Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-4531

Summary
Assigner-certcc
Assigner Org ID-37e5125f-f79b-445b-8fad-9564f167944b
Published At-08 Jan, 2012 | 20:00
Updated At-17 Sep, 2024 | 02:36
Rejected At-
Credits

Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:certcc
Assigner Org ID:37e5125f-f79b-445b-8fad-9564f167944b
Published At:08 Jan, 2012 | 20:00
Updated At:17 Sep, 2024 | 02:36
Rejected At:
▼CVE Numbering Authority (CNA)

Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://support.automation.siemens.com/WW/view/en/114358
x_refsource_CONFIRM
http://aluigi.altervista.org/adv/almsrvx_1-adv.txt
x_refsource_MISC
http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content
x_refsource_CONFIRM
http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf
x_refsource_MISC
Hyperlink: http://support.automation.siemens.com/WW/view/en/114358
Resource:
x_refsource_CONFIRM
Hyperlink: http://aluigi.altervista.org/adv/almsrvx_1-adv.txt
Resource:
x_refsource_MISC
Hyperlink: http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://support.automation.siemens.com/WW/view/en/114358
x_refsource_CONFIRM
x_transferred
http://aluigi.altervista.org/adv/almsrvx_1-adv.txt
x_refsource_MISC
x_transferred
http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content
x_refsource_CONFIRM
x_transferred
http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf
x_refsource_MISC
x_transferred
Hyperlink: http://support.automation.siemens.com/WW/view/en/114358
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://aluigi.altervista.org/adv/almsrvx_1-adv.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cret@cert.org
Published At:08 Jan, 2012 | 20:55
Updated At:29 Apr, 2026 | 01:13

Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Siemens AG
siemens
>>automation_license_manager>>Versions up to 5.1(inclusive)
cpe:2.3:a:siemens:automation_license_manager:*:sp1:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://aluigi.altervista.org/adv/almsrvx_1-adv.txtcret@cert.org
Exploit
http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=contentcret@cert.org
Vendor Advisory
http://support.automation.siemens.com/WW/view/en/114358cret@cert.org
N/A
http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdfcret@cert.org
US Government Resource
http://aluigi.altervista.org/adv/almsrvx_1-adv.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=contentaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://support.automation.siemens.com/WW/view/en/114358af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdfaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
Hyperlink: http://aluigi.altervista.org/adv/almsrvx_1-adv.txt
Source: cret@cert.org
Resource:
Exploit
Hyperlink: http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content
Source: cret@cert.org
Resource:
Vendor Advisory
Hyperlink: http://support.automation.siemens.com/WW/view/en/114358
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf
Source: cret@cert.org
Resource:
US Government Resource
Hyperlink: http://aluigi.altervista.org/adv/almsrvx_1-adv.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://support.automation.siemens.com/WW/view/en/114358
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

1331Records found
CVE-2019-19880
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.44% / 92.37%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:07
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

Action-Not Available
Vendor-sqliten/aDebian GNU/LinuxNetApp, Inc.Siemens AGRed Hat, Inc.openSUSEOracle CorporationSUSE
Product-enterprise_linux_serversinec_infrastructure_network_servicesdebian_linuxcloud_backupsqlitelinux_enterpriseenterprise_linux_workstationpackage_hubbackports_sleenterprise_linux_desktopmysql_workbenchleapn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-20840
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.03% / 83.88%
||
7 Day CHG~0.00%
Published-17 Jun, 2020 | 15:11
Updated-05 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.

Action-Not Available
Vendor-libvnc_projectn/aDebian GNU/LinuxSiemens AGCanonical Ltd.openSUSE
Product-ubuntu_linuxsimatic_itc1500_prosimatic_itc1900simatic_itc2200_pro_firmwaresimatic_itc2200simatic_itc1500_pro_firmwaredebian_linuxsimatic_itc1500simatic_itc1900_firmwaresimatic_itc1900_pro_firmwaresimatic_itc1500_firmwaresimatic_itc2200_firmwaresimatic_itc2200_prolibvncserversimatic_itc1900_proleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-19925
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-7.01% / 91.52%
||
7 Day CHG~0.00%
Published-24 Dec, 2019 | 16:03
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.

Action-Not Available
Vendor-sqliten/aDebian GNU/LinuxNetApp, Inc.Siemens AGRed Hat, Inc.openSUSEOracle CorporationSUSE
Product-sinec_infrastructure_network_servicesenterprise_linux_serverdebian_linuxcloud_backupsqliteenterprise_linux_workstationlinux_enterprisepackage_hubbackports_sleenterprise_linux_desktopmysql_workbenchleapn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-19926
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.34% / 92.31%
||
7 Day CHG~0.00%
Published-23 Dec, 2019 | 00:53
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.

Action-Not Available
Vendor-sqliten/aDebian GNU/LinuxNetApp, Inc.Siemens AGRed Hat, Inc.openSUSEOracle CorporationSUSE
Product-sinec_infrastructure_network_servicesenterprise_linux_serverdebian_linuxcloud_backupsqliteenterprise_linux_workstationlinux_enterprisepackage_hubbackports_sleenterprise_linux_desktopmysql_workbenchleapn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-19276
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.16% / 35.88%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 4). Specially crafted packets sent to port 161/udp can cause the SNMP service of affected devices to crash. A manual restart of the device is required to resume operation of the service.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_ktp_mobile_panels_firmwaresimatic_hmi_comfort_panels_firmwaresimatic_hmi_ktp_mobile_panelssimatic_hmi_comfort_panelsSIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants)SIMATIC HMI KTP Mobile Panels
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-19300
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.54% / 67.54%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 00:00
Updated-08 Jul, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200eco PN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET 200eco PN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0), SIMATIC ET 200eco PN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0), SIMATIC ET 200eco PN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0), SIMATIC ET 200eco PN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0), SIMATIC ET 200eco PN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0), SIMATIC ET 200eco PN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0), SIMATIC ET 200eco PN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0), SIMATIC ET 200eco PN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0), SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0), SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants), SIMATIC ET 200SP IM 155-6 PN HF (6ES7155-6AU00-0CN0), SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0), SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC MICRO-DRIVE PDC, SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET 200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 H V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0), SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0), SINAMICS S/G Control Unit w. PROFINET, SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-2AC0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0), SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL (6AG2155-5AA00-1AC0), SIPLUS ET 200S IM 151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM 151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU00-4CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-2CN0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-7CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU00-1CN0), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0), SIPLUS ET 200SP IM 155-6 PN HF TX RAIL (6AG2155-6AU01-4CN0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.

