Siemens Dk Uncontrolled Resource Consumption

high Tenable.ot Plugin ID 500356
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All Versions < V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All Versions < V4.6), PROFINET Driver for Controller (All Versions < V2.1), RUGGEDCOM RM1224 (All versions < V4.3), SCALANCE M-800 / S615 (All versions < V4.3), SCALANCE W700 IEEE 802.11n (All versions <= V6.0.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All Versions < V5.3), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions), SCALANCE XB-200, XC-200, XP-200, XF-200BA and XR-300WG (All Versions < V3.0), SCALANCE XM-400 switch family (All Versions < V6.0), SCALANCE XR-500 switch family (All Versions < V6.0), SIMATIC CP 1616 and CP 1604 (All Versions < V2.8), SIMATIC CP 343-1 (incl. SIPLUS NET variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 LEAN (incl. SIPLUS NET variants) (All versions), SIMATIC CP 443-1 (incl. SIPLUS NET variants) (All versions), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variants) (All versions), SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET200AL IM 157-1 PN (All versions), SIMATIC ET200M IM153-4 PN IO HF (incl. SIPLUS variants) (All versions), SIMATIC ET200M IM153-4 PN IO ST (incl. SIPLUS variants) (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All Versions < V4.2.0), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants) (All Versions < V4.1.0), SIMATIC ET200S (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN Basic (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All Versions < V3.3.1), SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants) (All Versions < V4.1.0), SIMATIC ET200ecoPN (except 6ES7148-6JD00-0AB0 and 6ES7146-6FF00-0AB0) (All versions), SIMATIC ET200pro, IM 154-3 PN HF (All versions), SIMATIC ET200pro, IM 154-4 PN HF (All versions), SIMATIC IPC Support, Package for VxWorks (All versions), SIMATIC MV400 family (All versions), SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant) (All Versions), SIMATIC RF180C (All versions), SIMATIC RF182C (All versions), SIMATIC RF600 family (All versions < V3), SINAMICS DCP (All Versions < V1.3), SOFTNET-IE PNIO (All versions). Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.

Solution

Refer to vendor advisory for Security Updates

See Also

https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf

https://www.us-cert.gov/ics/advisories/icsa-20-042-04

Plugin Details

Severity: High

ID: 500356

Version: 1.0

Type: local

Family: SCADA

Published: 5/27/2020

Updated: 5/27/2020

Risk Information

CVSS Score Source: CVE-2019-13946

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: cpe:2.3:a:siemens:dk_standard_ethernet_controller:*:*:*:*:*:*:*:*, cpe:2.3:a:siemens:profinet_driver:*:*:*:*:*:*:*:*, cpe:2.3:a:siemens:simatic_ipc_support:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:ek-ertec_200_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:ek-ertec_200:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:ek-ertec_200p_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:ek-ertec_200p:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xf-200_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xf-200:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_x-200irt_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_x-200irt:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_x-200irt_pro_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_x-200irt_pro:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_x-300_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_x-300:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xr-300_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xr-300:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_x-400_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_x-400:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xr524_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xr524:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xr526_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xr526:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xr528_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xr528:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:scalance_xr552_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:scalance_xr552:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_cp_1616_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_cp_1604_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_cp_343-1_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_cp_343-1:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_cp_343-1_advanced_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_cp_343-1_advanced:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_cp_343-1_erpc_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_cp_343-1_erpc:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_cp_343-1_lean:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_cp_443-1_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_cp_443-1_advanced:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_cp_443-1_opc_ua_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_cp_443-1_opc_ua:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200al_im_157-1_pn_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200al_im_157-1_pn:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200m_im153-4_pn_io_hf_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200m_im153-4_pn_io_hf:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200m_im153-4_pn_io_st_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200m_im153-4_pn_io_st:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200mp_im155-5_pn_hf_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200mp_im155-5_pn_hf:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200mp_im155-5_pn_st_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200mp_im155-5_pn_st:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200s_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200s:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200sp_im155-6_pn_basic_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200sp_im155-6_pn_basic:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200sp_im155-6_pn_hf_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200sp_im155-6_pn_hf:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200sp_im155-6_pn_st_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200sp_im155-6_pn_st:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200ecopn_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200ecopn:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_et200pro_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_et200pro:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:im_154-3_pn_hf_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:im_154-3_pn_hf:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:im_154-4_pn_hf_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:im_154-4_pn_hf:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_mv440_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_mv440:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_mv420_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_mv420:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_pn\/pn_coupler_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_pn\/pn_coupler:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_rf180c_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_rf180c:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_rf182c_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:simatic_rf600_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:simatic_rf600:-:*:*:*:*:*:*:*, cpe:2.3:o:siemens:sinamics_dcp_firmware:*:*:*:*:*:*:*:*, cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:*

Patch Publication Date: 2/11/2020

Vulnerability Publication Date: 2/11/2020

Reference Information

CVE: CVE-2019-13946