A vulnerability has been identified in SIMATIC CP443-1 OPC UA (All versions), SIMATIC ET 200 Open Controller CPU 1515SP PC2 (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions), SIMATIC HMI Comfort Panels 4" - 22" (All versions), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC NET PC Software (All versions >= V7.1), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R (All versions < V3.2.1), SIMATIC S7-1500 CPU family (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15-P018), SIMATIC WinCC Runtime Advanced (All versions), SINEC-NMS (All versions), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication. At the time of advisory publication no public exploitation of this security vulnerability was known.

Published : 2019-04-17 14:29 Updated : 2019-07-11 22:15

CVSS Score More info
Score 7.8 / 10
Vendor Product Version URI
Siemens Simatic S7-1500 Software Controller 2.5 cpe:/a:siemens:simatic_s7-1500_software_controller:2.5
Siemens Simatic Wincc Runtime Advanced cpe:/a:siemens:simatic_wincc_runtime_advanced
Siemens Simatic Wincc Runtime Comfort cpe:/a:siemens:simatic_wincc_runtime_comfort
Siemens Simatic Wincc Runtime Hsp Comfort cpe:/a:siemens:simatic_wincc_runtime_hsp_comfort
Siemens Simatic Wincc Runtime Mobile cpe:/a:siemens:simatic_wincc_runtime_mobile
Siemens Sinec-nms cpe:/a:siemens:sinec-nms
Siemens Sinema Server cpe:/a:siemens:sinema_server
Siemens Telecontrol Server Basic cpe:/a:siemens:telecontrol_server_basic
Siemens Simatic Cp443-1 Opc Ua Firmware cpe:/o:siemens:simatic_cp443-1_opc_ua_firmware
Siemens Simatic Et 200 Open Controller Cpu 1515sp Pc2 Firmware cpe:/o:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2_firmware
Siemens Simatic Ipc Diagmonitor Firmware cpe:/o:siemens:simatic_ipc_diagmonitor_firmware
Siemens Simatic Net Pc Software Firmware cpe:/o:siemens:simatic_net_pc_software_firmware
Siemens Simatic Rf188c Firmware cpe:/o:siemens:simatic_rf188c_firmware
Siemens Simatic Rf600r Firmware cpe:/o:siemens:simatic_rf600r_firmware
Siemens Simatic S7-1500 Firmware 2.5 cpe:/o:siemens:simatic_s7-1500_firmware:2.5
Siemens Simatic S7-1500f Firmware 2.5 cpe:/o:siemens:simatic_s7-1500f_firmware:2.5
Siemens Simatic S7-1500s Firmware 2.5 cpe:/o:siemens:simatic_s7-1500s_firmware:2.5
Siemens Simatic S7-1500t Firmware 2.5 cpe:/o:siemens:simatic_s7-1500t_firmware:2.5
  1. Siemens (18) Search CVE
    1. Simatic Wincc Runtime Advanced (1) Search CVE
    2. Simatic Cp443-1 Opc Ua Firmware (1) Search CVE
    3. Simatic Net Pc Software Firmware (1) Search CVE
    4. Simatic Ipc Diagmonitor Firmware (1) Search CVE
    5. Simatic Wincc Runtime Comfort (1) Search CVE
    6. Simatic S7-1500t Firmware (1) Search CVE
      1. 2.5
    7. Simatic Wincc Runtime Hsp Comfort (1) Search CVE
    8. Simatic S7-1500s Firmware (1) Search CVE
      1. 2.5
    9. Simatic Rf600r Firmware (1) Search CVE
    10. Simatic S7-1500 Software Controller (1) Search CVE
      1. 2.5
    11. Simatic S7-1500 Firmware (1) Search CVE
      1. 2.5
    12. Sinec-nms (1) Search CVE
    13. Simatic S7-1500f Firmware (1) Search CVE
      1. 2.5
    14. Telecontrol Server Basic (1) Search CVE
    15. Simatic Rf188c Firmware (1) Search CVE
    16. Sinema Server (1) Search CVE
    17. Simatic Et 200 Open Controller Cpu 1515sp Pc2 Firmware (1) Search CVE
    18. Simatic Wincc Runtime Mobile (1) Search CVE


ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE

History of changes

Date Event
2019-07-11 22:15
2019-06-12 14:29
2019-05-14 20:29
2019-04-18 17:54
2019-04-17 14:29