Action-Not Available
Vendor-Siemens AG
Product-sinamics_s\/g_control_unit_firmwaresimatic_s7-300_cpusimatic_et200sp_im155-6_pn_hfktk_ate530ssimatic_et_200sp_open_controller_cpu_1515sp_pc2sidoor_ate530s_coated_firmwaresimatic_s7-1500_cpu_1517f-3_pn\/dpsimatic_s7-300_cpu_firmwaresimatic_tdc_cp51m1simatic_s7-1500_cpu_1515-2_pn_firmwaresidoor_ate531ssimatic_pn\/pn_coupler_firmwaresimatic_et200sp_im155-6_pn_hf_firmwaresimatic_s7-1500_cpu_1518-4_pn\/dpsimatic_et_200sp_open_controller_cpu_1515sp_pc_firmwaresimatic_pn\/pn_couplersimatic_s7-1500_cpu_1518f-4_pn\/dpsimatic_s7-1500_cpu_1511f-1_pnsimatic_s7-410_cpusimatic_s7-1500_cpu_1518-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1517-3_pn\/dp_firmwaresimatic_winac_rtx_\(f\)_2010simatic_s7-1500_cpu_1515f-2_pn_firmwaresimatic_s7-1500_cpu_1511-1_pnsimatic_s7-1500_cpu_1517-3_pn\/dpsimatic_s7-1500_cpu_1516f-3_pn\/dp_firmwarektk_ate530s_firmwaresimatic_tdc_cpu555simatic_tdc_cpu555_firmwaresimatic_et200mp_im155-5_pn_hfsimatic_tdc_cp51m1_firmwaresimatic_s7-1500_cpu_1513-1_pn_firmwaresimatic_et200sp_im155-6_pn\/2_hf_firmwaresimatic_s7-1500_cpu_1511-1_pn_firmwaresimatic_s7-1500_cpu_1513-1_pnsimatic_et_200sp_open_controller_cpu_1515sp_pcsimatic_et200sp_im155-6_pn\/2_hfsimatic_s7-1500_cpu_1511f-1_pn_firmwaresimatic_s7-1500_cpu_1516f-3_pn\/dpsimatic_s7-410_cpu_firmwaresimatic_s7-1500simatic_et200sp_im155-6_mf_hf_firmwaresidoor_atd430wsimatic_s7-1500_cpu_1516-3_pn\/dp_firmwaresimatic_et200sp_im155-6_pn_hasimatic_s7-1500_cpu_1513f-1_pnsimatic_et_200sp_open_controller_cpu_1515sp_pc2_firmwaresimatic_s7-400_pn\/dpsimatic_et200sp_im155-6_mf_hfsimatic_s7-1500_cpu_1518f-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1515f-2_pnsimatic_s7-1500_cpu_1516-3_pn\/dpsimatic_s7-1500_cpu_1515-2_pnsidoor_ate531s_firmwaresimatic_s7-400_pn\/dp_firmwaresimatic_micro-drive_pdc_firmwaresimatic_micro-drive_pdcsidoor_atd430w_firmwaresimatic_s7-1500_cpu_1513f-1_pn_firmwaresinamics_s\/g_control_unitsimatic_et200sp_im155-6_pn_ha_firmwaresimatic_s7-1500_cpu_1517f-3_pn\/dp_firmwaresimatic_winac_rtx_\(f\)_2010_firmwaresimatic_et200mp_im155-5_pn_hf_firmwaresidoor_ate530s_coatedSIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN HFSIMATIC ET 200S IM 151-8F PN/DP CPUSIMATIC TDC CP51M1SIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200AL IM 157-1 PNSIMATIC ET 200eco PN, DQ 8x24VDC/0,5A, M12-LSIMATIC ET 200MP IM 155-5 PN HFSIMATIC S7-300 CPU 317F-2 PN/DPSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIDOOR ATE531SSIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC ET 200eco PN, DI 8x24VDC, M12-LSIMATIC ET 200pro IM 154-8 PN/DP CPUSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC PN/MF CouplerDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC ET 200eco PN, CM 4x IO-Link, M12-LSIMATIC S7-300 CPU 317T-3 PN/DPSIDOOR ATD430WSIMATIC S7-300 CPU 319F-3 PN/DPSIMATIC WinAC RTX F 2010SIMATIC S7-300 CPU 319-3 PN/DPSIMATIC ET 200eco PN, DQ 8x24VDC/2A, M12-LSIMATIC S7-400 H V6 and below CPU family (incl. SIPLUS variants)SIPLUS ET 200S IM 151-8F PN/DP CPUSIPLUS ET 200SP IM 155-6 PN HFSIMATIC S7-300 CPU 314C-2 PN/DPSIDOOR ATE530S COATEDSIMATIC ET 200SP IM 155-6 MF HFSIMATIC ET 200eco PN, CM 8x IO-Link, M12-LSIPLUS S7-300 CPU 315-2 PN/DPSIPLUS ET 200MP IM 155-5 PN HFKTK ATE530SSIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC ET 200SP IM 155-6 PN/3 HFSIMATIC ET 200eco PN, DIQ 16x24VDC/2A, M12-LSIMATIC ET 200eco PN, DI 16x24VDC, M12-LSIMATIC ET 200pro IM 154-8FX PN/DP CPUSIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)SIMATIC S7-1500 Software ControllerSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIPLUS ET 200S IM 151-8 PN/DP CPUSIMATIC ET 200S IM 151-8 PN/DP CPUSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIMATIC ET 200SP IM 155-6 PN/2 HFSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)SIMATIC ET 200pro IM 154-8F PN/DP CPUSIMATIC ET 200eco PN, AI 8xRTD/TC, M12-LSIMATIC S7-300 CPU 317-2 PN/DPSIMATIC MICRO-DRIVE PDCSIMATIC PN/PN CouplerSIMATIC WinAC RTX 2010SINAMICS S/G Control Unit w. PROFINETSIMATIC S7-300 CPU 315T-3 PN/DPSIMATIC TDC CPU555SIPLUS S7-300 CPU 314C-2 PN/DPSIPLUS NET PN/PN CouplerSIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC S7-1500 CPU family (incl. related ET 200 CPUs and SIPLUS variants)SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-19301
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.54% / 67.54%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 19:50
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALANCE X204IRT PRO, SCALANCE X206-1, SCALANCE X206-1LD, SCALANCE X208, SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204-2, SCALANCE XF204-2BA IRT, SCALANCE XF204IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIMATIC CP 343-1 Advanced, SIMATIC CP 442-1 RNA, SIMATIC CP 443-1, SIMATIC CP 443-1, SIMATIC CP 443-1 Advanced, SIMATIC CP 443-1 RNA, SIMATIC RF180C, SIMATIC RF182C, SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SIPLUS NET SCALANCE X308-2. The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf182csimatic_rf182c_firmwarescalance_xp-200_firmwarescalance_x-200irt_pro_firmwaresimatic_cp_443-1_advanced_firmwarescalance_xc-200_firmwaresimatic_cp_443-1_firmwarescalance_xb-200scalance_xr-300wg_firmwarescalance_xr-300wgscalance_xp-200simatic_rf180cscalance_x-200irt_firmwarescalance_xr-300scalance_x-300scalance_x-200irtscalance_x-200irt_prosimatic_cp_443-1scalance_xb-200_firmwarescalance_xf-200_firmwarescalance_xf-200scalance_xr-300_firmwarescalance_x-300_firmwaresimatic_rf180c_firmwarescalance_xc-200simatic_cp_443-1_advancedSCALANCE XF208SCALANCE XR324-12M TS (24V)SCALANCE XR324-4M EEC (24V, ports on front)SCALANCE X204IRTSCALANCE XR324-12M (230V, ports on rear)SCALANCE X307-2 EEC (2x 24V, coated)SCALANCE XF204-2BA IRTSCALANCE X204-2FMSCALANCE X204-2TSSCALANCE X307-3SCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SCALANCE X204-2LD TSSCALANCE X302-7 EEC (24V, coated)SCALANCE X307-2 EEC (230V, coated)SIMATIC CP 443-1 AdvancedSIMATIC RF180CSCALANCE X224SIPLUS NET SCALANCE X308-2SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SCALANCE X202-2P IRTSCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SIMATIC CP 443-1SCALANCE X206-1LDSCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SIMATIC CP 343-1 AdvancedSCALANCE X208SCALANCE X304-2FESCALANCE X307-2 EEC (230V)SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SCALANCE X302-7 EEC (2x 24V)SCALANCE XF204IRTSCALANCE X307-2 EEC (2x 230V)SCALANCE X208PROSCALANCE X212-2LDSCALANCE X204IRT PROSCALANCE X302-7 EEC (24V)SCALANCE X204-2SCALANCE XF206-1SIMATIC RF182CSCALANCE XR324-4M EEC (2x 24V, ports on rear)SIPLUS NET CP 443-1SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SCALANCE X204-2LDSCALANCE X201-3P IRTSCALANCE X308-2MSCALANCE X308-2M PoESCALANCE X310FESCALANCE X308-2LH+SCALANCE X206-1SCALANCE XF204SIPLUS NET CP 343-1 AdvancedSCALANCE X307-3LDSCALANCE X202-2IRTSCALANCE X308-2LHSCALANCE XF204-2SCALANCE XR324-4M EEC (24V, ports on rear)SIMATIC CP 442-1 RNASCALANCE XR324-4M PoE (24V, ports on front)SIPLUS NET CP 443-1 AdvancedSCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SCALANCE XF201-3P IRTSCALANCE XF202-2P IRTSCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE X202-2P IRT PROSCALANCE X310SCALANCE X307-2 EEC (2x 24V)SCALANCE XR324-12M (24V, ports on front)SCALANCE X212-2SCALANCE X320-1 FESCALANCE X306-1LD FESIMATIC CP 443-1 RNASCALANCE X308-2M TSSCALANCE XR324-4M PoE (230V, ports on front)SCALANCE X216SCALANCE X302-7 EEC (230V, coated)SCALANCE X201-3P IRT PROSCALANCE X302-7 EEC (2x 230V, coated)SCALANCE X200-4P IRTSCALANCE X320-1-2LD FESCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE XR324-12M (230V, ports on front)SCALANCE XR324-4M EEC (2x 24V, ports on front)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-19244
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.31%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 19:32
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.

