ID

VAR-202001-1848


CVE

CVE-2019-13939


TITLE

Input validation vulnerabilities in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2019-014365

DESCRIPTION

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. Several Siemens products contain input validation vulnerabilities.Information is falsified and denial of service (DoS) May be in a state. Nucleus RTOS provides a highly scalable, microkernel-based, real-time operating system designed for scalability and reliability in systems spanning aerospace, industrial, and medical applications. The Siemens Mentor Nucleus Networking Module has a security vulnerability. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack

Trust: 2.43

sources: NVD: CVE-2019-13939 // JVNDB: JVNDB-2019-014365 // CNVD: CNVD-2019-40512 // IVD: 40768cf9-1948-4815-8773-a73bf2de3c14 // VULMON: CVE-2019-13939

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 40768cf9-1948-4815-8773-a73bf2de3c14 // CNVD: CNVD-2019-40512

AFFECTED PRODUCTS

vendor:siemensmodel:nucleus source codescope:eqversion:*

Trust: 1.2

vendor:siemensmodel:nucleus safetycertscope:eqversion:*

Trust: 1.2

vendor:siemensmodel:nucleus rtosscope:eqversion:*

Trust: 1.2

vendor:siemensmodel:nucleus netscope:eqversion:*

Trust: 1.2

vendor:siemensmodel:desigo pxc001-e.dscope:ltversion:6.00.327

Trust: 1.0

vendor:siemensmodel:desigo pxc12-e.dscope:ltversion:6.00.327

Trust: 1.0

vendor:siemensmodel:talon tcscope:gteversion:3.0

Trust: 1.0

vendor:siemensmodel:apogee modular equiment controllerscope:ltversion:2.8.2

Trust: 1.0

vendor:siemensmodel:desigopxc128-uscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:desigo pxc00-uscope:ltversion:6.00.327

Trust: 1.0

vendor:siemensmodel:desigo pxc12-e.dscope:gteversion:2.3.0

Trust: 1.0

vendor:siemensmodel:desigo pxc00-e.dscope:ltversion:6.00.327

Trust: 1.0

vendor:siemensmodel:desigo pxc001-e.dscope:gteversion:2.3.0

Trust: 1.0

vendor:siemensmodel:desigopxc100-e.dscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:desigo pxc22.1-e.dscope:ltversion:6.00.327

Trust: 1.0

vendor:siemensmodel:capital vstarscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:desigopxm20-escope:eqversion: -

Trust: 1.0

vendor:siemensmodel:desigo pxc00-e.dscope:gteversion:2.3.0

Trust: 1.0

vendor:siemensmodel:desigo pxc00-uscope:gteversion:2.3.0

Trust: 1.0

vendor:siemensmodel:desigo pxc22-e.dscope:ltversion:6.00.327

Trust: 1.0

vendor:siemensmodel:apogee modular building controllerscope:ltversion:2.8.2

Trust: 1.0

vendor:siemensmodel:nucleus readystartscope:ltversion:2017.02.2

Trust: 1.0

vendor:siemensmodel:desigo pxcscope:gteversion:2.3

Trust: 1.0

vendor:siemensmodel:desigopxc64-uscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:desigo pxc22-e.dscope:gteversion:2.3.0

Trust: 1.0

vendor:siemensmodel:desigopxc50-e.dscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:desigopxc200-e.dscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:desigo pxm20scope:gteversion:2.3

Trust: 1.0

vendor:siemensmodel:desigo pxc36.1-e.dscope:ltversion:6.00.327

Trust: 1.0

vendor:siemensmodel:desigo pxc22.1-e.dscope:gteversion:2.3.0

Trust: 1.0

vendor:siemensmodel:apogee pxcscope:lteversion:2.8.2

Trust: 1.0

vendor:siemensmodel:simotics connect 400scope:lteversion:0.3.0.95

Trust: 1.0

vendor:siemensmodel:desigo pxc36.1-e.dscope:gteversion:2.3.0

Trust: 1.0

vendor:シーメンスmodel:nucleus netscope:eqversion: -

Trust: 0.8

vendor:シーメンスmodel:nucleus readystartscope:eqversion: -

Trust: 0.8

vendor:シーメンスmodel:nucleus safetycertscope:eqversion: -

Trust: 0.8

vendor:シーメンスmodel:nucleus source codescope:eqversion: -

Trust: 0.8

vendor:シーメンスmodel:vstarscope:eqversion: -

Trust: 0.8

vendor:シーメンスmodel:nucleus rtosscope:eqversion: -

Trust: 0.8

vendor:siemensmodel:nucleus netscope: - version: -

Trust: 0.6

vendor:siemensmodel:nucleus rtosscope: - version: -

Trust: 0.6

vendor:siemensmodel:nucleus readystart for arm,mips,and ppc v2017.02.2scope:ltversion: -

Trust: 0.6

vendor:siemensmodel:nucleus safetycertscope: - version: -

Trust: 0.6

vendor:siemensmodel:nucleus source codescope: - version: -

Trust: 0.6

vendor:siemensmodel:vstarscope: - version: -

Trust: 0.6

vendor:siemensmodel:vstarscope:eqversion:*

Trust: 0.2

vendor:siemensmodel:nucleus readystart for arm mips and ppc nucleus2017.02.02 nucleus net patchscope:ltversion:v2017.02.2()

Trust: 0.2

sources: IVD: 40768cf9-1948-4815-8773-a73bf2de3c14 // CNVD: CNVD-2019-40512 // JVNDB: JVNDB-2019-014365 // NVD: CVE-2019-13939

