ID

VAR-201910-1596


CVE

CVE-2019-10923


TITLE

Vulnerability related to resource depletion in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2019-010610

DESCRIPTION

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation. Multiple Siemens products are vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. The Siemens SIMATIC S7-300 CPU is a modular universal controller for the manufacturing industry from Siemens. The products in the Siemens SIMATIC S7-400 CPU family have been designed for process control in industrial environments. SIMATIC WinAC RTX (F) 2010 is a simatic software controller for PC-based automation solutions. Siemens SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human machine interfaces (HMIs). A denial of service vulnerability exists in several Siemens products. A vulnerability has been identified in CP1604 (All versions < V2.8), CP1616 (All versions < V2.8), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions < V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions < V4.5.0 Patch 01), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.5.0), SCALANCE X-200IRT (All versions < V5.2.1), SIMATIC ET 200M (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200ecoPN (except 6ES7148-6JD00-0AB0 and 6ES7146-6FF00-0AB0) (All versions), SIMATIC ET 200pro (All versions), SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (All versions), SIMATIC S7-300 CPU family (incl. F) (All versions), SIMATIC S7-400 (incl. F) V6 and below (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions < SIMATIC WinAC RTX 2010 SP3), SIMOTION (All versions), SINAMICS DCM (All versions < V1.5 HF1), SINAMICS DCP (All versions), SINAMICS G110M V4.7 (Control Unit) (All versions < V4.7 SP10 HF5), SINAMICS G120 V4.7 (Control Unit) (All versions < V4.7 SP10 HF5), SINAMICS G130 V4.7 (Control Unit) (All versions < V4.7 HF29), SINAMICS G150 (Control Unit) (All versions < V4.8), SINAMICS GH150 V4.7 (Control Unit) (All versions), SINAMICS GL150 V4.7 (Control Unit) (All versions), SINAMICS GM150 V4.7 (Control Unit) (All versions), SINAMICS S110 (Control Unit) (All versions), SINAMICS S120 V4.7 (Control Unit and CBE20) (All versions < V4.7 HF34), SINAMICS S150 (Control Unit) (All versions < V4.8), SINAMICS SL150 V4.7 (Control Unit) (All versions), SINAMICS SM120 V4.7 (Control Unit) (All versions), SINUMERIK 828D (All versions < V4.8 SP5), SINUMERIK 840D sl (All versions). No user interaction is required to exploit this security vulnerability. The vulnerability impacts the availability of the affected installations. Siemens CP1616, etc. are all products of Siemens (Siemens) in Germany. CP1616 is a communications processor. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. SCALANCE X-200IRT is an industrial Ethernet switch. The following products and versions are affected: Siemens SIMATIC NET CP 1616 before V2.8; SINUMERIK 840D sl (all versions); SCALANCE X-200IRT series (including SIPLUS NET variants) before V5.2.1; SIMATIC ET200S (including SIPLUS variants) (full version) etc

Trust: 2.43

sources: NVD: CVE-2019-10923 // JVNDB: JVNDB-2019-010610 // CNVD: CNVD-2019-41280 // IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // VULHUB: VHN-142518

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // CNVD: CNVD-2019-41280

AFFECTED PRODUCTS

vendor:siemensmodel:simatic et 200mscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic et 200sscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic et 200ecopnscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic pn/pn coupler 6es7158-3ad01-0xa0scope: - version: -

Trust: 1.4

vendor:sinumerik 828dmodel: - scope:eqversion:4.8

Trust: 1.0

vendor:siemensmodel:sinamics gl150scope:eqversion:4.8

Trust: 1.0

vendor:siemensmodel:sinamics gm150scope:eqversion:4.8

Trust: 1.0

vendor:siemensmodel:sinamics g110mscope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:ek-ertec 200pscope:ltversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 312 ifmscope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:sinamics g150scope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:sinamics dcmscope:ltversion:1.5

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 316-2 dpscope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:sinamics g130scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic s7-400 pn v7scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics s150scope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:dk standard ethernet controllerscope:eqversion:4.1.1

