Details of VAR-201904-0174

ID

VAR-201904-0174

CVE

CVE-2019-6568

TITLE

Vulnerability related to input validation in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2019-003541

DESCRIPTION

The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensCP, SIAMTIC, SIMOCODE, SINAMICS, SITOP and TIM are all devices manufactured by Siemens. Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 Advanced, SIMATIC CP443-1, SIMATIC CP443-1 Advanced, SIMATIC CP443-1 OPC UA, SIMATIC ET 200 SP Open Controller CPU 1515SP PC, SIMATIC ET 200 SP Open Controller CPU 1515SP PC2, SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF181-EIP, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600R, SIMATIC S7-1500 CPU family, SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family, SIMATIC S7-400 PN (incl. F) V6 and below, SIMATIC S7-400 PN/DP V7 (incl. F), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP, SIMOCODE pro V PN, SINAMICS G130 V4.6 (Control Unit), SINAMICS G130 V4.7 (Control Unit), SINAMICS G130 V4.7 SP1 (Control Unit), SINAMICS G130 V4.8 (Control Unit), SINAMICS G130 V5.1 (Control Unit), SINAMICS G130 V5.1 SP1 (Control Unit), SINAMICS G150 V4.6 (Control Unit), SINAMICS G150 V4.7 (Control Unit), SINAMICS G150 V4.7 SP1 (Control Unit), SINAMICS G150 V4.8 (Control Unit), SINAMICS G150 V5.1 (Control Unit), SINAMICS G150 V5.1 SP1 (Control Unit), SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 (Control Unit), SINAMICS S120 V4.7 (Control Unit), SINAMICS S120 V4.7 SP1 (Control Unit), SINAMICS S120 V4.8 (Control Unit), SINAMICS S120 V5.1 (Control Unit), SINAMICS S120 V5.1 SP1 (Control Unit), SINAMICS S150 V4.6 (Control Unit), SINAMICS S150 V4.7 (Control Unit), SINAMICS S150 V4.7 SP1 (Control Unit), SINAMICS S150 V4.8 (Control Unit), SINAMICS S150 V5.1 (Control Unit), SINAMICS S150 V5.1 SP1 (Control Unit), SINAMICS S210 V5.1 (Control Unit), SINAMICS S210 V5.1 SP1 (Control Unit), SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600, TIM 1531 IRC. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. CP1616 is a communications processor. SIMATIC S7-1500 is a programmable logic controller. The vulnerability stems from the failure of the network system or product to properly validate the input data

Trust: 2.7

sources: NVD: CVE-2019-6568 // JVNDB: JVNDB-2019-003541 // CNVD: CNVD-2019-12904 // BID: 107842 // IVD: a397cc8b-ee17-4faf-8447-e9ee5f57dd12 // VULHUB: VHN-158003

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: a397cc8b-ee17-4faf-8447-e9ee5f57dd12 // CNVD: CNVD-2019-12904