Action-Not Available
Vendor-sqliten/aOracle CorporationCanonical Ltd.Siemens AG
Product-sinec_infrastructure_network_servicesubuntu_linuxsqlitemysql_workbenchn/a
CVE-2019-18290
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-18307
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, and CVE-2019-18306. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-18303
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-18302
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-18298
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-17007
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.90%
||
7 Day CHG~0.00%
Published-22 Oct, 2020 | 20:28
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.

Action-Not Available
Vendor-Mozilla CorporationSiemens AG
Product-ruggedcom_rox_rx1511ruggedcom_rox_rx1512_firmwareruggedcom_rox_rx1512network_security_servicesruggedcom_rox_mx5000_firmwareruggedcom_rox_rx1511_firmwareruggedcom_rox_rx1510ruggedcom_rox_rx1500_firmwareruggedcom_rox_rx1400ruggedcom_rox_rx1501ruggedcom_rox_rx1500ruggedcom_rox_rx1510_firmwareruggedcom_rox_rx5000ruggedcom_rox_mx5000ruggedcom_rox_rx1400_firmwareruggedcom_rox_rx1501_firmwareruggedcom_rox_rx5000_firmwareNSS
CWE ID-CWE-295
Improper Certificate Validation
CVE-2019-18301
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-18306
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-18300
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-18292
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-18304
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-18305
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-18318
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.48% / 65.38%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server can cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from CVE-2019-18317 and CVE-2019-18319. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_application_serverSPPA-T3000 Application Server
CWE ID-CWE-287
Improper Authentication
CVE-2019-18291
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-18294
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-4953
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-13.62% / 94.28%
||
7 Day CHG-0.75%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationSiemens AGSUSE
Product-tim_4r-iesimatic_net_cp_443-1_opc_ualinux_enterprise_desktoptim_4r-ie_dnp3_firmwaremanagertim_4r-ie_dnp3ntpmanager_proxyleapsolarislinux_enterprise_servertim_4r-ie_firmwaresimatic_net_cp_443-1_opc_ua_firmwareopenstack_cloudopensusen/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-4956
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.40% / 80.51%
||
7 Day CHG+0.30%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationSiemens AGSUSENovell
Product-simatic_net_cp_443-1_opc_ualinux_enterprise_desktopsuse_managerntpmanager_proxyleapsolarislinux_enterprise_serversimatic_net_cp_443-1_opc_ua_firmwareopenstack_cloudopensusen/a
CVE-2019-18317
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.48% / 65.38%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from CVE-2019-18318 and CVE-2019-18319. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_application_serverSPPA-T3000 Application Server
CWE ID-CWE-287
Improper Authentication
CVE-2016-2518
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-3.48% / 87.62%
||
7 Day CHG+1.44%
Published-30 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxRed Hat, Inc.Oracle CorporationNetApp, Inc.FreeBSD FoundationSiemens AG
Product-enterprise_linux_desktoplinuxoncommand_balanceenterprise_linux_server_tusenterprise_linux_workstationclustered_data_ontapenterprise_linux_server_eusdebian_linuxenterprise_linux_servercommunications_user_data_repositoryntpenterprise_linux_server_ausdata_ontaponcommand_unified_manager_for_clustered_data_ontaponcommand_performance_managerfreebsdsimatic_net_cp_443-1_opc_uasimatic_net_cp_443-1_opc_ua_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2015-5219
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.24% / 84.64%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxCanonical Ltd.SUSERed Hat, Inc.Oracle CorporationFedora ProjectopenSUSENovellSiemens AG
Product-enterprise_linux_desktoplinuxenterprise_linux_workstationfedoralinux_enterprise_serverleapenterprise_linux_serverdebian_linuxlinux_enterprise_debuginfotim_4r-ientptim_4r-id_dnp3tim_4r-id_dnp3_firmwareopenstack_cloudmanager_proxyenterprise_linux_hpc_nodetim_4r-ie_firmwareubuntu_linuxmanagern/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2007-1918
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.40% / 80.52%
||
7 Day CHG+0.05%
Published-10 Apr, 2007 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Action-Not Available
Vendor-n/aApple Inc.IBM CorporationSAP SESun Microsystems (Oracle Corporation)Siemens AGLinux Kernel Organization, IncHP Inc.Microsoft Corporation
Product-hp-uxrfc_libraryracfsolarisaixmacosreliant_unixwindows_serveros_400linux_kerneltru64n/a
CVE-2006-3907
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.54% / 85.55%
||
7 Day CHG~0.00%
Published-27 Jul, 2006 | 22:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SpeedStream 2624 allows remote attackers to cause a denial of service (device hang) by sending a crafted packet to the web administrative interface.