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-13939
value: HIGH

Trust: 1.0

productcert@siemens.com: CVE-2019-13939
value: HIGH

Trust: 1.0

NVD: CVE-2019-13939
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-40512
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201911-1004
value: HIGH

Trust: 0.6

IVD: 40768cf9-1948-4815-8773-a73bf2de3c14
value: HIGH

Trust: 0.2

VULMON: CVE-2019-13939
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-13939
severity: MEDIUM
baseScore: 4.8
vectorString: AV:A/AC:L/AU:N/C:N/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2019-40512
severity: MEDIUM
baseScore: 6.8
vectorString: AV:A/AC:L/AU:N/C:N/I:P/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 40768cf9-1948-4815-8773-a73bf2de3c14
severity: MEDIUM
baseScore: 6.8
vectorString: AV:A/AC:L/AU:N/C:N/I:P/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2019-13939
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 4.2
version: 3.1

Trust: 2.0

NVD: CVE-2019-13939
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 40768cf9-1948-4815-8773-a73bf2de3c14 // CNVD: CNVD-2019-40512 // VULMON: CVE-2019-13939 // JVNDB: JVNDB-2019-014365 // CNNVD: CNNVD-201911-1004 // NVD: CVE-2019-13939 // NVD: CVE-2019-13939

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Incorrect input confirmation (CWE-20) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2019-014365 // NVD: CVE-2019-13939

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201911-1004

TYPE

Input validation error

Trust: 0.8

sources: IVD: 40768cf9-1948-4815-8773-a73bf2de3c14 // CNNVD: CNNVD-201911-1004

PATCH

title:SSA-434032url:https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf

Trust: 0.8

title:Patch for Unknown vulnerability in Siemens Mentor Nucleus Networking Moduleurl:https://www.cnvd.org.cn/patchInfo/show/189921

Trust: 0.6

title:Siemens Mentor Nucleus Multiple module input verification error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=102969

Trust: 0.6

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1d3485226953a78b85a97370300ecdef

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ac20b09bb530d9b8d4b71cc160e36049

Trust: 0.1

sources: CNVD: CNVD-2019-40512 // VULMON: CVE-2019-13939 // JVNDB: JVNDB-2019-014365 // CNNVD: CNNVD-201911-1004

EXTERNAL IDS

db:NVDid:CVE-2019-13939

Trust: 3.3

db:SIEMENSid:SSA-434032

Trust: 2.3

db:SIEMENSid:SSA-162506

Trust: 1.7

db:ICS CERTid:ICSA-20-105-06

Trust: 1.7

db:CNVDid:CNVD-2019-40512

Trust: 0.8

db:CNNVDid:CNNVD-201911-1004

Trust: 0.8

db:JVNDBid:JVNDB-2019-014365

Trust: 0.8

db:AUSCERTid:ESB-2019.4317

Trust: 0.6

db:AUSCERTid:ESB-2020.1316

Trust: 0.6

db:ICS CERTid:ICSA-19-318-01

Trust: 0.6

db:IVDid:40768CF9-1948-4815-8773-A73BF2DE3C14

Trust: 0.2

db:VULMONid:CVE-2019-13939

Trust: 0.1

sources: IVD: 40768cf9-1948-4815-8773-a73bf2de3c14 // CNVD: CNVD-2019-40512 // VULMON: CVE-2019-13939 // JVNDB: JVNDB-2019-014365 // CNNVD: CNNVD-201911-1004 // NVD: CVE-2019-13939

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf

Trust: 2.3

url:https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06

Trust: 2.3

url:https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-13939

Trust: 1.4

url:https://www.us-cert.gov/ics/advisories/icsa-20-105-06

Trust: 1.2

url:https://cert-portal.siemens.com/productcert/html/ssa-162506.html

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-434032.html

Trust: 1.0

url:https://www.auscert.org.au/bulletins/esb-2020.1316/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4317/

Trust: 0.6

url:https://www.us-cert.gov/ics/advisories/icsa-19-318-01

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-20-105-06

Trust: 0.1

sources: CNVD: CNVD-2019-40512 // VULMON: CVE-2019-13939 // JVNDB: JVNDB-2019-014365 // CNNVD: CNNVD-201911-1004 // NVD: CVE-2019-13939

CREDITS

Siemens reported this vulnerability to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-201911-1004

SOURCES

db:IVDid:40768cf9-1948-4815-8773-a73bf2de3c14
db:CNVDid:CNVD-2019-40512
db:VULMONid:CVE-2019-13939
db:JVNDBid:JVNDB-2019-014365
db:CNNVDid:CNNVD-201911-1004
db:NVDid:CVE-2019-13939

LAST UPDATE DATE

2024-08-14T15:07:21.886000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-40512date:2019-11-14T00:00:00
db:VULMONid:CVE-2019-13939date:2022-04-12T00:00:00
db:JVNDBid:JVNDB-2019-014365date:2020-02-12T00:00:00
db:CNNVDid:CNNVD-201911-1004date:2022-05-23T00:00:00
db:NVDid:CVE-2019-13939date:2024-02-13T09:15:42.770

SOURCES RELEASE DATE

db:IVDid:40768cf9-1948-4815-8773-a73bf2de3c14date:2019-11-14T00:00:00
db:CNVDid:CNVD-2019-40512date:2019-11-14T00:00:00
db:VULMONid:CVE-2019-13939date:2020-01-16T00:00:00
db:JVNDBid:JVNDB-2019-014365date:2020-02-12T00:00:00
db:CNNVDid:CNNVD-201911-1004date:2019-11-14T00:00:00
db:NVDid:CVE-2019-13939date:2020-01-16T16:15:16.277