CVE-2019-19301 - Vulnerability Details

A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALANCE X204IRT PRO, SCALANCE X206-1, SCALANCE X206-1LD, SCALANCE X208, SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204-2, SCALANCE XF204-2BA IRT, SCALANCE XF204IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIMATIC CP 343-1 Advanced, SIMATIC CP 442-1 RNA, SIMATIC CP 443-1, SIMATIC CP 443-1, SIMATIC CP 443-1 Advanced, SIMATIC CP 443-1 RNA, SIMATIC RF180C, SIMATIC RF182C, SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SIPLUS NET SCALANCE X308-2. The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.0054.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Siemens

SCALANCE X200-4P IRT

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE X201-3P IRT

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE X201-3P IRT PRO

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE X202-2IRT

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE X202-2P IRT

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE X202-2P IRT PRO

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE X204-2

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X204-2FM

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X204-2LD

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X204-2LD TS

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X204-2TS

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X204IRT

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE X204IRT PRO

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE X206-1

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X206-1LD

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X208

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X208PRO

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X212-2

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X212-2LD

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X216

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X224

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE X302-7 EEC (230V, coated)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X302-7 EEC (230V)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X302-7 EEC (24V, coated)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X302-7 EEC (24V)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X302-7 EEC (2x 230V, coated)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X302-7 EEC (2x 230V)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X302-7 EEC (2x 24V, coated)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X302-7 EEC (2x 24V)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X304-2FE

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X306-1LD FE

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-2 EEC (230V, coated)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-2 EEC (230V)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-2 EEC (24V, coated)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-2 EEC (24V)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-2 EEC (2x 230V, coated)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-2 EEC (2x 230V)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-2 EEC (2x 24V, coated)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-2 EEC (2x 24V)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-3

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-3

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-3LD

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X307-3LD

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2LD

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2LD

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2LH

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2LH

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2LH+

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2LH+

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2M

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2M

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2M PoE

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2M PoE

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2M TS

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X308-2M TS

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X310

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X310

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X310FE

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X310FE

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X320-1 FE

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X320-1-2LD FE

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE X408-2

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XF201-3P IRT

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE XF202-2P IRT

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE XF204

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE XF204-2

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE XF204-2BA IRT

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE XF204IRT

unknown

Version	Status	Constraints
`All versions < V5.5.0`	affected	—

Siemens

SCALANCE XF206-1

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE XF208

unknown

Version	Status	Constraints
`All versions < V5.2.5`	affected	—

Siemens

SCALANCE XR324-12M (230V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-12M (230V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-12M (230V, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-12M (230V, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-12M (24V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-12M (24V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-12M (24V, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-12M (24V, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-12M TS (24V)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-12M TS (24V)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (24V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (24V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (24V, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (24V, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (2x 24V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (2x 24V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (2x 24V, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M EEC (2x 24V, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M PoE (230V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M PoE (230V, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M PoE (24V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M PoE (24V, ports on rear)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SCALANCE XR324-4M PoE TS (24V, ports on front)

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Siemens

SIMATIC CP 343-1 Advanced

unknown

Version	Status	Constraints
`All versions`	affected	—

Siemens

SIMATIC CP 442-1 RNA

unknown

Version	Status	Constraints
`All versions < V1.5.18`	affected	—

Siemens

SIMATIC CP 443-1

unknown

Version	Status	Constraints
`All versions < V3.3`	affected	—

Siemens

SIMATIC CP 443-1

unknown

Version	Status	Constraints
`All versions < V3.3`	affected	—

Siemens

SIMATIC CP 443-1 Advanced

unknown

Version	Status	Constraints
`All versions < V3.3`	affected	—

Siemens

SIMATIC CP 443-1 RNA

unknown

Version	Status	Constraints
`All versions < V1.5.18`	affected	—

Siemens

SIMATIC RF180C

unknown

Version	Status	Constraints
`All versions`	affected	—

Siemens

SIMATIC RF182C

unknown

Version	Status	Constraints
`All versions`	affected	—

Siemens

SIPLUS NET CP 343-1 Advanced

unknown

Version	Status	Constraints
`All versions`	affected	—

Siemens

SIPLUS NET CP 443-1

unknown

Version	Status	Constraints
`All versions < V3.3`	affected	—

Siemens

SIPLUS NET CP 443-1 Advanced

unknown

Version	Status	Constraints
`All versions < V3.3`	affected	—

Siemens

SIPLUS NET SCALANCE X308-2

unknown

Version	Status	Constraints
`All versions < V4.1.4`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:scalance_xf-200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf-200:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:siemens:scalance_x-200irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x-200irt:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:siemens:scalance_x-200irt_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x-200irt_pro:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:siemens:scalance_x-300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x-300:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:siemens:scalance_xr-300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xr-300:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:siemens:simatic_cp_443-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:siemens:simatic_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_443-1_advanced:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:siemens:simatic_rf180c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf180c:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:siemens:simatic_rf182c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Siemens Subscribe	Scalance X-200irt Subscribe Scalance X-200irt Firmware Subscribe Scalance X-200irt Pro Subscribe Scalance X-200irt Pro Firmware Subscribe Scalance X-300 Subscribe Scalance X-300 Firmware Subscribe Scalance Xb-200 Subscribe Scalance Xb-200 Firmware Subscribe Scalance Xc-200 Subscribe Scalance Xc-200 Firmware Subscribe Scalance Xf-200 Subscribe Scalance Xf-200 Firmware Subscribe Scalance Xp-200 Subscribe Scalance Xp-200 Firmware Subscribe Scalance Xr-300 Subscribe Scalance Xr-300 Firmware Subscribe Scalance Xr-300wg Subscribe Scalance Xr-300wg Firmware Subscribe Simatic Cp 443-1 Subscribe Simatic Cp 443-1 Advanced Subscribe Simatic Cp 443-1 Advanced Firmware Subscribe Simatic Cp 443-1 Firmware Subscribe Simatic Rf180c Subscribe Simatic Rf180c Firmware Subscribe Simatic Rf182c Subscribe Simatic Rf182c Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2019-8925	A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALANCE X204IRT PRO, SCALANCE X206-1, SCALANCE X206-1LD, SCALANCE X208, SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204-2, SCALANCE XF204-2BA IRT, SCALANCE XF204IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIMATIC CP 343-1 Advanced, SIMATIC CP 442-1 RNA, SIMATIC CP 443-1, SIMATIC CP 443-1, SIMATIC CP 443-1 Advanced, SIMATIC CP 443-1 RNA, SIMATIC RF180C, SIMATIC RF182C, SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SIPLUS NET SCALANCE X308-2. The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-102233.pdf

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2020-04-14T19:50:54

Updated: 2024-08-05T02:16:46.705Z

Reserved: 2019-11-26T00:00:00

Link: CVE-2019-19301

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-04-14T20:15:14.967

Modified: 2024-11-21T04:34:31.900

Link: CVE-2019-19301

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object