Trust: 1.0

vendor:siemensmodel:sinamics sm120scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics g120scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 314scope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:sinamics dcpscope:ltversion:1.3

Trust: 1.0

vendor:siemensmodel:sinamics gh150scope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:sinamics sl150scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic et 200mscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:cp1604scope:ltversion:2.8

Trust: 1.0

vendor:siemensmodel:sinumerik 828dscope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:sinamics dcmscope:eqversion:1.5

Trust: 1.0

vendor:siemensmodel:cp1616scope:ltversion:2.8

Trust: 1.0

vendor:siemensmodel:simatic winac rtx \scope:ltversion:2010

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpuscope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 315-2 dpscope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:ek-ertec 200scope:ltversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 313scope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:scalance x-200irtscope:ltversion:5.2.1

Trust: 1.0

vendor:siemensmodel:sinamics s120scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 318-2scope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:sinamics gl150scope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:simatic pn\/pn coupler 6es7158-3ad01-0xa0scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:ek-ertec 200scope:eqversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic et 200ecopnscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-400 v6scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics g130scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics gh150scope:eqversion:4.8

Trust: 1.0

vendor:siemensmodel:dk standard ethernet controllerscope:ltversion:4.1.1

Trust: 1.0

vendor:siemensmodel:sinamics g110mscope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics gm150scope:ltversion:4.8

Trust: 1.0

vendor:siemensmodel:sinamics g120scope:ltversion:4.7

Trust: 1.0

vendor:siemensmodel:sinamics sl150scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:sinumerik 840d slscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinumerik 828dscope:eqversion:4.8

Trust: 1.0

vendor:siemensmodel:simatic winac rtx \scope:eqversion:2010

Trust: 1.0

vendor:siemensmodel:sinamics s110scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simotionscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics s120scope:eqversion:4.7

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 315scope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:simatic et 200sscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-300 cpu 314 ifmscope:ltversion:3.3.17

Trust: 1.0

vendor:siemensmodel:simatic s7-400 dp v7scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:cp1604scope: - version: -

Trust: 0.8

vendor:siemensmodel:cp1616scope: - version: -

Trust: 0.8

vendor:siemensmodel:dk standard ethernet controllerscope: - version: -

Trust: 0.8

vendor:siemensmodel:ek-ertec 200scope: - version: -

Trust: 0.8

vendor:siemensmodel:ek-ertec 200p pscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x-200irtscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200proscope: - version: -

Trust: 0.6

vendor:siemensmodel:sinamics dcpscope: - version: -

Trust: 0.6

vendor:siemensmodel:sinumerik 840d slscope: - version: -

Trust: 0.6

vendor:siemensmodel:cp1604scope:ltversion:v2.8

Trust: 0.6

vendor:siemensmodel:cp1616scope:ltversion:v2.8

Trust: 0.6

vendor:siemensmodel:dk standard ethernet controller patchscope:ltversion:v4.1.105

Trust: 0.6

vendor:siemensmodel:ek-ertec 200p patchscope:ltversion:v4.5.001

Trust: 0.6

vendor:siemensmodel:ek-ertec 200pscope:ltversion:v4.5.0

Trust: 0.6

vendor:siemensmodel:scalance x-200irtscope:ltversion:v5.2.1

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu familyscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-400 and belowscope:eqversion:v6