AFFECTED PRODUCTS

vendor:	siemens	model:	sinamics s210	scope:	eq	version:	5.1	Trust: 1.3
vendor:	siemens	model:	sinamics s150	scope:	eq	version:	5.1	Trust: 1.3
vendor:	siemens	model:	simatic rf186c	scope:	lt	version:	1.1.0	Trust: 1.0
vendor:	siemens	model:	sinamics sm120	scope:	lt	version:	4.8	Trust: 1.0
vendor:	siemens	model:	sinamics s150	scope:	lt	version:	5.1	Trust: 1.0
vendor:	siemens	model:	simatic hmi ktp mobile panels ktp400f	scope:	lt	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic s7-400 pn	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic s7-1500	scope:	lt	version:	2.6.1	Trust: 1.0
vendor:	siemens	model:	sinamics sl150	scope:	eq	version:	4.8	Trust: 1.0
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	eq	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic winac rtx	scope:	eq	version:	2010	Trust: 1.0
vendor:	siemens	model:	simatic hmi ktp mobile panels ktp700f	scope:	eq	version:	15.1	Trust: 1.0
vendor:	siemens	model:	sitop manager	scope:	lt	version:	1.1	Trust: 1.0
vendor:	siemens	model:	simatic hmi comfort outdoor panels	scope:	eq	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic ipc diagmonitor	scope:	lt	version:	5.1.3	Trust: 1.0
vendor:	siemens	model:	simatic s7-plcsim advanced	scope:	eq	version:	2.0	Trust: 1.0
vendor:	siemens	model:	sinamics gm150	scope:	eq	version:	4.8	Trust: 1.0
vendor:	siemens	model:	sinamics s120	scope:	lt	version:	5.2	Trust: 1.0
vendor:	siemens	model:	cp1616	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic hmi ktp mobile panels ktp900f	scope:	lt	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic s7-1500t	scope:	lt	version:	2.6.1	Trust: 1.0
vendor:	siemens	model:	sinamics sm150	scope:	lt	version:	5.1	Trust: 1.0
vendor:	siemens	model:	simatic cp443-1 advanced	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic hmi ktp mobile panels ktp900	scope:	eq	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic s7-1500s	scope:	lt	version:	2.6.1	Trust: 1.0
vendor:	siemens	model:	tim 1531 irc	scope:	lt	version:	2.1	Trust: 1.0
vendor:	siemens	model:	sitop ups1600	scope:	lt	version:	2.3	Trust: 1.0
vendor:	siemens	model:	simatic hmi ktp mobile panels ktp700f	scope:	lt	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic hmi ktp mobile panels ktp700	scope:	eq	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simocode pro v pn	scope:	lt	version:	2.1.3	Trust: 1.0
vendor:	siemens	model:	simatic s7-400 pn\/dp	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic cp343-1 advanced	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simocode pro v eip	scope:	lt	version:	1.1.3	Trust: 1.0
vendor:	siemens	model:	sinamics g150	scope:	lt	version:	5.2	Trust: 1.0
vendor:	siemens	model:	sinamics s210	scope:	lt	version:	5.1	Trust: 1.0
vendor:	siemens	model:	sinamics sl150	scope:	lt	version:	4.8	Trust: 1.0
vendor:	siemens	model:	simatic s7-1500f	scope:	lt	version:	2.6.1	Trust: 1.0
vendor:	siemens	model:	simatic teleservice adapter ie basic	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	cp1604	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	lt	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic winac rtx	scope:	lt	version:	2010	Trust: 1.0
vendor:	siemens	model:	sinamics g130	scope:	lt	version:	5.2	Trust: 1.0
vendor:	siemens	model:	sinamics gh150	scope:	eq	version:	4.8	Trust: 1.0
vendor:	siemens	model:	simatic rf181-eip	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic hmi comfort panels	scope:	eq	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic rf185c	scope:	lt	version:	1.1.0	Trust: 1.0
vendor:	siemens	model:	simatic hmi comfort outdoor panels	scope:	lt	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic hmi ktp mobile panels ktp400f	scope:	eq	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic hmi ktp mobile panels ktp900	scope:	lt	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic s7-plcsim advanced	scope:	lt	version:	2.0	Trust: 1.0
vendor:	siemens	model:	simatic rf188c	scope:	lt	version:	1.1.0	Trust: 1.0
vendor:	siemens	model:	simatic s7-1500 software controller	scope:	lt	version:	2.7	Trust: 1.0
vendor:	siemens	model:	simatic teleservice adapter ie advanced	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	sinamics gl150	scope:	eq	version:	4.8	Trust: 1.0
vendor:	siemens	model:	sinamics gm150	scope:	lt	version:	4.8	Trust: 1.0
vendor:	siemens	model:	simatic cp443-1 opc ua	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic et 200 sp open controller cpu 1515sp pc2	scope:	lt	version:	2.7	Trust: 1.0
vendor:	siemens	model:	sinamics sm120	scope:	eq	version:	4.8	Trust: 1.0
vendor:	siemens	model:	simatic et 200 sp open controller cpu 1515sp pc	scope:	lt	version:	2.1.6	Trust: 1.0
vendor:	siemens	model:	simatic hmi comfort panels	scope:	lt	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic cp443-1	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic hmi ktp mobile panels ktp700	scope:	lt	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic s7-300	scope:	lt	version:	3.3.17	Trust: 1.0
vendor:	siemens	model:	sitop psu8600	scope:	lt	version:	1.5	Trust: 1.0
vendor:	siemens	model:	simatic hmi ktp mobile panels ktp900f	scope:	eq	version:	15.1	Trust: 1.0
vendor:	siemens	model:	sinamics gh150	scope:	lt	version:	4.8	Trust: 1.0
vendor:	siemens	model:	sinamics sm150	scope:	eq	version:	5.1	Trust: 1.0
vendor:	siemens	model:	sinamics gl150	scope:	lt	version:	4.8	Trust: 1.0
vendor:	siemens	model:	simatic rf182c	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic teleservice adapter ie standard	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic rf600r	scope:	lt	version:	3.2.1	Trust: 1.0
vendor:	siemens	model:	simatic cp 1543sp-1	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic cp 1604	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic cp 1616	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic cp 343-1 advanced	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic cp 443-1 adv	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic cp 443-1	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic et 200 sp open controller cpu 1515sp pc	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic et 200 sp open controller cpu 1515sp pc2	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic hmi comfort outdoor panels	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic hmi comfort panels	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic rf185c	scope:	-	version:	-	Trust: 0.8
