-3 Pn Firmware" | >= 2.5 < 2.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1517-3 Pn Firmware" and version " >= 2.5 < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1517-3 Pn Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1517-3 Pn" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1517-3 Dp Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1517-3 Dp Firmware" | >= 2.5 < 2.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1517-3 Dp Firmware" and version " >= 2.5 < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1517-3 Dp Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1517-3 Dp" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1518-4 Pn Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1518-4 Pn Firmware" | >= 2.5 < 2.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1518-4 Pn Firmware" and version " >= 2.5 < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1518-4 Pn Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1518-4 Pn" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1518-4 Dp Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1518-4 Dp Firmware" | >= 2.5 < 2.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1518-4 Dp Firmware" and version " >= 2.5 < 2.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1518-4 Dp Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1518-4 Dp" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1507s Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1507s Firmware" | >= 2.5 < 20.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1507s Firmware" and version " >= 2.5 < 20.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1507s Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1507s" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1508s Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1508s Firmware" | >= 2.5 < 20.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1508s Firmware" and version " >= 2.5 < 20.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1508s Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1508s" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1507s F Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1507s F Firmware" | >= 2.5 < 20.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1507s F Firmware" and version " >= 2.5 < 20.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1507s F Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1507s F" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1508s F Firmware Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1508s F Firmware" | >= 2.5 < 20.8 Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1508s F Firmware" and version " >= 2.5 < 20.8" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic S7-1500 Cpu 1508s F Search vendor "Siemens" for product "Simatic S7-1500 Cpu 1508s F" | - | - |
Safe
|