Action-Not Available
Vendor-n/aSiemens AG
Product-speedstream_wireless_routern/a
CVE-2021-37735
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.35% / 57.37%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 15:14
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.10 and below; Aruba Instant 8.6.x.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-aruba_instantscalance_w1750d_firmwarescalance_w1750dHPE Aruba Instant (IAP)
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2021-34798
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-10.29% / 93.21%
||
7 Day CHG~0.00%
Published-16 Sep, 2021 | 14:40
Updated-04 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL pointer dereference in httpd core

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.

Action-Not Available
Vendor-NetApp, Inc.Debian GNU/LinuxThe Apache Software FoundationOracle CorporationTenable, Inc.Broadcom Inc.Siemens AGFedora Project
Product-peoplesoft_enterprise_peopletoolscommunications_cloud_native_core_network_function_cloud_native_environmentcloud_backuptenable.scstoragegridsinema_serverruggedcom_nmshttp_serverclustered_data_ontapdebian_linuxsinec_nmssinema_remote_connect_serverinstantis_enterprisetrackfedorazfs_storage_appliance_kitenterprise_manager_base_platformbrocade_fabric_operating_system_firmwareApache HTTP Server
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-13940
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.60% / 69.66%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 15:36
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp. Beyond the web service, no other functions or interfaces are affected by the denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-300_cpu_317-2_pn\/dp_firmwaresimatic_winac_rtx_\(f\)_2010siplus_s7-300_cpu_314siplus_s7-300_cpu_315-2_pn\/dp_firmwares7-1200_cpu_1214fcs7-1200_cpu_1215fc_firmwaresimatic_s7-300_cpu_319-3_pn\/dpsimatic_s7-300_cpu_317-2_dpsiplus_s7-300_cpu_315-2_pn\/dpsimatic_s7-300_cpu_315-2dp_firmwaresiplus_s7-300_cpu_317-2_pn\/dpsiplus_cpu_1214c_firmwares7-1200_cpu_1214c_firmwares7-1200_cpu_1212c_firmwaresimatic_s7-300_cpu_317-2_dp_firmwaresimatic_s7-300_cpu_315-2_pn\/dp_firmwaresimatic_s7-400_pn\/dp_cpu_firmwaresiplus_cpu_1211csiplus_s7-300_cpu_317-2_pn\/dp_firmwaresiplus_s7-300_cpu_315-2_dp_firmwaresimatic_s7-400_pn\/dp_cpus7-1200_cpu_1215csiplus_cpu_1215c_firmwares7-1200_cpu_1211c_firmwaresiplus_cpu_1212c_firmwaresiplus_cpu_1214csimatic_s7-300_cpu_317-2_pn\/dps7-1200_cpu_1212cs7-1200_cpu_1217c_firmwaresiplus_s7-1200simatic_s7-300_cpu_315-2dpsiplus_s7-300_cpu_315-2_dpsiplus_cpu_1211c_firmwaresimatic_s7-300_cpu_315-2_pn\/dpsiplus_cpu_1215cs7-1200_cpu_1212fc_firmwares7-1200_cpu_1212fcsimatic_s7-300_cpu_319-3_pn\/dp_firmwaresiplus_s7-300_cpu_314_firmwares7-1200_cpu_1215fcs7-1200_cpu_1211cs7-1200_cpu_1215c_firmwares7-1200_cpu_1214csiplus_cpu_1212cs7-1200_cpu_1217cs7-1200_cpu_1214fc_firmwaresiplus_s7-1200_firmwareSIMATIC ET 200pro IM154-8F PN/DP CPUSIMATIC S7-300 CPU 317T-3 PN/DPSIMATIC WinAC RTX 2010SIMATIC ET 200S IM151-8 PN/DP CPUSIMATIC ET 200S IM151-8F PN/DP CPUSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC WinAC RTX F 2010SIPLUS ET 200S IM151-8 PN/DP CPUSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317F-2 PN/DPSIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317-2 PN/DPSIMATIC S7-300 CPU 317TF-3 PN/DPSIPLUS ET 200S IM151-8F PN/DP CPUSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM154-8 PN/DP CPUSIMATIC ET 200pro IM154-8FX PN/DP CPUSIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315T-3 PN/DPSIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC S7-300 CPU 319F-3 PN/DPSIPLUS S7-300 CPU 314C-2 PN/DP
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13942
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.20% / 41.90%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). An unauthorized user could exploit a buffer overflow vulnerability in the webserver. Specially crafted packets sent could cause a Denial-of-Service condition and if certain conditions are met, the affected devices must be restarted manually to fully recover. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-en100_ethernet_module_with_firmware_variant_profinet_ioen100_ethernet_module_with_firmware_variant_modbus_tcpen100_ethernet_module_with_firmware_variant_iec_61850en100_ethernet_module_with_firmware_variant_dnp3_tcpen100_ethernet_module_with_firmware_variant_iec104en100_ethernet_moduleEN100 Ethernet module PROFINET IO variantEN100 Ethernet module DNP3 variantEN100 Ethernet module IEC104 variantEN100 Ethernet module Modbus TCP variantEN100 Ethernet module IEC 61850 variant
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-13921
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.25%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 13:49
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions < SP3 Update 1). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large HTTP request is sent to the executing service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the service provided by the software.

Action-Not Available
Vendor-Siemens AG
Product-simatic_winac_rtx_\(f\)_2010SIMATIC WinAC RTX (F) 2010
CWE ID-CWE-410
Insufficient Resource Pool
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13927
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.59% / 69.22%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 13:19
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web server (All firmware versions < V6.00.320). The device contains a vulnerability that could allow an attacker to cause a denial of service condition on the device's web server by sending a specially crafted HTTP message to the web server port (tcp/80). The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device's web service. While the device itself stays operational, the web server responds with HTTP status code 404 (Not found) to any further request. A reboot is required to recover the web interface. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-pxc22.1-e.dpxc22.1-e.d_firmwarepxa40-w2pxc64-upxc100-e.d_firmwarepxa40-w1pxa30-w0_firmwarepxc100-e.dpxc36.1-e.dpxc36-e.d_firmwarepxc00-e.dpxc128-u_firmwarepxc200-e.d_firmwarepxa30-w2pxa30-w1pxc128-upxa40-w1_firmwarepxa40-w0_firmwarepxc64-u_firmwarepxa30-w1_firmwarepxc00-u_firmwarepxc36.1-e.d_firmwarepxc50-e.dpxa40-w2_firmwarepxc200-e.dpxc00-e.d_firmwarepxa30-w2_firmwarepxc50-e.d_firmwarepxa30-w0pxa40-w0pxc36-e.dpxc00-uDesigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web serverDesigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2
CWE ID-CWE-472
External Control of Assumed-Immutable Web Parameter
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2019-13925
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.17% / 37.49%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 15:36
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627-2M (All versions >= V3.0 and < V4.1). Specially crafted packets sent to port 443/tcp of affected devices could cause a Denial-of-Service condition of the web server.