vendor:	sinamics s150	model:	-	scope:	eq	version:	5.1	Trust: 0.6
vendor:	siemens	model:	simatic winac rtx sp2 all	scope:	eq	version:	2010	Trust: 0.6
vendor:	siemens	model:	simatic s7-300 cpu family all	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic s7-400 pn/dp	scope:	eq	version:	v7	Trust: 0.6
vendor:	siemens	model:	simatic s7-1500 software controller	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	sinamics s120	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	sinamics g130 and g150	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic rf182c	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic cp443-1 opc ua	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic ipc diagmonitor	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic rf188c	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic rf600r	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	cp1604	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	cp1616	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic et sp open controller cpu 1515sp pc	scope:	eq	version:	200<v2.1.6	Trust: 0.6
vendor:	siemens	model:	simatic hmi comfort panels 4" 22"	scope:	eq	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic hmi ktp mobile panels	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic s7-1500 cpu family	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic s7-400 pn	scope:	eq	version:	v6	Trust: 0.6
vendor:	siemens	model:	sinamics s150	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	sinamics s210	scope:	eq	version:	v5.1	Trust: 0.6
vendor:	siemens	model:	sinamics s210 sp1	scope:	eq	version:	v5.1	Trust: 0.6
vendor:	siemens	model:	tim irc	scope:	eq	version:	1531	Trust: 0.6
vendor:	siemens	model:	simatic hmi comfort outdoor panels 7" & 15"	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic rf181-eip	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic rf186c	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic s7-plcsim advanced	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic teleservice adapter ie advanced	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic teleservice adapter ie basic	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic teleservice adapter ie standard	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simocode pro eip	scope:	eq	version:	v	Trust: 0.6
vendor:	siemens	model:	simocode pro pn	scope:	eq	version:	v	Trust: 0.6
vendor:	siemens	model:	sitop manager	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	sitop psu8600	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	sitop ups1600	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	siamtic rf185c	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic cp343-1 advanced	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic cp443-1	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic cp443-1 advanced	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic et sp open controller cpu 1515sp pc2	scope:	eq	version:	200	Trust: 0.6
vendor:	sinamics s210	model:	-	scope:	eq	version:	5.1	Trust: 0.4
vendor:	siemens	model:	tim irc	scope:	eq	version:	15310	Trust: 0.3
vendor:	siemens	model:	sitop ups1600	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	sitop psu8600	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	sitop manager	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	sinamics s210 sp1	scope:	eq	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics s150 sp1	scope:	eq	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics s150	scope:	eq	version:	4.8	Trust: 0.3
vendor:	siemens	model:	sinamics s150 sp1	scope:	eq	version:	4.7	Trust: 0.3
vendor:	siemens	model:	sinamics s150	scope:	eq	version:	4.7	Trust: 0.3
vendor:	siemens	model:	sinamics s150	scope:	eq	version:	4.6	Trust: 0.3
vendor:	siemens	model:	sinamics s120 sp1	scope:	eq	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics s120	scope:	eq	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics s120	scope:	eq	version:	4.8	Trust: 0.3
vendor:	siemens	model:	sinamics s120 sp1	scope:	eq	version:	4.7	Trust: 0.3
vendor:	siemens	model:	sinamics s120	scope:	eq	version:	4.7	Trust: 0.3
vendor:	siemens	model:	sinamics s120	scope:	eq	version:	4.6	Trust: 0.3
vendor:	siemens	model:	sinamics g150 sp1	scope:	eq	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics g150	scope:	eq	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics g150	scope:	eq	version:	4.8	Trust: 0.3
vendor:	siemens	model:	sinamics g150 sp1	scope:	eq	version:	4.7	Trust: 0.3
vendor:	siemens	model:	sinamics g150	scope:	eq	version:	4.7	Trust: 0.3
vendor:	siemens	model:	sinamics g150	scope:	eq	version:	4.6	Trust: 0.3
vendor:	siemens	model:	sinamics g130 sp1	scope:	eq	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics g130	scope:	eq	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics g130	scope:	eq	version:	4.8	Trust: 0.3
vendor:	siemens	model:	sinamics g130 sp1	scope:	eq	version:	4.7	Trust: 0.3
vendor:	siemens	model:	sinamics g130	scope:	eq	version:	4.7	Trust: 0.3
vendor:	siemens	model:	sinamics g130	scope:	eq	version:	4.6	Trust: 0.3
vendor:	siemens	model:	simocode pro pn	scope:	eq	version:	v0	Trust: 0.3
vendor:	siemens	model:	simocode pro eip	scope:	eq	version:	v0	Trust: 0.3
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic winac rtx	scope:	eq	version:	20100	Trust: 0.3
vendor:	siemens	model:	simatic teleservice adapter ie standard	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic teleservice adapter ie basic	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic teleservice adapter ie advanced	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic s7-plcsim advanced	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic s7-400 pn/dp	scope:	eq	version:	7	Trust: 0.3
vendor:	siemens	model:	simatic s7-400 pn	scope:	eq	version:	v60	Trust: 0.3
