Sign-up

ID

VAR-201910-1596


CVE

CVE-2019-10923


TITLE

Resource Exhaustion Vulnerability in Multiple Siemens Products

Trust: 0.8

sources: JVNDB: JVNDB-2019-010610

DESCRIPTION

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation. Multiple Siemens products contain a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state. The Siemens SIMATIC S7-300 CPU is a modular universal controller for the manufacturing industry from Siemens. The products in the Siemens SIMATIC S7-400 CPU family have been designed for process control in industrial environments. SIMATIC WinAC RTX (F) 2010 is a simatic software controller for PC-based automation solutions. Siemens SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human machine interfaces (HMIs). A denial of service vulnerability exists in several Siemens products. A vulnerability has been identified in CP1604 (All versions < V2.8), CP1616 (All versions < V2.8), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions < V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions < V4.5.0 Patch 01), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.5.0), SCALANCE X-200IRT (All versions < V5.2.1), SIMATIC ET 200M (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200ecoPN (except 6ES7148-6JD00-0AB0 and 6ES7146-6FF00-0AB0) (All versions), SIMATIC ET 200pro (All versions), SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (All versions), SIMATIC S7-300 CPU family (incl. F) (All versions), SIMATIC S7-400 (incl. F) V6 and below (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions < SIMATIC WinAC RTX 2010 SP3), SIMOTION (All versions), SINAMICS DCM (All versions < V1.5 HF1), SINAMICS DCP (All versions), SINAMICS G110M V4.7 (Control Unit) (All versions < V4.7 SP10 HF5), SINAMICS G120 V4.7 (Control Unit) (All versions < V4.7 SP10 HF5), SINAMICS G130 V4.7 (Control Unit) (All versions < V4.7 HF29), SINAMICS G150 (Control Unit) (All versions < V4.8), SINAMICS GH150 V4.7 (Control Unit) (All versions), SINAMICS GL150 V4.7 (Control Unit) (All versions), SINAMICS GM150 V4.7 (Control Unit) (All versions), SINAMICS S110 (Control Unit) (All versions), SINAMICS S120 V4.7 (Control Unit and CBE20) (All versions < V4.7 HF34), SINAMICS S150 (Control Unit) (All versions < V4.8), SINAMICS SL150 V4.7 (Control Unit) (All versions), SINAMICS SM120 V4.7 (Control Unit) (All versions), SINUMERIK 828D (All versions < V4.8 SP5), SINUMERIK 840D sl (All versions). No user interaction is required to exploit this security vulnerability. The vulnerability impacts the availability of the affected installations. Siemens CP1616, etc. are all products of Siemens (Siemens) in Germany. CP1616 is a communications processor. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. SCALANCE X-200IRT is an industrial Ethernet switch. The following products and versions are affected: Siemens SIMATIC NET CP 1616 before V2.8; SINUMERIK 840D sl (all versions); SCALANCE X-200IRT series (including SIPLUS NET variants) before V5.2.1; SIMATIC ET200S (including SIPLUS variants) (full version) etc

Trust: 2.43

sources: NVD: CVE-2019-10923 // JVNDB: JVNDB-2019-010610 // CNVD: CNVD-2019-41280 // IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // VULHUB: VHN-142518

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // CNVD: CNVD-2019-41280

AFFECTED PRODUCTS

vendor:sinumerik 828dmodel: - scope:eqversion:4.8

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 312 ifmscope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:dk standard ethernet controllerscope:ltversion:4.1.1

Trust: 1.0

vendor:siemensmodel:simatic s7-400 dp v7scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics g110mscope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics gh150scope:eqversion:4.8

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 314scope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 313scope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 316-2 dpscope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:sinamics gl150scope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:sinamics gm150scope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:cp1604scope:ltversion:2.8

Trust: 1.0

vendor:siemensmodel:sinamics g120scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics sl150scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:sinumerik 828dscope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:sinamics g130scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpuscope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:sinamics s120scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic pn\/pn coupler 6es7158-3ad01-0xa0scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic winac rtx \scope:ltversion:2010

