ID
VAR-202001-1848
CVE
CVE-2019-13939
TITLE
Input validation vulnerabilities in multiple Siemens products
Trust: 0.8
DESCRIPTION
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. Several Siemens products contain input validation vulnerabilities.Information is falsified and denial of service (DoS) May be in a state. Nucleus RTOS provides a highly scalable, microkernel-based, real-time operating system designed for scalability and reliability in systems spanning aerospace, industrial, and medical applications. The Siemens Mentor Nucleus Networking Module has a security vulnerability. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack
Trust: 2.43
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.8 |
AFFECTED PRODUCTS
| vendor: | siemens | model: | nucleus source code | scope: | eq | version: | * | Trust: 1.2 |
| vendor: | siemens | model: | nucleus safetycert | scope: | eq | version: | * | Trust: 1.2 |
| vendor: | siemens | model: | nucleus rtos | scope: | eq | version: | * | Trust: 1.2 |
| vendor: | siemens | model: | nucleus net | scope: | eq | version: | * | Trust: 1.2 |
| vendor: | siemens | model: | desigo pxc001-e.d | scope: | lt | version: | 6.00.327 | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc12-e.d | scope: | lt | version: | 6.00.327 | Trust: 1.0 |
| vendor: | siemens | model: | talon tc | scope: | gte | version: | 3.0 | Trust: 1.0 |
| vendor: | siemens | model: | apogee modular equiment controller | scope: | lt | version: | 2.8.2 | Trust: 1.0 |
| vendor: | siemens | model: | desigopxc128-u | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc00-u | scope: | lt | version: | 6.00.327 | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc12-e.d | scope: | gte | version: | 2.3.0 | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc00-e.d | scope: | lt | version: | 6.00.327 | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc001-e.d | scope: | gte | version: | 2.3.0 | Trust: 1.0 |
| vendor: | siemens | model: | desigopxc100-e.d | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc22.1-e.d | scope: | lt | version: | 6.00.327 | Trust: 1.0 |
| vendor: | siemens | model: | capital vstar | scope: | eq | version: | * | Trust: 1.0 |
| vendor: | siemens | model: | desigopxm20-e | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc00-e.d | scope: | gte | version: | 2.3.0 | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc00-u | scope: | gte | version: | 2.3.0 | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc22-e.d | scope: | lt | version: | 6.00.327 | Trust: 1.0 |
| vendor: | siemens | model: | apogee modular building controller | scope: | lt | version: | 2.8.2 | Trust: 1.0 |
| vendor: | siemens | model: | nucleus readystart | scope: | lt | version: | 2017.02.2 | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc | scope: | gte | version: | 2.3 | Trust: 1.0 |
| vendor: | siemens | model: | desigopxc64-u | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc22-e.d | scope: | gte | version: | 2.3.0 | Trust: 1.0 |
| vendor: | siemens | model: | desigopxc50-e.d | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | siemens | model: | desigopxc200-e.d | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxm20 | scope: | gte | version: | 2.3 | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc36.1-e.d | scope: | lt | version: | 6.00.327 | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc22.1-e.d | scope: | gte | version: | 2.3.0 | Trust: 1.0 |
| vendor: | siemens | model: | apogee pxc | scope: | lte | version: | 2.8.2 | Trust: 1.0 |
| vendor: | siemens | model: | simotics connect 400 | scope: | lte | version: | 0.3.0.95 | Trust: 1.0 |
| vendor: | siemens | model: | desigo pxc36.1-e.d | scope: | gte | version: | 2.3.0 | Trust: 1.0 |
| vendor: | シーメンス | model: | nucleus net | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | シーメンス | model: | nucleus readystart | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | シーメンス | model: | nucleus safetycert | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | シーメンス | model: | nucleus source code | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | シーメンス | model: | vstar | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | シーメンス | model: | nucleus rtos | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | siemens | model: | nucleus net | scope: | - | version: | - | Trust: 0.6 |
| vendor: | siemens | model: | nucleus rtos | scope: | - | version: | - | Trust: 0.6 |