vendor:	siemens	model:	simatic s7-300 cpu	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic s7-1500 software controller	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic rf600r	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic rf188c	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic rf186c	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic rf185c	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic rf182c	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic ipc diagmonitor	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic hmi ktp900f mobile	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic hmi ktp900 mobile	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic hmi ktp700f mobile	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic hmi ktp700 mobile	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic hmi ktp400f mobile	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic hmi ktp mobile panels	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic hmi comfort panels	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic hmi comfort outdoor panels	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic et200 open controller cpu 1515sp pc2	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic et200 open controller cpu 1515sp pc	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic cp opc ua	scope:	eq	version:	443-10	Trust: 0.3
vendor:	siemens	model:	simatic cp advanced	scope:	eq	version:	443-10	Trust: 0.3
vendor:	siemens	model:	simatic cp	scope:	eq	version:	443-10	Trust: 0.3
vendor:	siemens	model:	simatic cp advanced	scope:	eq	version:	343-10	Trust: 0.3
vendor:	siemens	model:	rfid 181-eip	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	cp	scope:	eq	version:	16160	Trust: 0.3
vendor:	siemens	model:	cp	scope:	eq	version:	16040	Trust: 0.3
vendor:	siemens	model:	sinamics s150 sp1 hf4	scope:	ne	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics s150 hf6	scope:	ne	version:	4.8	Trust: 0.3
vendor:	siemens	model:	sinamics s120 sp1 hf4	scope:	ne	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics s120 hf6	scope:	ne	version:	4.8	Trust: 0.3
vendor:	siemens	model:	sinamics g150 sp1 hf4	scope:	ne	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics g150 hf6	scope:	ne	version:	4.8	Trust: 0.3
vendor:	siemens	model:	sinamics g130 sp1 hf4	scope:	ne	version:	5.1	Trust: 0.3
vendor:	siemens	model:	sinamics g130 hf6	scope:	ne	version:	4.8	Trust: 0.3
vendor:	siemens	model:	simatic s7-300 cpu	scope:	ne	version:	v3.x.16	Trust: 0.3
vendor:	siemens	model:	simatic et200 open controller cpu 1515sp pc	scope:	ne	version:	2.1.6	Trust: 0.3
vendor:	cp1604	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic hmi comfort panels	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic hmi ktp mobile panels ktp400f	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic hmi ktp mobile panels ktp700	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic hmi ktp mobile panels ktp700f	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic hmi ktp mobile panels ktp900	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic hmi ktp mobile panels ktp900f	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic cp443 1 opc ua	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic ipc diagmonitor	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic s7 1500 controller	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic s7 plcsim advanced	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic wincc runtime advanced	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	sitop manager	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic rf600r	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic rf188c	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic rf186c	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	cp1616	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic rf182c	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic rf181 eip	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic s7 1500	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic s7 300	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	simatic s7 400 pn	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic s7 400 pn dp	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic teleservice adapter ie advanced	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic teleservice adapter ie basic	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic teleservice adapter ie standard	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic winac rtx 2010	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic rf185c	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simocode pro v eip	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simocode pro v pn	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics g130	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	sinamics g150	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	sinamics s120	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	sinamics s150	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	sinamics s210	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	sitop psu8600	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	sitop ups1600	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	tim 1531 irc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic cp343 1 advanced	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic s7 1500f	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic s7 1500s	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic s7 1500t	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic cp443 1	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic cp443 1 advanced	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic et 200 sp open controller cpu 1515sp pc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic et 200 sp open controller cpu 1515sp pc2	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic hmi comfort outdoor panels	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: a397cc8b-ee17-4faf-8447-e9ee5f57dd12 // CNVD: CNVD-2019-12904 // BID: 107842 // JVNDB: JVNDB-2019-003541 // NVD: CVE-2019-6568