Trust: 1.0

vendor:siemensmodel:sinumerik 840d slscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:ek-ertec 200scope:ltversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic et 200mscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 314 ifmscope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:simatic s7-400 v6scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance x-200irtscope:ltversion:5.2.1

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 315-2 dpscope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:sinamics dcmscope:ltversion:1.5

Trust: 1.0

vendor:siemensmodel:cp1616scope:ltversion:2.8

Trust: 1.0

vendor:siemensmodel:simatic et 200sscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:dk standard ethernet controllerscope:eqversion:4.1.1

Trust: 1.0

vendor:siemensmodel:sinamics gm150scope:eqversion:4.8

Trust: 1.0

vendor:siemensmodel:ek-ertec 200pscope:ltversion:4.5.0

Trust: 1.0

vendor:siemensmodel:sinamics g110mscope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics sm120scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 315scope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:sinamics g150scope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:sinamics gh150scope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:sinumerik 828dscope:eqversion:4.8

Trust: 1.0

vendor:siemensmodel:simotionscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic winac rtx \scope:eqversion:2010

Trust: 1.0

vendor:siemensmodel:simatic et 200ecopnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:ek-ertec 200scope:eqversion:4.5.0

Trust: 1.0

vendor:siemensmodel:sinamics dcpscope:ltversion:1.3

Trust: 1.0

vendor:siemensmodel:sinamics gl150scope:eqversion:4.8

Trust: 1.0

vendor:siemensmodel:simatic s7-400 pn v7scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics s110scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics g120scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics sl150scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics g130scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics s120scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics dcmscope:eqversion:1.5

Trust: 1.0

vendor:siemensmodel:sinamics s150scope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 318-2scope:ltversion:3.3.17

Trust: 1.0

vendor:シーメンスmodel:scalance x-200irtscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:ek-ertec 200scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic et 200mscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:ek-ertec 200p pscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic et 200ecopnscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:cp1616scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic pn/pn coupler 6es7158-3ad01-0xa0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:dk standard ethernet controllerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic et 200sscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:cp1604scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200mscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic et 200proscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic et 200sscope: - version: -

Trust: 0.6

vendor:siemensmodel:sinamics dcpscope: - version: -

Trust: 0.6

vendor:siemensmodel:sinumerik 840d slscope: - version: -

Trust: 0.6

vendor:siemensmodel:cp1604scope:ltversion:v2.8

Trust: 0.6

vendor:siemensmodel:cp1616scope:ltversion:v2.8

Trust: 0.6

vendor:siemensmodel:dk standard ethernet controller patchscope:ltversion:v4.1.105

Trust: 0.6

vendor:siemensmodel:ek-ertec 200p patchscope:ltversion:v4.5.001

Trust: 0.6

vendor:siemensmodel:ek-ertec 200pscope:ltversion:v4.5.0

Trust: 0.6

vendor:siemensmodel:scalance x-200irtscope:ltversion:v5.2.1

Trust: 0.6

vendor:siemensmodel:simatic et 200ecopnscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic pn/pn coupler 6es7158-3ad01-0xa0scope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu familyscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-400 and belowscope:eqversion:v6