Action-Not Available
Vendor-Siemens AG
Product-scalance_s623scalance_s612_firmwarescalance_s627-2m_firmwarescalance_s602scalance_s627-2mscalance_s602_firmwarescalance_s623_firmwarescalance_s612SCALANCE S627-2MSCALANCE S623SCALANCE S602SCALANCE S612
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-19603
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.65% / 70.77%
||
7 Day CHG~0.00%
Published-09 Dec, 2019 | 18:44
Updated-05 Aug, 2024 | 02:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.

Action-Not Available
Vendor-sqliten/aNetApp, Inc.The Apache Software FoundationOracle CorporationSiemens AG
Product-sinec_infrastructure_network_servicescloud_backupsqliteontap_select_deploy_administration_utilitymysql_workbenchguacamolen/a
CVE-2019-18319
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.48% / 65.38%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from CVE-2019-18317 and CVE-2019-18318. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_application_serverSPPA-T3000 Application Server
CWE ID-CWE-287
Improper Authentication
CVE-2019-18310
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.88%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 7061/tcp. This vulnerability is independent from CVE-2019-18311. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-12258
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-11.64% / 93.70%
||
7 Day CHG~0.00%
Published-09 Aug, 2019 | 20:00
Updated-04 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.

Action-Not Available
Vendor-windriverbeldenn/aNetApp, Inc.Siemens AGSonicWall Inc.
Product-power_meter_9810_firmwarehirschmann_rsp20ruggedcom_win7025_firmwarehirschmann_ees25sonicoshirschmann_grs1030hirschmann_grs1142ruggedcom_win7018_firmwarehirschmann_rspe32hirschmann_grs1130garrettcom_magnum_dx940ehirschmann_rspe35hirschmann_eesx20hirschmann_rspe37ruggedcom_win7018power_meter_9410_firmwarehirschmann_grs1042siprotec_5_firmwareruggedcom_win7000ruggedcom_win7200hirschmann_rsp35garrettcom_magnum_dx940e_firmwaree-series_santricity_os_controllervxworkshirschmann_msp40hirschmann_octopus_os3hirschmann_rsp30hirschmann_dragon_mach4000hirschmann_dragon_mach4500hirschmann_msp32hirschmann_rsp25hirschmann_rail_switch_power_smarthirschmann_eesx30hirschmann_grs1020hirschmann_rail_switch_power_litehirschmann_eagle20hirschmann_eagle30hirschmann_hiosruggedcom_win7025hirschmann_rspe30hirschmann_eagle_oneruggedcom_win7200_firmwaresiprotec_5hirschmann_ees20hirschmann_red25power_meter_9410power_meter_9810ruggedcom_win7000_firmwarehirschmann_msp30hirschmann_grs1120n/a
CWE ID-CWE-384
Session Fixation
CVE-2019-12259
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-24.46% / 96.14%
||
7 Day CHG~0.00%
Published-09 Aug, 2019 | 18:05
Updated-04 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.

Action-Not Available
Vendor-windriverbeldenn/aSiemens AGSonicWall Inc.
Product-hirschmann_rsp20ruggedcom_win7025_firmwarehirschmann_ees25sonicoshirschmann_grs1030hirschmann_grs1142ruggedcom_win7018_firmwarehirschmann_rspe32hirschmann_grs1130garrettcom_magnum_dx940ehirschmann_rspe35hirschmann_eesx20hirschmann_rspe37ruggedcom_win7018hirschmann_grs10429410_power_meter_firmwareruggedcom_win7000siprotec_5_firmwareruggedcom_win7200hirschmann_rsp35garrettcom_magnum_dx940e_firmwarevxworkshirschmann_msp40hirschmann_octopus_os39810_power_meterhirschmann_rsp309410_power_meter9810_power_meter_firmwarehirschmann_dragon_mach4000hirschmann_dragon_mach4500hirschmann_msp32hirschmann_rsp25hirschmann_rail_switch_power_smarthirschmann_eesx30hirschmann_grs1020hirschmann_rail_switch_power_litehirschmann_eagle20hirschmann_eagle30hirschmann_hiosruggedcom_win7025hirschmann_rspe30hirschmann_eagle_oneruggedcom_win7200_firmwaresiprotec_5hirschmann_ees20hirschmann_red25ruggedcom_win7000_firmwarehirschmann_msp30hirschmann_grs1120n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-10931
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.24%
||
7 Day CHG~0.00%
Published-11 Jul, 2019 | 21:17
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering software (All versions < V7.90), SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.90), SIPROTEC 5 device types 7SS85 and 7KE85 (All versions < V8.01), SIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.59), SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.59). Specially crafted packets sent to port 443/TCP could cause a Denial of Service condition.

