CVE-2019-6568 - Vulnerability Details

The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.

The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise availability of the device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00408.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	Cp1604 Cp1604 Firmware Cp1616 Cp1616 Firmware Simatic Cp343-1 Advanced Simatic Cp343-1 Advanced Firmware Simatic Cp443-1 Simatic Cp443-1 Advanced Simatic Cp443-1 Advanced Firmware Simatic Cp443-1 Firmware Simatic Cp443-1 Opc Ua Simatic Et 200 Sp Open Controller Cpu 1515sp Pc Simatic Et 200 Sp Open Controller Cpu 1515sp Pc2 Simatic Et 200 Sp Open Controller Cpu 1515sp Pc2 Firmware Simatic Et 200 Sp Open Controller Cpu 1515sp Pc Firmware Simatic Hmi Comfort Outdoor Panels Simatic Hmi Comfort Outdoor Panels Firmware Simatic Hmi Comfort Panels Simatic Hmi Comfort Panels Firmware Simatic Hmi Ktp Mobile Panels Ktp400f Simatic Hmi Ktp Mobile Panels Ktp400f Firmware Simatic Hmi Ktp Mobile Panels Ktp700 Simatic Hmi Ktp Mobile Panels Ktp700 Firmware Simatic Hmi Ktp Mobile Panels Ktp700f Simatic Hmi Ktp Mobile Panels Ktp700f Firmware Simatic Hmi Ktp Mobile Panels Ktp900 Simatic Hmi Ktp Mobile Panels Ktp900 Firmware Simatic Hmi Ktp Mobile Panels Ktp900f Simatic Hmi Ktp Mobile Panels Ktp900f Firmware Simatic Ipc Diagmonitor Simatic Rf181-eip Simatic Rf181-eip Firmware Simatic Rf182c Simatic Rf182c Firmware Simatic Rf185c Simatic Rf185c Firmware Simatic Rf186c Simatic Rf186c Firmware Simatic Rf188c Simatic Rf188c Firmware Simatic Rf600r Simatic Rf600r Firmware Simatic S7-1500 Simatic S7-1500 Firmware Simatic S7-1500 Software Controller Simatic S7-1500f Simatic S7-1500f Firmware Simatic S7-1500s Simatic S7-1500s Firmware Simatic S7-1500t Simatic S7-1500t Firmware Simatic S7-300 Simatic S7-300 Firmware Simatic S7-400 Pn Simatic S7-400 Pn\/dp Simatic S7-400 Pn\/dp Firmware Simatic S7-400 Pn Firmware Simatic S7-plcsim Advanced Simatic Teleservice Adapter Ie Advanced Simatic Teleservice Adapter Ie Advanced Firmware Simatic Teleservice Adapter Ie Basic Simatic Teleservice Adapter Ie Basic Firmware Simatic Teleservice Adapter Ie Standard Simatic Teleservice Adapter Ie Standard Firmware Simatic Winac Rtx Simatic Winac Rtx Firmware Simatic Wincc Runtime Advanced Simocode Pro V Eip Simocode Pro V Eip Firmware Simocode Pro V Pn Simocode Pro V Pn Firmware Sinamics G130 Sinamics G130 Firmware Sinamics G150 Sinamics G150 Firmware Sinamics Gh150 Sinamics Gh150 Firmware Sinamics Gl150 Sinamics Gl150 Firmware Sinamics Gm150 Sinamics Gm150 Firmware Sinamics S120 Sinamics S120 Firmware Sinamics S150 Sinamics S150 Firmware Sinamics S210 Sinamics S210 Firmware Sinamics Sl150 Sinamics Sl150 Firmware Sinamics Sm120 Sinamics Sm120 Firmware Sinamics Sm150 Sinamics Sm150 Firmware Sitop Manager Sitop Psu8600 Sitop Psu8600 Firmware Sitop Ups1600 Sitop Ups1600 Firmware Tim 1531 Irc Tim 1531 Irc Firmware

Configuration 1 [-]

AND

cpe:2.3:o:siemens:cp1604_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:cp1604:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:cp1616_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:cp1616:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:siemens:simatic_cp343-1_advanced_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp343-1_advanced:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:siemens:simatic_cp443-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp443-1:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:siemens:simatic_cp443-1_advanced_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp443-1_advanced:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

OR	cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware::::::::
	cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:-::::::

cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

OR	cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware::::::::
	cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:15.1:-::::::

cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

OR	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware::::::::
	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-::::::

cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

OR	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware::::::::
	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-::::::

cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

OR	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware::::::::
	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-::::::

cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

OR	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware::::::::
	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-::::::

cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

OR	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware::::::::
	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-::::::

cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*

Configuration 16 [-]

OR	cpe:2.3:a:siemens:simatic_cp443-1_opc_ua::::::::
	cpe:2.3:a:siemens:simatic_ipc_diagmonitor::::::::
	cpe:2.3:a:siemens:simatic_s7-1500_software_controller::::::::
	cpe:2.3:a:siemens:simatic_s7-plcsim_advanced::::::::
	cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:-::::::
	cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:sp1::::::
	cpe:2.3:a:siemens:simatic_wincc_runtime_advanced::::::::
	cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-::::::
	cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1::::::
	cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2::::::
	cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3::::::
	cpe:2.3:a:siemens:sitop_manager::::::::

Configuration 17 [-]

AND

cpe:2.3:o:siemens:simatic_rf600r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf600r:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:siemens:simatic_rf182c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:siemens:simatic_rf181-eip_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf181-eip:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:siemens:simatic_s7-300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400_pn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400_pn:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:siemens:simatic_s7-400_pn\/dp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-400_pn\/dp:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_standard_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_standard:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

OR	cpe:2.3:o:siemens:simatic_winac_rtx_firmware::::::::
	cpe:2.3:o:siemens:simatic_winac_rtx_firmware:2010:-::::::

cpe:2.3:h:siemens:simatic_winac_rtx:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:siemens:simocode_pro_v_eip_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simocode_pro_v_eip:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:siemens:simocode_pro_v_pn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simocode_pro_v_pn:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:siemens:sinamics_g130_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:siemens:sinamics_s120_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_s150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:-::::::
	cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1::::::
	cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1_hotfix2::::::

cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_s210_firmware::::::::
	cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:-::::::
	cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1::::::

cpe:2.3:h:siemens:sinamics_s210:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:siemens:sitop_psu8600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:siemens:sitop_ups1600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sitop_ups1600:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1500f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500f:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1500s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500s:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1500t_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_gh150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_gh150_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_gl150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_gl150_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_gm150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_gm150_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_sl150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_sl150_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_sm120_firmware::::::::
	cpe:2.3:o:siemens:sinamics_sm120_firmware:4.8:-::::::

cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

OR	cpe:2.3:o:siemens:sinamics_sm150_firmware::::::::
	cpe:2.3:o:siemens:sinamics_sm150_firmware:5.1:-::::::

cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2019-04-17T13:40:24

Updated: 2024-08-04T20:23:22.207Z

Reserved: 2019-01-22T00:00:00

Link: CVE-2019-6568

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-04-17T14:29:03.683

Modified: 2024-11-21T04:46:42.773

Link: CVE-2019-6568

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object