CVE-2019-10923 - Vulnerability Details

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00468.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	Cp1604 Cp1604 Firmware Cp1616 Cp1616 Firmware Dk Standard Ethernet Controller Dk Standard Ethernet Controller Firmware Ek-ertec 200 Ek-ertec 200 Firmware Ek-ertec 200p Ek-ertec 200p Firmware Scalance X-200irt Scalance X-200irt Firmware Simatic Et 200ecopn Simatic Et 200ecopn Firmware Simatic Et 200m Simatic Et 200m Firmware Simatic Et 200s Simatic Et 200s Firmware Simatic Pn\/pn Coupler 6es7158-3ad01-0xa0 Simatic Pn\/pn Coupler 6es7158-3ad01-0xa0 Firmware Simatic S7-300 Cpu Simatic S7-300 Cpu 312 Ifm Simatic S7-300 Cpu 312 Ifm Firmware Simatic S7-300 Cpu 313 Simatic S7-300 Cpu 313 Firmware Simatic S7-300 Cpu 314 Simatic S7-300 Cpu 314 Firmware Simatic S7-300 Cpu 314 Ifm Simatic S7-300 Cpu 314 Ifm Firmware Simatic S7-300 Cpu 315 Simatic S7-300 Cpu 315-2 Dp Simatic S7-300 Cpu 315-2 Dp Firmware Simatic S7-300 Cpu 315 Firmware Simatic S7-300 Cpu 316-2 Dp Simatic S7-300 Cpu 316-2 Dp Firmware Simatic S7-300 Cpu 318-2 Simatic S7-300 Cpu 318-2 Firmware Simatic S7-300 Cpu Firmware Simatic S7-400 Dp V7 Simatic S7-400 Dp V7 Firmware Simatic S7-400 Pn V7 Simatic S7-400 Pn V7 Firmware Simatic S7-400 V6 Simatic S7-400 V6 Firmware Simatic Winac Rtx \(f\) Simatic Winac Rtx \(f\) Firmware Simotion Simotion Firmware Sinamics Dcm Sinamics Dcm Firmware Sinamics Dcp Sinamics Dcp Firmware Sinamics G110m Sinamics G110m Firmware Sinamics G120 Sinamics G120 Firmware Sinamics G130 Sinamics G130 Firmware Sinamics G150 Sinamics G150 Firmware Sinamics Gh150 Sinamics Gh150 Firmware Sinamics Gl150 Sinamics Gl150 Firmware Sinamics Gm150 Sinamics Gm150 Firmware Sinamics S110 Sinamics S110 Firmware Sinamics S120 Sinamics S120 Firmware Sinamics S150 Sinamics S150 Firmware Sinamics Sl150 Sinamics Sl150 Firmware Sinamics Sm120 Sinamics Sm120 Firmware Sinumerik 828d Sinumerik 840d Sl

Configuration 1 [-]

AND

cpe:2.3:o:siemens:cp1604_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:cp1604:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:cp1616_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:cp1616:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

OR	cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware::::::::
	cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:4.1.1:-::::::
	cpe:2.3:o:siemens:dk_standard_ethernet_controller_firmware:4.1.1:p4::::::

cpe:2.3:h:siemens:dk_standard_ethernet_controller:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:siemens:ek-ertec_200_firmware::::::::
	cpe:2.3:o:siemens:ek-ertec_200_firmware:4.5.0:-::::::

cpe:2.3:h:siemens:ek-ertec_200:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:siemens:ek-ertec_200p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ek-ertec_200p:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:siemens:scalance_x-200irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x-200irt:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:siemens:simatic_et_200m_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200m:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:siemens:simatic_et_200s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200s:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:siemens:simatic_et_200ecopn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200ecopn:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:siemens:simatic_pn\/pn_coupler_6es7158-3ad01-0xa0_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_pn\/pn_coupler_6es7158-3ad01-0xa0:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_312_ifm_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_312_ifm:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_313_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_313:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_314_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_314:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_314_ifm_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_314_ifm:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_315_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_315:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_dp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_dp:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_316-2_dp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_316-2_dp:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_cpu_318-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300_cpu_318-2:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400_v6_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400_v6:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400_pn_v7_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400_pn_v7:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400_dp_v7_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400_dp_v7:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