Action-Not Available
Vendor-Siemens AG
Product-6md857sa867sj826md867um857sj857ut867ss85siprotec_5_digsi_device_driver7sa877vk877ve856md897ut877sa827ut857sl827sd867ke857sl867sd827sk857sk827ut827sd877sj867sl87digsi_5_engineering_softwareSIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modulesAll other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modulesSIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modulesDIGSI 5 engineering softwareSIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modulesSIPROTEC 5 device types 7SS85 and 7KE85
CWE ID-CWE-248
Uncaught Exception
CVE-2019-10923
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.56%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 13:49
Updated-11 Feb, 2025 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-300_cpu_313simatic_winac_rtx_\(f\)cp1604_firmwaresinamics_s150_firmwaresimatic_et_200mdk_standard_ethernet_controllersinamics_dcm_firmwaresimatic_s7-400_v6sinamics_gm150simatic_et_200ecopn_firmwaresinamics_gl150_firmwaresimatic_s7-400_pn_v7_firmwaresimatic_s7-400_dp_v7sinamics_gl150sinumerik_840d_slscalance_x-200irtsimatic_s7-300_cpu_firmwaresimatic_s7-400_pn_v7sinamics_gh150cp1616simatic_et_200s_firmwaresimatic_s7-300_cpu_316-2_dp_firmwaresinamics_dcmsimatic_pn\/pn_coupler_6es7158-3ad01-0xa0sinamics_sm120scalance_x-200irt_firmwaresinamics_g120simatic_s7-300_cpu_315-2_dpsimatic_s7-300_cpu_315_firmwaresimotion_firmwaresimotionsinumerik_828dcp1616_firmwaresinamics_sl150_firmwaresinamics_s150ek-ertec_200ek-ertec_200_firmwaresinamics_dcp_firmwaresimatic_s7-300_cpusimatic_s7-300_cpu_314_firmwaresimatic_s7-400_v6_firmwarecp1604simatic_s7-300_cpu_314ek-ertec_200p_firmwaresimatic_et_200m_firmwaresimatic_s7-300_cpu_318-2_firmwaresimatic_s7-300_cpu_313_firmwaresimatic_et_200ssimatic_s7-400_dp_v7_firmwaredk_standard_ethernet_controller_firmwaresimatic_s7-300_cpu_318-2sinamics_s110sinamics_gm150_firmwaresinamics_g150sinamics_g130simatic_s7-300_cpu_315-2_dp_firmwaresimatic_s7-300_cpu_315simatic_s7-300_cpu_312_ifm_firmwaresinamics_g110mek-ertec_200psinamics_g110m_firmwaresinamics_gh150_firmwaresinamics_dcpsinamics_sl150simatic_et_200ecopnsimatic_pn\/pn_coupler_6es7158-3ad01-0xa0_firmwaresimatic_s7-300_cpu_314_ifmsimatic_s7-300_cpu_312_ifmsimatic_s7-300_cpu_314_ifm_firmwaresimatic_s7-300_cpu_316-2_dpsinamics_sm120_firmwaresinamics_g150_firmwaresinamics_s120sinamics_g130_firmwaresinamics_s120_firmwaresimatic_winac_rtx_\(f\)_firmwaresinamics_s110_firmwaresinamics_g120_firmwareSINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants)SINAMICS SM120 V4.7 Control UnitSIPLUS ET 200SP IM 155-6 PN STSIMATIC ET 200MP IM 155-5 PN STSIPLUS ET 200S IM 151-8 PN/DP CPUSIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 317T-3 PN/DPSINUMERIK 828DSINAMICS GL150 V4.7 Control UnitSIPLUS S7-300 CPU 317F-2 PN/DPSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIPLUS ET 200SP IM 155-6 PN HFDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN: IO-Link MasterSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC ET 200SP IM 155-6 PN HFSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS S7-300 CPU 314C-2 PN/DPSCALANCE X-200IRT family (incl. SIPLUS NET variants)SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMATIC S7-400 CPU 416-3 PN/DP V7SIMATIC S7-300 CPU 315F-2 PN/DPSINUMERIK 840D slSIMATIC ET 200pro IM 154-8 PN/DP CPUSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SINAMICS G150SINAMICS GH150 V4.7 Control UnitSIMATIC S7-300 CPU 314C-2 PN/DPSINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants)SIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC S7-400 CPU 414-3 PN/DP V7SINAMICS DCPSIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC WinAC RTX 2010SIMATIC ET 200pro IM 154-3 PN HFSIMATIC ET 200M (incl. SIPLUS variants)SIPLUS S7-400 CPU 416-3 PN/DP V7SIMATIC ET 200S IM 151-8 PN/DP CPUSIMATIC S7-400 CPU 416F-3 PN/DP V7SINAMICS GM150 V4.7 Control UnitSIMATIC CP 1616Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC S7-400 CPU 414F-3 PN/DP V7SIMATIC ET 200S IM 151-8F PN/DP CPUSIMATIC ET 200pro IM 154-8F PN/DP CPUDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC ET 200MP IM 155-5 PN HFSIMATIC S7-300 CPU 319F-3 PN/DPSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIMATIC S7-300 CPU 317-2 PN/DPSIMATIC ET 200SP IM 155-6 PN ST BASIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC ET 200SP IM 155-6 PN STSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIPLUS S7-300 CPU 317-2 PN/DPSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIPLUS ET 200S IM 151-8F PN/DP CPUSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC CP 1604SIMATIC S7-400 CPU 412-2 PN V7SIPLUS ET 200MP IM 155-5 PN HFSINAMICS DCMSIMOTIONSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC ET200S (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SIMATIC S7-300 CPU 317F-2 PN/DPSIMATIC WinAC RTX F 2010SINAMICS S150SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SINAMICS G110M V4.7 Control UnitSINAMICS G130SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC ET 200pro IM 154-8FX PN/DP CPUSIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200MP IM 155-5 PN STSINAMICS SL150 V4.7 Control UnitSIMATIC S7-300 CPU 315T-3 PN/DPSINAMICS S110 Control Unit
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-10953
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.17%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 14:02
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.

