CVE-2019-6568

A vulnerability has been identified in CP1604 (All versions), CP1616 (All versions), SIMATIC CP343-1 Advanced (All versions), SIMATIC CP443-1 (All versions), SIMATIC CP443-1 Advanced (All versions), SIMATIC CP443-1 OPC UA (All versions), SIMATIC ET 200 SP Open Controller CPU 1515SP PC (All versions < V2.1.6), SIMATIC ET 200 SP Open Controller CPU 1515SP PC2 (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions), SIMATIC HMI Comfort Panels 4" - 22" (All versions), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC RF181-EIP (All versions), SIMATIC RF182C (All versions), SIMATIC RF185C (All versions < V1.1.0), SIMATIC RF186C (All versions < V1.1.0), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R (All versions < V3.2.1), SIMATIC S7-1500 CPU family (All versions < V2.6.1), SIMATIC S7-1500 Software Controller (All versions < V2.7), SIMATIC S7-300 CPU family (All versions < V3.X.16), SIMATIC S7-400 PN (incl. F) V6 and below (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V2.0 SP1 UPD1), SIMATIC Teleservice Adapter IE Advanced (All versions), SIMATIC Teleservice Adapter IE Basic (All versions), SIMATIC Teleservice Adapter IE Standard (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIMOCODE pro V EIP (All versions), SIMOCODE pro V PN (All versions), SINAMICS G130 V4.6 (Control Unit) (All versions), SINAMICS G130 V4.7 (Control Unit) (All versions), SINAMICS G130 V4.7 SP1 (Control Unit) (All versions), SINAMICS G130 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS G130 V5.1 (Control Unit) (All versions), SINAMICS G130 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS G150 V4.6 (Control Unit) (All versions), SINAMICS G150 V4.7 (Control Unit) (All versions), SINAMICS G150 V4.7 SP1 (Control Unit) (All versions), SINAMICS G150 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS G150 V5.1 (Control Unit) (All versions), SINAMICS G150 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS S120 V4.6 (Control Unit) (All versions), SINAMICS S120 V4.7 (Control Unit) (All versions), SINAMICS S120 V4.7 SP1 (Control Unit) (All versions), SINAMICS S120 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS S120 V5.1 (Control Unit) (All versions), SINAMICS S120 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS S150 V4.6 (Control Unit) (All versions), SINAMICS S150 V4.7 (Control Unit) (All versions), SINAMICS S150 V4.7 SP1 (Control Unit) (All versions), SINAMICS S150 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS S150 V5.1 (Control Unit) (All versions), SINAMICS S150 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS S210 V5.1 (Control Unit) (All versions), SINAMICS S210 V5.1 SP1 (Control Unit) (All versions), SITOP Manager (All versions), SITOP PSU8600 (All versions), SITOP UPS1600 (All versions), TIM 1531 IRC (All versions). The webserver of the affected devices contains a vulnerability that may lead to a denial-of-service condition. An attacker may cause a denial-of-service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