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-6568
value:	HIGH
Trust: 1.0
productcert@siemens.com:	CVE-2019-6568
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-6568
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-12904
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201904-458
value:	HIGH
Trust: 0.6
IVD:	a397cc8b-ee17-4faf-8447-e9ee5f57dd12
value:	HIGH
Trust: 0.2
VULHUB:	VHN-158003
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-6568
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-12904
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	a397cc8b-ee17-4faf-8447-e9ee5f57dd12
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-158003
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-6568
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	CVE-2019-6568
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: a397cc8b-ee17-4faf-8447-e9ee5f57dd12 // CNVD: CNVD-2019-12904 // VULHUB: VHN-158003 // JVNDB: JVNDB-2019-003541 // CNNVD: CNNVD-201904-458 // NVD: CVE-2019-6568 // NVD: CVE-2019-6568

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.1
problemtype:	CWE-20	Trust: 0.9

sources: VULHUB: VHN-158003 // JVNDB: JVNDB-2019-003541 // NVD: CVE-2019-6568

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201904-458

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201904-458

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003541

PATCH

title:	SSA-480230	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf	Trust: 0.8
title:	SSA-530931	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf	Trust: 0.8
title:	Patches for multiple Siemens product denial of service vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/160237	Trust: 0.6
title:	Multiple Siemens Product security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=91286	Trust: 0.6

sources: CNVD: CNVD-2019-12904 // JVNDB: JVNDB-2019-003541 // CNNVD: CNNVD-201904-458