Trust: 0.6

vendor:siemensmodel:simatic winac rtxscope:eqversion:2010

Trust: 0.6

vendor:siemensmodel:simatic s7-400 pn/dpscope:eqversion:v7

Trust: 0.6

vendor:siemensmodel:sinamics dcm hf1scope:ltversion:v1.5

Trust: 0.6

vendor:siemensmodel:sinumerik 828d sp5scope:ltversion:v4.8

Trust: 0.6

vendor:siemensmodel:sinamics g110m sp10 hf5scope:eqversion:v4.7<v4.7

Trust: 0.6

vendor:siemensmodel:sinamics g120 sp10 hf5scope:eqversion:v4.7<v4.7

Trust: 0.6

vendor:siemensmodel:sinamics g130 hf29scope:eqversion:v4.7<v4.7

Trust: 0.6

vendor:siemensmodel:sinamics g150scope:ltversion:v4.8

Trust: 0.6

vendor:siemensmodel:sinamics gh150scope:eqversion:v4.7

Trust: 0.6

vendor:siemensmodel:sinamics gl150scope:eqversion:v4.7

Trust: 0.6

vendor:siemensmodel:sinamics gm150scope:eqversion:v4.7

Trust: 0.6

vendor:siemensmodel:sinamics s110scope: - version: -

Trust: 0.6

vendor:siemensmodel:sinamics s120 hf34scope:eqversion:v4.7<v4.7

Trust: 0.6

vendor:siemensmodel:sinamics s150scope:ltversion:v4.8

Trust: 0.6

vendor:siemensmodel:sinamics sl150scope:eqversion:v4.7

Trust: 0.6

vendor:siemensmodel:sinamics sm120scope:eqversion:v4.7

Trust: 0.6

vendor:dk standard ethernet controllermodel: - scope:eqversion:4.1.1

Trust: 0.4

vendor:cp1604model: - scope:eqversion:*

Trust: 0.2

vendor:simatic pn pn coupler 6es7158 3ad01 0xa0model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpumodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 312 ifmmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 313model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 314model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 314 ifmmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 315model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 315 2 dpmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 316 2 dpmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 300 cpu 318 2model: - scope:eqversion:*

Trust: 0.2

vendor:cp1616model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 400 v6model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 400 pn v7model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 400 dp v7model: - scope:eqversion:*

Trust: 0.2

vendor:simatic winac rtx f 2010model: - scope:eqversion: -

Trust: 0.2

vendor:simotionmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics dcmmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics dcmmodel: - scope:eqversion:1.5

Trust: 0.2

vendor:sinamics dcpmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g110mmodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g110mmodel: - scope:eqversion:4.7

Trust: 0.2

vendor:sinamics g120model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g120model: - scope:eqversion:4.7

Trust: 0.2

vendor:sinamics g130model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g130model: - scope:eqversion:4.7

Trust: 0.2

vendor:dk standard ethernet controllermodel: - scope:eqversion:*

Trust: 0.2

vendor:sinamics g150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics gh150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics gl150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics gm150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics s110model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics s120model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics s120model: - scope:eqversion:4.7

Trust: 0.2

vendor:sinamics s150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics sl150model: - scope:eqversion:*

Trust: 0.2

vendor:sinamics sm120model: - scope:eqversion:*

Trust: 0.2

vendor:sinumerik 828dmodel: - scope:eqversion:*

Trust: 0.2

vendor:ek ertec 200model: - scope:eqversion:*

Trust: 0.2

vendor:ek ertec 200model: - scope:eqversion:4.5.0

Trust: 0.2

vendor:sinumerik 840d slmodel: - scope:eqversion:*

Trust: 0.2

vendor:ek ertec 200pmodel: - scope:eqversion:*

Trust: 0.2

vendor:scalance x 200irtmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic et 200mmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic et 200smodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic et 200ecopnmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // CNVD: CNVD-2019-41280 // JVNDB: JVNDB-2019-010610 // NVD: CVE-2019-10923

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-10923
value: HIGH

Trust: 1.0

productcert@siemens.com: CVE-2019-10923
value: HIGH

Trust: 1.0

NVD: CVE-2019-10923
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-41280
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201910-565
value: HIGH

Trust: 0.6

IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5
value: HIGH

Trust: 0.2

VULHUB: VHN-142518
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-10923
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-41280
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-142518
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-10923
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2019-10923
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // CNVD: CNVD-2019-41280 // VULHUB: VHN-142518 // JVNDB: JVNDB-2019-010610 // CNNVD: CNNVD-201910-565 // NVD: CVE-2019-10923 // NVD: CVE-2019-10923