Action-Not Available
Vendor-wagon/aABBPhoenix Contact GmbH & Co. KGSiemens AG
Product-ethernet_firmwarebacnet\/ip6es7211-1ae40-0xb0modicon_m221_firmwareknx_ip_firmwareknx_ipethernet6es7314-6eh04-0ab0modicon_m221pm554-tp-eth_firmware6es7314-6eh04-0ab0_firmware6ed1052-1cc01-0ba8pm554-tp-eth6es7211-1ae40-0xb0_firmwarepfc100_firmwarepfc100ilc_151_eth_firmwarebacnet\/ip_firmware6ed1052-1cc01-0ba8_firmwareilc_151_ethABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-10936
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.99% / 83.72%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 00:00
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500_cpu_1511csimatic_s7-1500_cpudk_standard_ethernet_controllersimatic_s7-400h_v6_firmwaresimatic_et_200sp_im_155-6_pn_st_firmwaresimatic_et_200ecopn_firmwaresimatic_s7-1200_cpu_1212csimatic_s7-1500s_cpusinamics_gl150_firmwaresimatic_s7-400_pn_v7_firmwaresimatic_s7-400_dp_v7sinamics_gl150simatic_s7-300_cpu_firmwaresimatic_s7-1500_cpu_1512c_firmwaresimatic_s7-400_pn_v7simatic_hmi_comfort_panels_22\"simatic_et_200sp_im_155-6_pn\/2_hfsimatic_et_200pro_firmwaresimatic_profinet_driver_firmwaresimatic_s7-410_v8_firmwaresinamics_dcmsimatic_hmi_comfort_outdoor_panels_7\"sinamics_sm120simatic_et_200mp_im_155-5_pn_hfsimatic_hmi_ktp_mobile_panelssimatic_et_200mp_im_155-5_pn_basimatic_et_200sp_im_155-6_pn_stsinumerik_828dsimatic_hmi_comfort_panels_4\"sinamics_s150ek-ertec_200simatic_hmi_comfort_outdoor_panels_15\"simatic_s7-1200_cpu_1214c_firmwaresimatic_s7-300_cpusimatic_s7-300_cpu_314_firmwaresimatic_s7-1200_cpu_1211c_firmwaresimatic_et_200sp_im_155-6_pn_basimatic_s7-1200_cpu_1214csimatic_s7-400_v6_firmwaresimatic_et_200sp_im_155-6_pn_hssimatic_s7-300_cpu_314ek-ertec_200p_firmwaresimatic_s7-300_cpu_318-2_firmwaresimatic_s7-300_cpu_313_firmwaresimatic_et_200sp_im_155-6_pn_hfsinamics_gm150_firmwaresimatic_hmi_comfort_outdoor_panels_7\"_firmwaresinamics_g150simatic_s7-300_cpu_312_ifm_firmwaresimatic_et_200mp_im_155-5_pn_hf_firmwaresimatic_et_200sp_im_155-6_pn\/2_hf_firmwaresinamics_sl150simatic_s7-1500t_cpu_firmwaresimatic_et_200mp_im_155-5_pn_stsimatic_et_200ecopnsimatic_et_200alsimatic_s7-300_cpu_312_ifmsimatic_s7-1500_cpu_1518simatic_s7-300_cpu_316-2_dpsimatic_pn\/pn_couplersinamics_s120simatic_s7-1500_cpu_1518_firmwaresimatic_cfu_pa_firmwaresimatic_et_200prosinumerik_840d_slsimatic_s7-300_cpu_313simatic_et_200sp_im_155-6_pn_hasimatic_cfu_pasinamics_s150_firmwaresimatic_et_200msinamics_dcm_firmwaresimatic_s7-400_v6sinamics_gm150simatic_et_200sp_im_155-6_pn_ba_firmwaresimatic_s7-400h_v6simatic_et_200al_firmwaresimatic_hmi_comfort_panels_4\"_firmwaresimatic_s7-1500t_cpusimatic_s7-410_v8simatic_s7-1200_cpu_1212c_firmwaresimatic_et_200s_firmwaresimatic_s7-300_cpu_316-2_dp_firmwaresimatic_et_200mp_im_155-5_pn_st_firmwaresimatic_hmi_ktp_mobile_panels_firmwaresimatic_et_200sp_im_155-6_pn_ha_firmwaresimatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_s7-1500_cpu_1512csimatic_s7-300_cpu_315_firmwaresimatic_s7-300_cpu_315-2_dpsinamics_g120simatic_s7-1200_cpusinamics_sl150_firmwaresimatic_hmi_comfort_panels_22\"_firmwareek-ertec_200_firmwaresinamics_dcp_firmwaresimatic_winac_rtx_\(f\)_2010simatic_s7-1500_cpu_firmwaresimatic_et_200sp_im_155-6_pn\/3_hfsimatic_s7-1500s_cpu_firmwaresimatic_et_200m_firmwaresimatic_et_200ssimatic_profinet_driversimatic_s7-400_dp_v7_firmwaredk_standard_ethernet_controller_firmwaresimatic_s7-300_cpu_318-2simatic_s7-1500_cpu_1511c_firmwaresinamics_s110simatic_et_200sp_im_155-6_pn_hs_firmwaresimatic_et_200mp_im_155-5_pn_ba_firmwaresimatic_s7-300_cpu_315-2_dp_firmwaresimatic_pn\/pn_coupler_firmwaresimatic_s7-300_cpu_315sinamics_g110msinamics_g130ek-ertec_200psinamics_g110m_firmwaresinamics_dcpsimatic_s7-1200_cpu_firmwaresimatic_s7-300_cpu_314_ifmsimatic_s7-1200_cpu_1211csimatic_et_200sp_im_155-6_pn\/3_hf_firmwaresimatic_s7-300_cpu_314_ifm_firmwaresinamics_sm120_firmwaresinamics_g150_firmwaresimatic_et_200sp_im_155-6_pn_hf_firmwaresinamics_g130_firmwaresinamics_s120_firmwaresimatic_winac_rtx_\(f\)_firmwaresinamics_s110_firmwaresinamics_g120_firmwareSINAMICS GM150 V4.7 Control UnitSINUMERIK 840D slSIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC ET200ecoPN, 4AO U/I 4xM12SIPLUS ET 200MP IM 155-5 PN HF T1 RAILSINAMICS S110 Control UnitSIMATIC ET 200SP IM 155-6 PN HFSIMATIC S7-400 CPU 414F-3 PN/DP V7SIPLUS NET PN/PN CouplerSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317F-2 PN/DPSINAMICS DCMSIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 PN STSIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC HMI Comfort Panels (incl. SIPLUS variants)SIMATIC S7-300 CPU 317-2 PN/DPSIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC ET 200SP IM 155-6 PN HSSIMATIC ET200ecoPN: IO-Link MasterSINAMICS S150 Control UnitSINAMICS G150 Control UnitSIMATIC PN/PN CouplerSIMATIC S7-300 CPU 317T-3 PN/DPSIMATIC ET 200SP IM 155-6 PN BASIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIMATIC S7-400 CPU 416F-3 PN/DP V7SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC ET 200SP IM 155-6 PN/2 HFSINAMICS G110M V4.7 PN Control UnitSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC ET 200pro IM 154-8F PN/DP CPUSIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN ST BASIMATIC ET 200S IM 151-8 PN/DP CPUSIMATIC CFU PASIMATIC ET 200MP IM 155-5 PN HFSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SINAMICS DCPSINAMICS G130 V4.7 Control UnitSIMATIC ET 200S IM 151-8F PN/DP CPUSIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SIMATIC HMI Comfort Outdoor Panels (incl. SIPLUS variants)SIMATIC ET 200pro IM 154-4 PN HFSIMATIC S7-1500 Software ControllerSIMATIC ET 200MP IM 155-5 PN STSINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)SIPLUS S7-300 CPU 317-2 PN/DPSIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC TDC CPU555SINAMICS GH150 V4.7 Control UnitSIMATIC ET200S (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC S7-400 CPU 416-3 PN/DP V7SIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN/3 HFSIPLUS S7-300 CPU 314C-2 PN/DPSIPLUS ET 200S IM 151-8F PN/DP CPUSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC TDC CP51M1SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SIMATIC ET 200MP IM 155-5 PN BASIMATIC ET 200pro IM 154-8FX PN/DP CPUSIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SIMATIC HMI KTP Mobile PanelsDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIMATIC S7-300 CPU 314C-2 PN/DPDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC PROFINET DriverDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSINUMERIK 828DSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIPLUS S7-300 CPU 315-2 PN/DPSIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIMATIC S7-300 CPU 315-2 PN/DPSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC S7-300 CPU 319F-3 PN/DPSINAMICS GL150 V4.7 Control UnitSIMATIC ET 200M (incl. SIPLUS variants)SIMATIC ET 200pro IM 154-8 PN/DP CPUSIPLUS S7-400 CPU 416-3 PN/DP V7SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIPLUS ET 200S IM 151-8 PN/DP CPUSIMATIC WinAC RTX F 2010SIMATIC S7-400 CPU 414-3 PN/DP V7SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200SP IM 155-6 PN STSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC S7-400 CPU 412-2 PN V7SINAMICS SM120 V4.7 Control UnitSIPLUS ET 200MP IM 155-5 PN HFSINAMICS SL150 V4.7 Control UnitSINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants)SIMATIC S7-300 CPU 315T-3 PN/DPSIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)simatic_winac_rtx_\(f\)_2010simatic_tdc_cpu555_firmwaresimatic_et_200sp_firmwaresimatic_tdc_cp51m1_firmwaresiplus_s7-300_cpu_314simatic_s7-1500_cpusimatic_et200ecopn_firmwaresimatic_cfu_pasimatic_s7-400_h_v6_firmwareek-ertec_200p_firmwaresimatic_et_200m_firmwaresinamics_gm150simatic_profinet_driversimatic_s7-300_cpu_315f-2_dp_firmwaredk_standard_ethernet_controller_firmwaresimatic_s7-400_cpu_416-3_pn\/dpsinamics_gl150simatic_s7-300_cpu_317-2_dp_firmwaresimatic_et_200al_firmwaresimatic_s7-400_pn\/dp_v6_firmwaresinamics_s110sinamics_g150simatic_winac_rtx_2010simatic_s7-300_cpu_315-2_dp_firmwaresinamics_g130sinamics_g110msinamics_gh150simatic_et_200mp_firmwaresinamics_dcpsinamics_sl150simatic_et_200s_firmwaresimatic_et_200pro_firmwaresimatic_s7-410_cpu_firmwaresimatic_pn\/pn_coupler_6es7158-3ad01-0xa0sinamics_dcmsimatic_hmi_comfort_outdoor_panelssimatic_s7-400_cpu_412-2_pnsinamics_sm120sinamics_g120simatic_et200s_firmwaresimatic_s7-400_cpu_414-3_pn\/dpsinumerik_828dsimatic_s7-1200_cpusimatic_s7-300_cpu_319-3_pn\/dp_firmwaresinamics_s120ek-ertec_200_firmwaresimatic_s7-1500_controllersimatic_s7-300_cpu_314_firmwaresimatic_s7-300_cpu_317-2_pn\/dp_firmwaresinumerik_840d_sl
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-10942
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.39% / 59.96%
||
7 Day CHG~0.00%
Published-13 Aug, 2019 | 18:55
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X204RNA (HSR) (All versions), SCALANCE X204RNA (PRP) (All versions), SCALANCE X204RNA EEC (HSR) (All versions), SCALANCE X204RNA EEC (PRP) (All versions), SCALANCE X204RNA EEC (PRP/HSR) (All versions). The device contains a vulnerability that could allow an attacker to trigger a denial-of-service condition by sending large message packages repeatedly to the telnet service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_x-200_firmwarescalance_x-200scalance_x-200rnascalance_x-200irtscalance_x-200rna_firmwarescalance_x-200irt_firmwareSCALANCE X204RNA EEC (PRP)SCALANCE X204RNA EEC (HSR)SCALANCE X204RNA (PRP)SCALANCE X-200 switch family (incl. SIPLUS NET variants)SCALANCE X204RNA (HSR)SCALANCE X204RNA EEC (PRP/HSR)SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-31883
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-1.41% / 80.64%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-11 Mar, 2025 | 09:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). When processing a DHCP ACK message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions. (FSMD-2021-0013)