| vendor: | siemens | model: | nucleus readystart for arm,mips,and ppc v2017.02.2 | scope: | lt | version: | - | Trust: 0.6 |
| vendor: | siemens | model: | nucleus safetycert | scope: | - | version: | - | Trust: 0.6 |
| vendor: | siemens | model: | nucleus source code | scope: | - | version: | - | Trust: 0.6 |
| vendor: | siemens | model: | vstar | scope: | - | version: | - | Trust: 0.6 |
| vendor: | siemens | model: | vstar | scope: | eq | version: | * | Trust: 0.2 |
| vendor: | siemens | model: | nucleus readystart for arm mips and ppc nucleus2017.02.02 nucleus net patch | scope: | lt | version: | v2017.02.2() | Trust: 0.2 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.0 |
| problemtype: | NVD-CWE-noinfo | Trust: 1.0 |
| problemtype: | Incorrect input confirmation (CWE-20) [NVD Evaluation ] | Trust: 0.8 |
THREAT TYPE
remote or local
Trust: 0.6
TYPE
Input validation error
Trust: 0.8
PATCH
| title: | SSA-434032 | url: | https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf | Trust: 0.8 |
| title: | Patch for Unknown vulnerability in Siemens Mentor Nucleus Networking Module | url: | https://www.cnvd.org.cn/patchInfo/show/189921 | Trust: 0.6 |
| title: | Siemens Mentor Nucleus Multiple module input verification error vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=102969 | Trust: 0.6 |
| title: | Siemens Security Advisories: Siemens Security Advisory | url: | https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1d3485226953a78b85a97370300ecdef | Trust: 0.1 |
| title: | Siemens Security Advisories: Siemens Security Advisory | url: | https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ac20b09bb530d9b8d4b71cc160e36049 | Trust: 0.1 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-13939 | Trust: 3.3 |
| db: | SIEMENS | id: | SSA-434032 | Trust: 2.3 |
| db: | SIEMENS | id: | SSA-162506 | Trust: 1.7 |
| db: | ICS CERT | id: | ICSA-20-105-06 | Trust: 1.7 |
| db: | CNVD | id: | CNVD-2019-40512 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201911-1004 | Trust: 0.8 |
| db: | JVNDB | id: | JVNDB-2019-014365 | Trust: 0.8 |
| db: | AUSCERT | id: | ESB-2019.4317 | Trust: 0.6 |
| db: | AUSCERT | id: | ESB-2020.1316 | Trust: 0.6 |
| db: | ICS CERT | id: | ICSA-19-318-01 | Trust: 0.6 |
| db: | IVD | id: | 40768CF9-1948-4815-8773-A73BF2DE3C14 | Trust: 0.2 |
| db: | VULMON | id: | CVE-2019-13939 | Trust: 0.1 |
REFERENCES
| url: | https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf | Trust: 2.3 |
| url: | https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06 | Trust: 2.3 |
| url: | https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-13939 | Trust: 1.4 |
| url: | https://www.us-cert.gov/ics/advisories/icsa-20-105-06 | Trust: 1.2 |
| url: | https://cert-portal.siemens.com/productcert/html/ssa-162506.html | Trust: 1.0 |
| url: | https://cert-portal.siemens.com/productcert/html/ssa-434032.html | Trust: 1.0 |
| url: | https://www.auscert.org.au/bulletins/esb-2020.1316/ | Trust: 0.6 |
| url: | https://www.auscert.org.au/bulletins/esb-2019.4317/ | Trust: 0.6 |
| url: | https://www.us-cert.gov/ics/advisories/icsa-19-318-01 | Trust: 0.6 |
| url: | https://cwe.mitre.org/data/definitions/.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
| url: | https://www.cisa.gov/uscert/ics/advisories/icsa-20-105-06 | Trust: 0.1 |
CREDITS
Siemens reported this vulnerability to CISA.
Trust: 0.6
SOURCES
| db: | IVD | id: | 40768cf9-1948-4815-8773-a73bf2de3c14 |
| db: | CNVD | id: | CNVD-2019-40512 |
| db: | VULMON | id: | CVE-2019-13939 |
| db: | JVNDB | id: | JVNDB-2019-014365 |
| db: | CNNVD | id: | CNNVD-201911-1004 |
| db: | NVD | id: | CVE-2019-13939 |
LAST UPDATE DATE
2024-08-14T15:07:21.886000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2019-40512 | date: | 2019-11-14T00:00:00 |
| db: | VULMON | id: | CVE-2019-13939 | date: | 2022-04-12T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-014365 | date: | 2020-02-12T00:00:00 |
| db: | CNNVD | id: | CNNVD-201911-1004 | date: | 2022-05-23T00:00:00 |
| db: | NVD | id: | CVE-2019-13939 | date: | 2024-02-13T09:15:42.770 |
SOURCES RELEASE DATE
| db: | IVD | id: | 40768cf9-1948-4815-8773-a73bf2de3c14 | date: | 2019-11-14T00:00:00 |
| db: | CNVD | id: | CNVD-2019-40512 | date: | 2019-11-14T00:00:00 |
| db: | VULMON | id: | CVE-2019-13939 | date: | 2020-01-16T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-014365 | date: | 2020-02-12T00:00:00 |
| db: | CNNVD | id: | CNNVD-201911-1004 | date: | 2019-11-14T00:00:00 |
| db: | NVD | id: | CVE-2019-13939 | date: | 2020-01-16T16:15:16.277 |