Trust: 0.6

vendor:siemensmodel:simatic winac rtxscope:eqversion:2010

Trust: 0.6

vendor:siemensmodel:simatic s7-400 pn/dpscope:eqversion:v7

Trust: 0.6

vendor:siemensmodel:sinamics dcm hf1scope:ltversion:v1.5

Trust: 0.6

vendor:siemensmodel:sinumerik 828d sp5scope:ltversion:v4.8

Trust: 0.6

vendor:siemensmodel:sinamics g110m sp10 hf5scope:eqversion:v4.7<v4.7

Trust: 0.6

vendor:siemensmodel:sinamics g120 sp10 hf5scope:eqversion:v4.7<v4.7

Trust: 0.6

vendor:siemensmodel:sinamics g130 hf29scope:eqversion:v4.7<v4.7

Trust: 0.6

vendor:siemensmodel:sinamics g150scope:ltversion:v4.8

Trust: 0.6

vendor:siemensmodel:sinamics gh150scope:eqversion:v4.7

Trust: 0.6

vendor:siemensmodel:sinamics gl150scope:eqversion:v4.7

Trust: 0.6

vendor:siemensmodel:sinamics gm150scope:eqversion:v4.7

Trust: 0.6

vendor:siemensmodel:sinamics s110scope: - version: -

Trust: 0.6

vendor:siemensmodel:sinamics s120 hf34scope:eqversion:v4.7<v4.7

Trust: 0.6

vendor:siemensmodel:sinamics s150scope:ltversion:v4.8

Trust: 0.6

vendor:siemensmodel:sinamics sl150scope:eqversion:v4.7

Trust: 0.6

vendor:siemensmodel:sinamics sm120scope:eqversion:v4.7

Trust: 0.6

vendor:dk standard ethernet controllermodel: - scope:eqversion:4.1.1

Trust: 0.4

vendor:cp1604model: - scope:eqversion:*

Trust: 0.2

vendor:simatic pn pn coupler 6es7158 3ad01 0xa0model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpumodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 312 ifmmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 313model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 314model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 314 ifmmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 315model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 315 2 dpmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 316 2 dpmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 318 2model: - scope:eqversion:*

Trust: 0.2

vendor:cp1616model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 400 v6model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 400 pn v7model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 400 dp v7model: - scope:eqversion:*

Trust: 0.2

vendor:simatic winac rtx f 2010model: - scope:eqversion: -

Trust: 0.2

vendor:simotionmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics dcmmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics dcmmodel: - scope:eqversion:1.5

Trust: 0.2

vendor:sinamics dcpmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g110mmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g110mmodel: - scope:eqversion:4.7

Trust: 0.2

vendor:sinamics g120model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g120model: - scope:eqversion:4.7

Trust: 0.2

vendor:sinamics g130model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g130model: - scope:eqversion:4.7

Trust: 0.2

vendor:dk standard ethernet controllermodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics gh150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics gl150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics gm150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics s110model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics s120model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics s120model: - scope:eqversion:4.7

Trust: 0.2

vendor:sinamics s150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics sl150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics sm120model: - scope:eqversion:*

Trust: 0.2

vendor:sinumerik 828dmodel: - scope:eqversion:*

Trust: 0.2

vendor:ek ertec 200model: - scope:eqversion:*

Trust: 0.2

vendor:ek ertec 200model: - scope:eqversion:4.5.0

Trust: 0.2

vendor:sinumerik 840d slmodel: - scope:eqversion:*

Trust: 0.2

vendor:ek ertec 200pmodel: - scope:eqversion:*

Trust: 0.2

vendor:scalance x 200irtmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic et 200mmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic et 200smodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic et 200ecopnmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // CNVD: CNVD-2019-41280 // JVNDB: JVNDB-2019-010610 // NVD: CVE-2019-10923

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-10923
value: HIGH

Trust: 1.0

productcert@siemens.com: CVE-2019-10923
value: HIGH

Trust: 1.0

NVD: CVE-2019-10923
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-41280
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201910-565
value: HIGH

Trust: 0.6

IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5
value: HIGH

Trust: 0.2

VULHUB: VHN-142518
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-10923
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-41280
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-142518
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-10923
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2019-10923
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // CNVD: CNVD-2019-41280 // VULHUB: VHN-142518 // JVNDB: JVNDB-2019-010610 // CNNVD: CNNVD-201910-565 // NVD: CVE-2019-10923 // NVD: CVE-2019-10923

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.1

problemtype:Resource exhaustion (CWE-400) [ others ]