Action-Not Available
Vendor-Siemens AG
Product-nucleus_readystart_v3talon_tc_compactnucleus_nettalon_tc_compact_firmwareapogee_pxc_compactapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwareapogee_modular_equiment_controllerapogee_modular_building_controllercapital_vstarapogee_pxc_modular_firmwareapogee_pxc_modulartalon_tc_modular_firmwaretalon_tc_modularapogee_modular_building_controller_firmwarenucleus_source_codeCapital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-31882
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-1.41% / 80.64%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-11 Mar, 2025 | 09:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011)

Action-Not Available
Vendor-Siemens AG
Product-nucleus_readystart_v3talon_tc_compactnucleus_nettalon_tc_compact_firmwareapogee_pxc_compactapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwareapogee_modular_equiment_controllerapogee_modular_building_controllercapital_vstarapogee_pxc_modular_firmwareapogee_pxc_modulartalon_tc_modular_firmwaretalon_tc_modularapogee_modular_building_controller_firmwarenucleus_source_codeCapital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-31340
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.48% / 65.20%
||
7 Day CHG~0.00%
Published-08 Jun, 2021 | 19:47
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.

Action-Not Available
Vendor-Siemens AG
Product-simatic_reader_rf650r_fcc_firmwaresimatic_reader_rf650r_cmiit_firmwaresimatic_reader_rf680r_cmiitsimatic_reader_rf685r_fccsimatic_reader_rf610r_etsi_firmwaresimatic_reader_rf615r_etsi_firmwaresimatic_rf360rsimatic_reader_rf650r_aribsimatic_reader_rf610r_fccsimatic_reader_rf680r_fccsimatic_reader_rf685r_arib_firmwaresimatic_rf186c_firmwaresimatic_reader_rf615r_cmiitsimatic_rf188c_firmwaresimatic_reader_rf685r_fcc_firmwaresimatic_rf185csimatic_reader_rf680r_cmiit_firmwaresimatic_reader_rf685r_etsisimatic_rf360r_firmwaresimatic_rf186cisimatic_rf188csimatic_reader_rf610r_cmiit_firmwaresimatic_reader_rf610r_fcc_firmwaresimatic_rf185c_firmwaresimatic_reader_rf615r_fccsimatic_reader_rf615r_fcc_firmwaresimatic_reader_rf680r_etsisimatic_reader_rf680r_fcc_firmwaresimatic_reader_rf610r_etsisimatic_reader_rf680r_arib_firmwaresimatic_reader_rf685r_cmiit_firmwaresimatic_rf186ci_firmwaresimatic_rf166c_firmwaresimatic_rf188ci_firmwaresimatic_reader_rf650r_cmiitsimatic_reader_rf650r_fccsimatic_rf166csimatic_reader_rf685r_cmiitsimatic_reader_rf680r_aribsimatic_reader_rf650r_etsisimatic_reader_rf610r_cmiitsimatic_reader_rf650r_arib_firmwaresimatic_reader_rf680r_etsi_firmwaresimatic_reader_rf615r_etsisimatic_rf186csimatic_reader_rf650r_etsi_firmwaresimatic_reader_rf685r_aribsimatic_reader_rf615r_cmiit_firmwaresimatic_reader_rf685r_etsi_firmwaresimatic_rf188ciSIMATIC Reader RF650R ARIBSIMATIC Reader RF650R ETSISIMATIC Reader RF680R CMIITSIMATIC Reader RF615R ETSISIMATIC RF166CSIMATIC Reader RF685R CMIITSIMATIC RF185CSIMATIC Reader RF610R CMIITSIMATIC Reader RF685R ETSISIMATIC Reader RF615R CMIITSIMATIC RF188CISIMATIC Reader RF610R ETSISIMATIC Reader RF685R FCCSIMATIC Reader RF615R FCCSIMATIC RF186CSIMATIC RF360RSIMATIC Reader RF680R ARIBSIMATIC Reader RF685R ARIBSIMATIC RF188CSIMATIC Reader RF680R ETSISIMATIC Reader RF610R FCCSIMATIC Reader RF650R CMIITSIMATIC RF186CISIMATIC Reader RF680R FCCSIMATIC Reader RF650R FCC
CWE ID-CWE-400
Uncontrolled Resource Consumption
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 26
  • 27
  • Next
Details not found