OR	cpe:2.3:o:siemens:simatic_winac_rtx_\(f\)_firmware::::::::
	cpe:2.3:o:siemens:simatic_winac_rtx_\(f\)_firmware:2010:-::::::
	cpe:2.3:o:siemens:simatic_winac_rtx_\(f\)_firmware:2010:sp1::::::
	cpe:2.3:o:siemens:simatic_winac_rtx_\(f\)_firmware:2010:sp2::::::

cpe:2.3:h:siemens:simatic_winac_rtx_\(f\):-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:siemens:simotion_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simotion:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_dcm_firmware::::::::
	cpe:2.3:o:siemens:sinamics_dcm_firmware:1.5:-::::::

cpe:2.3:h:siemens:sinamics_dcm:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:siemens:sinamics_dcp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_dcp:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_g110m_firmware::::::::
	cpe:2.3:o:siemens:sinamics_g110m_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_g110m:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_g120_firmware::::::::
	cpe:2.3:o:siemens:sinamics_g120_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_g120:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_g130_firmware::::::::
	cpe:2.3:o:siemens:sinamics_g130_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_gh150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_gh150_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_gl150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_gl150_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_gm150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_gm150_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:siemens:sinamics_s110_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_s110:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_s120_firmware::::::::
	cpe:2.3:o:siemens:sinamics_s120_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:siemens:sinamics_s150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_sl150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_sl150_firmware:4.7:-::::::

cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*

Configuration 39 [-]

OR	cpe:2.3:a:siemens:sinumerik_828d::::::::
	cpe:2.3:a:siemens:sinumerik_828d:4.8:-::::::
	cpe:2.3:a:siemens:sinumerik_828d:4.8:sp1::::::
	cpe:2.3:a:siemens:sinumerik_828d:4.8:sp2::::::
	cpe:2.3:a:siemens:sinumerik_828d:4.8:sp3::::::
	cpe:2.3:a:siemens:sinumerik_828d:4.8:sp4::::::

Configuration 40 [-]

cpe:2.3:a:siemens:sinumerik_840d_sl:*:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2019-2637	An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://cert-portal.siemens.com/productcert/html/ssa-349422.html
https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf

History

Tue, 10 Sep 2024 09:45:00 +0000

Type	Values Removed	Values Added
Description	A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SCALANCE X-200IRT switch family (incl. SIPLUS NET variants), SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200pro, SIMATIC ET200S (incl. SIPLUS variants), SIMATIC NET CP 1604, SIMATIC NET CP 1616, SIMATIC PN/PN Coupler (incl. SIPLUS NET variants), SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-400 CPU 412-2 PN V7, SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC WinAC RTX 2010, SIMATIC WinAC RTX F 2010, SIMOTION, SINAMICS DCM, SINAMICS DCP, SINAMICS G110M V4.7 Control Unit, SINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS G130 V4.7 Control Unit, SINAMICS G150 Control Unit, SINAMICS GH150 V4.7 Control Unit, SINAMICS GL150 V4.7 Control Unit, SINAMICS GM150 V4.7 Control Unit, SINAMICS S110 Control Unit, SINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants), SINAMICS S150 Control Unit, SINAMICS SL150 V4.7 Control Unit, SINAMICS SM120 V4.7 Control Unit, SINUMERIK 828D, SINUMERIK 840D sl, SIPLUS ET 200S IM151-8 PN/DP CPU, SIPLUS ET 200S IM151-8F PN/DP CPU, SIPLUS S7-300 CPU 314C-2 PN/DP, SIPLUS S7-300 CPU 315-2 PN/DP, SIPLUS S7-300 CPU 315F-2 PN/DP, SIPLUS S7-300 CPU 317-2 PN/DP, SIPLUS S7-300 CPU 317F-2 PN/DP, SIPLUS S7-400 CPU 414-3 PN/DP V7, SIPLUS S7-400 CPU 416-3 PN/DP V7. An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.	An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.
References		https://cert-portal.siemens.com/productcert/html/ssa-349422.html

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2019-10-10T13:49:24

Updated: 2025-02-11T10:26:23.281Z

Reserved: 2019-04-08T00:00:00

Link: CVE-2019-10923

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-10-10T14:15:14.503

Modified: 2024-11-21T04:20:09.600

Link: CVE-2019-10923

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object