EXTERNAL IDS

db:	NVD	id:	CVE-2019-6568	Trust: 3.6
db:	ICS CERT	id:	ICSA-19-099-06	Trust: 2.3
db:	SIEMENS	id:	SSA-480230	Trust: 2.0
db:	SIEMENS	id:	SSA-530931	Trust: 1.7
db:	ICS CERT	id:	ICSA-19-227-04	Trust: 1.4
db:	BID	id:	107842	Trust: 1.0
db:	CNNVD	id:	CNNVD-201904-458	Trust: 0.9
db:	CNVD	id:	CNVD-2019-12904	Trust: 0.8
db:	JVNDB	id:	JVNDB-2019-003541	Trust: 0.8
db:	AUSCERT	id:	ESB-2019.3150	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1204.2	Trust: 0.6
db:	IVD	id:	A397CC8B-EE17-4FAF-8447-E9EE5F57DD12	Trust: 0.2
db:	VULHUB	id:	VHN-158003	Trust: 0.1

sources: IVD: a397cc8b-ee17-4faf-8447-e9ee5f57dd12 // CNVD: CNVD-2019-12904 // VULHUB: VHN-158003 // BID: 107842 // JVNDB: JVNDB-2019-003541 // CNNVD: CNNVD-201904-458 // NVD: CVE-2019-6568

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-19-099-06	Trust: 2.3
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf	Trust: 2.0
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf	Trust: 1.7
url:	https://www.us-cert.gov/ics/advisories/icsa-19-227-04	Trust: 1.4
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6568	Trust: 1.4
url:	http://subscriber.communications.siemens.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6568	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2019.3150/	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-19-099-06	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-19-099-06	Trust: 0.6
url:	https://www.securityfocus.com/bid/107842	Trust: 0.6
url:	https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-webserver-28976	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/78710	Trust: 0.6

sources: CNVD: CNVD-2019-12904 // VULHUB: VHN-158003 // BID: 107842 // JVNDB: JVNDB-2019-003541 // CNNVD: CNNVD-201904-458 // NVD: CVE-2019-6568

CREDITS

Siemens reported this vulnerability to NCCIC.

Trust: 0.6

sources: CNNVD: CNNVD-201904-458

SOURCES

db:	IVD	id:	a397cc8b-ee17-4faf-8447-e9ee5f57dd12
db:	CNVD	id:	CNVD-2019-12904
db:	VULHUB	id:	VHN-158003
db:	BID	id:	107842
db:	JVNDB	id:	JVNDB-2019-003541
db:	CNNVD	id:	CNNVD-201904-458
db:	NVD	id:	CVE-2019-6568

LAST UPDATE DATE

2024-08-14T15:43:49.516000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-12904	date:	2019-05-07T00:00:00
db:	VULHUB	id:	VHN-158003	date:	2023-01-10T00:00:00
db:	BID	id:	107842	date:	2019-04-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-003541	date:	2019-08-20T00:00:00
db:	CNNVD	id:	CNNVD-201904-458	date:	2023-04-12T00:00:00
db:	NVD	id:	CVE-2019-6568	date:	2023-04-11T10:15:09.153

SOURCES RELEASE DATE

db:	IVD	id:	a397cc8b-ee17-4faf-8447-e9ee5f57dd12	date:	2019-05-05T00:00:00
db:	CNVD	id:	CNVD-2019-12904	date:	2019-05-05T00:00:00
db:	VULHUB	id:	VHN-158003	date:	2019-04-17T00:00:00
db:	BID	id:	107842	date:	2019-04-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-003541	date:	2019-05-20T00:00:00
db:	CNNVD	id:	CNNVD-201904-458	date:	2019-04-09T00:00:00
db:	NVD	id:	CVE-2019-6568	date:	2019-04-17T14:29:03.683