Trust: 0.8

problemtype: Resource exhaustion (CWE-400) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-142518 // JVNDB: JVNDB-2019-010610 // NVD: CVE-2019-10923

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201910-565

TYPE

Resource management error

Trust: 0.8

sources: IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // CNNVD: CNNVD-201910-565

PATCH

title:SSA-349422url:https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf

Trust: 0.8

title:Patch for Multiple Siemens Product Denial of Service Vulnerabilities (CNVD-2019-41280)url:https://www.cnvd.org.cn/patchInfo/show/184335

Trust: 0.6

sources: CNVD: CNVD-2019-41280 // JVNDB: JVNDB-2019-010610

EXTERNAL IDS

db:NVDid:CVE-2019-10923

Trust: 4.1

db:SIEMENSid:SSA-349422

Trust: 2.3

db:ICS CERTid:ICSA-19-283-01

Trust: 1.4

db:CNNVDid:CNNVD-201910-565

Trust: 0.9

db:CNVDid:CNVD-2019-41280

Trust: 0.8

db:JVNDBid:JVNDB-2019-010610

Trust: 0.8

db:AUSCERTid:ESB-2019.3812

Trust: 0.6

db:AUSCERTid:ESB-2019.3812.2

Trust: 0.6

db:IVDid:B7DE1C6D-2642-4DF7-860F-BFE6735515F5

Trust: 0.2

db:VULHUBid:VHN-142518

Trust: 0.1

sources: IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // CNVD: CNVD-2019-41280 // VULHUB: VHN-142518 // JVNDB: JVNDB-2019-010610 // CNNVD: CNNVD-201910-565 // NVD: CVE-2019-10923

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-10923

Trust: 1.4

url:https://www.us-cert.gov/ics/advisories/icsa-19-283-01

Trust: 1.4

url:https://cert-portal.siemens.com/productcert/html/ssa-349422.html

Trust: 1.0

url:https://www.auscert.org.au/bulletins/esb-2019.3812/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3812.2/

Trust: 0.6

url:https://vigilance.fr/vulnerability/simatic-denial-of-service-via-irt-30559

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-19-283-01

Trust: 0.6

sources: CNVD: CNVD-2019-41280 // VULHUB: VHN-142518 // JVNDB: JVNDB-2019-010610 // CNNVD: CNNVD-201910-565 // NVD: CVE-2019-10923

CREDITS

Siemens reported this vulnerability to CISA. Artem Zinenko of Kaspersky reported to Siemens that SIPLUS is also affected.

Trust: 0.6

sources: CNNVD: CNNVD-201910-565

SOURCES

db:IVDid:b7de1c6d-2642-4df7-860f-bfe6735515f5
db:CNVDid:CNVD-2019-41280
db:VULHUBid:VHN-142518
db:JVNDBid:JVNDB-2019-010610
db:CNNVDid:CNNVD-201910-565
db:NVDid:CVE-2019-10923

LAST UPDATE DATE

2024-12-28T23:20:28.335000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-41280date:2019-11-19T00:00:00
db:VULHUBid:VHN-142518date:2023-01-10T00:00:00
db:JVNDBid:JVNDB-2019-010610date:2024-12-27T03:21:00
db:CNNVDid:CNNVD-201910-565date:2023-05-10T00:00:00
db:NVDid:CVE-2019-10923date:2024-11-21T04:20:09.600

SOURCES RELEASE DATE

db:IVDid:b7de1c6d-2642-4df7-860f-bfe6735515f5date:2019-11-19T00:00:00
db:CNVDid:CNVD-2019-41280date:2019-10-11T00:00:00
db:VULHUBid:VHN-142518date:2019-10-10T00:00:00
db:JVNDBid:JVNDB-2019-010610date:2019-10-17T00:00:00
db:CNNVDid:CNNVD-201910-565date:2019-10-09T00:00:00
db:NVDid:CVE-2019-10923date:2019-10-10T14:15:14.503