Published : 2019-04-17 14:29 Updated : 2019-07-11 22:15

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Siemens Simatic Cp443-1 Opc Ua cpe:/a:siemens:simatic_cp443-1_opc_ua
Siemens Simatic Ipc Diagmonitor cpe:/a:siemens:simatic_ipc_diagmonitor
Siemens Simatic S7-1500 Software Controller cpe:/a:siemens:simatic_s7-1500_software_controller
Siemens Simatic S7-plcsim Advanced cpe:/a:siemens:simatic_s7-plcsim_advanced
Siemens Simatic Wincc Runtime Advanced cpe:/a:siemens:simatic_wincc_runtime_advanced
Siemens Sitop Manager cpe:/a:siemens:sitop_manager
Siemens Cp1604 Firmware cpe:/o:siemens:cp1604_firmware
Siemens Cp1616 Firmware cpe:/o:siemens:cp1616_firmware
Siemens Simatic Cp343-1 Advanced Firmware cpe:/o:siemens:simatic_cp343-1_advanced_firmware
Siemens Simatic Cp443-1 Advanced Firmware cpe:/o:siemens:simatic_cp443-1_advanced_firmware
Siemens Simatic Cp443-1 Firmware cpe:/o:siemens:simatic_cp443-1_firmware
Siemens Simatic Et 200 Sp Open Controller Cpu 1515sp Pc2 Firmware cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware
Siemens Simatic Hmi Comfort Outdoor Panels Firmware cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware
Siemens Simatic Hmi Comfort Panels Firmware cpe:/o:siemens:simatic_hmi_comfort_panels_firmware
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware
Siemens Simatic Rf181-eip Firmware cpe:/o:siemens:simatic_rf181-eip_firmware
Siemens Simatic Rf182c Firmware cpe:/o:siemens:simatic_rf182c_firmware
Siemens Simatic Rf185c Firmware cpe:/o:siemens:simatic_rf185c_firmware
Siemens Simatic Rf186c Firmware cpe:/o:siemens:simatic_rf186c_firmware
Siemens Simatic Rf188c Firmware cpe:/o:siemens:simatic_rf188c_firmware
Siemens Simatic Rf600r Firmware cpe:/o:siemens:simatic_rf600r_firmware
Siemens Simatic S7-1500 Firmware cpe:/o:siemens:simatic_s7-1500_firmware
Siemens Simatic S7-1500f Firmware cpe:/o:siemens:simatic_s7-1500f_firmware
Siemens Simatic S7-1500s Firmware cpe:/o:siemens:simatic_s7-1500s_firmware
Siemens Simatic S7-1500t Firmware cpe:/o:siemens:simatic_s7-1500t_firmware
Siemens Simatic S7-300 Firmware - cpe:/o:siemens:simatic_s7-300_firmware:-
Siemens Simatic S7-400 Pn%2fdp Firmware cpe:/o:siemens:simatic_s7-400_pn%2fdp_firmware
Siemens Simatic S7-400 Pn Firmware cpe:/o:siemens:simatic_s7-400_pn_firmware
Siemens Simatic Teleservice Adapter Ie Advanced Firmware cpe:/o:siemens:simatic_teleservice_adapter_ie_advanced_firmware
Siemens Simatic Teleservice Adapter Ie Basic Firmware cpe:/o:siemens:simatic_teleservice_adapter_ie_basic_firmware
Siemens Simatic Teleservice Adapter Ie Standard Firmware cpe:/o:siemens:simatic_teleservice_adapter_ie_standard_firmware
Siemens Simatic Winac Rtx 2010 Firmware cpe:/o:siemens:simatic_winac_rtx_2010_firmware
Siemens Simocode Pro V Eip Firmware cpe:/o:siemens:simocode_pro_v_eip_firmware
Siemens Simocode Pro V Pn Firmware - cpe:/o:siemens:simocode_pro_v_pn_firmware:-
Siemens Sinamics S150 Firmware 5.1 cpe:/o:siemens:sinamics_s150_firmware:5.1:-
Siemens Sinamics S150 Firmware 5.1 cpe:/o:siemens:sinamics_s150_firmware:5.1:sp1
Siemens Sinamics S150 Firmware 5.1 cpe:/o:siemens:sinamics_s150_firmware:5.1:sp1_hf2
Siemens Sinamics S210 Firmware 5.1 cpe:/o:siemens:sinamics_s210_firmware:5.1:-
Siemens Sinamics S210 Firmware 5.1 cpe:/o:siemens:sinamics_s210_firmware:5.1:sp1
Siemens Sitop Psu8600 Firmware cpe:/o:siemens:sitop_psu8600_firmware
Siemens Sitop Ups1600 Firmware cpe:/o:siemens:sitop_ups1600_firmware
Siemens Tim 1531 Irc Firmware cpe:/o:siemens:tim_1531_irc_firmware
  1. Siemens (43) Search CVE
    1. Simatic S7-1500 Firmware (1) Search CVE
    2. Simatic S7-400 Pn Firmware (1) Search CVE
    3. Sinamics S210 Firmware (1) Search CVE
      1. 5.1
    4. Sinamics S150 Firmware (1) Search CVE
      1. 5.1
    5. Sitop Manager (1) Search CVE
    6. Cp1604 Firmware (1) Search CVE
    7. Simatic Winac Rtx 2010 Firmware (1) Search CVE
    8. Simatic S7-1500 Software Controller (1) Search CVE
    9. Simatic Hmi Ktp Mobile Panels Ktp900 Firmware (1) Search CVE
    10. Simatic S7-1500s Firmware (1) Search CVE
    11. Sitop Ups1600 Firmware (1) Search CVE
    12. Simatic Hmi Comfort Panels Firmware (1) Search CVE
    13. Simatic Et 200 Sp Open Controller Cpu 1515sp Pc2 Firmware (1) Search CVE
    14. Simatic Ipc Diagmonitor (1) Search CVE
    15. Simatic Rf186c Firmware (1) Search CVE
    16. Simatic Rf181-eip Firmware (1) Search CVE
    17. Cp1616 Firmware (1) Search CVE
    18. Simatic Teleservice Adapter Ie Standard Firmware (1) Search CVE
    19. Simocode Pro V Eip Firmware (1) Search CVE
    20. Simatic Hmi Ktp Mobile Panels Ktp700f Firmware (1) Search CVE
    21. Sitop Psu8600 Firmware (1) Search CVE
    22. Simatic S7-300 Firmware (1) Search CVE
      1. -
    23. Simatic S7-plcsim Advanced (1) Search CVE
    24. Simatic Rf188c Firmware (1) Search CVE
    25. Simatic Rf182c Firmware (1) Search CVE
    26. Tim 1531 Irc Firmware (1) Search CVE
    27. Simatic Hmi Ktp Mobile Panels Ktp900f Firmware (1) Search CVE
    28. Simatic Hmi Ktp Mobile Panels Ktp400f Firmware (1) Search CVE
    29. Simatic Cp443-1 Firmware (1) Search CVE
    30. Simatic Rf185c Firmware (1) Search CVE
    31. Simatic Hmi Comfort Outdoor Panels Firmware (1) Search CVE
    32. Simatic Hmi Ktp Mobile Panels Ktp700 Firmware (1) Search CVE
    33. Simatic Wincc Runtime Advanced (1) Search CVE
    34. Simatic Cp443-1 Opc Ua (1) Search CVE
    35. Simocode Pro V Pn Firmware (1) Search CVE
      1. -
    36. Simatic S7-1500t Firmware (1) Search CVE
    37. Simatic Cp443-1 Advanced Firmware (1) Search CVE
    38. Simatic S7-400 Pn%2fdp Firmware (1) Search CVE
    39. Simatic Teleservice Adapter Ie Basic Firmware (1) Search CVE
    40. Simatic S7-1500f Firmware (1) Search CVE
    41. Simatic Teleservice Adapter Ie Advanced Firmware (1) Search CVE
    42. Simatic Rf600r Firmware (1) Search CVE
    43. Simatic Cp343-1 Advanced Firmware (1) Search CVE

CWE

ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE

History of changes

Date Event
2019-07-11 22:15
2019-06-12 14:29
2019-05-14 20:29
2019-04-19 15:47
2019-04-17 14:29

New CVE