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-142518 // JVNDB: JVNDB-2019-010610 // NVD: CVE-2019-10923

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201910-565

TYPE

Resource management error

Trust: 0.8

sources: IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // CNNVD: CNNVD-201910-565

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010610

PATCH

title:SSA-349422url:https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf

Trust: 0.8

title:Patch for Multiple Siemens Product Denial of Service Vulnerabilities (CNVD-2019-41280)url:https://www.cnvd.org.cn/patchInfo/show/184335

Trust: 0.6

sources: CNVD: CNVD-2019-41280 // JVNDB: JVNDB-2019-010610

EXTERNAL IDS

db:NVDid:CVE-2019-10923

Trust: 3.3

db:SIEMENSid:SSA-349422

Trust: 2.3

db:ICS CERTid:ICSA-19-283-01

Trust: 1.4

db:CNNVDid:CNNVD-201910-565

Trust: 0.9

db:CNVDid:CNVD-2019-41280

Trust: 0.8

db:JVNDBid:JVNDB-2019-010610

Trust: 0.8

db:AUSCERTid:ESB-2019.3812

Trust: 0.6

db:AUSCERTid:ESB-2019.3812.2

Trust: 0.6

db:IVDid:B7DE1C6D-2642-4DF7-860F-BFE6735515F5

Trust: 0.2

db:VULHUBid:VHN-142518

Trust: 0.1

sources: IVD: b7de1c6d-2642-4df7-860f-bfe6735515f5 // CNVD: CNVD-2019-41280 // VULHUB: VHN-142518 // JVNDB: JVNDB-2019-010610 // CNNVD: CNNVD-201910-565 // NVD: CVE-2019-10923

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf

Trust: 2.3

url:https://www.us-cert.gov/ics/advisories/icsa-19-283-01

Trust: 1.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-10923

Trust: 1.4

url:https://cert-portal.siemens.com/productcert/html/ssa-349422.html

Trust: 1.0

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10923

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2019.3812/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3812.2/

Trust: 0.6

url:https://vigilance.fr/vulnerability/simatic-denial-of-service-via-irt-30559

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-19-283-01

Trust: 0.6

sources: CNVD: CNVD-2019-41280 // VULHUB: VHN-142518 // JVNDB: JVNDB-2019-010610 // CNNVD: CNNVD-201910-565 // NVD: CVE-2019-10923

CREDITS

Siemens reported this vulnerability to CISA. Artem Zinenko of Kaspersky reported to Siemens that SIPLUS is also affected.

Trust: 0.6

sources: CNNVD: CNNVD-201910-565

SOURCES

db:IVDid:b7de1c6d-2642-4df7-860f-bfe6735515f5
db:CNVDid:CNVD-2019-41280
db:VULHUBid:VHN-142518
db:JVNDBid:JVNDB-2019-010610
db:CNNVDid:CNNVD-201910-565
db:NVDid:CVE-2019-10923

LAST UPDATE DATE

2024-09-10T23:02:09.491000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-41280date:2019-11-19T00:00:00
db:VULHUBid:VHN-142518date:2023-01-10T00:00:00
db:JVNDBid:JVNDB-2019-010610date:2019-10-17T00:00:00
db:CNNVDid:CNNVD-201910-565date:2023-05-10T00:00:00
db:NVDid:CVE-2019-10923date:2024-09-10T10:15:03.397

SOURCES RELEASE DATE

db:IVDid:b7de1c6d-2642-4df7-860f-bfe6735515f5date:2019-11-19T00:00:00
db:CNVDid:CNVD-2019-41280date:2019-10-11T00:00:00
db:VULHUBid:VHN-142518date:2019-10-10T00:00:00
db:JVNDBid:JVNDB-2019-010610date:2019-10-17T00:00:00
db:CNNVDid:CNNVD-201910-565date:2019-10-09T00:00:00
db:NVDid:CVE-2019-10923date:2019-10-10T14:15:14.503