CVE-2019-13926
First published: Tue Feb 11 2020(Updated: )
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627-2M (All versions >= V3.0 and < V4.1). Specially crafted packets sent to port 443/tcp of affected devices could cause a Denial-of-Service condition of the web server. A cold reboot is required to restore the functionality of the device.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Scalance S602 Firmware | >=3.0<4.1 | |
| Siemens SCALANCE S602 | ||
| Siemens Scalance S612 Firmware | >=3.0<4.1 | |
| Siemens SCALANCE S612 | ||
| Siemens Scalance S623 Firmware | >=3.0<4.1 | |
| Siemens SCALANCE S623 | ||
| Siemens Scalance S627-2m Firmware | >=3.0<4.1 | |
| Siemens SCALANCE S627-2M |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-13926.
Which devices are affected by this vulnerability?
The SCALANCE S602, SCALANCE S612, SCALANCE S623, and SCALANCE S627-2M devices with firmware versions >= V3.0 and < V4.1 are affected by this vulnerability.
What is the severity rating of this vulnerability?
The severity rating of this vulnerability is high with a CVSS score of 7.5.
How can this vulnerability be exploited?
This vulnerability can be exploited by sending specially crafted packets to port 443/tcp of the affected devices.
Is there a fix available for this vulnerability?
Siemens has released firmware updates to address this vulnerability. Please refer to the product advisories for more information.
- agent/type
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- agent/event
- agent/source
- vendor/siemens
- canonical/siemens scalance s602 firmware
- version/siemens scalance s602 firmware/3.0
- canonical/siemens scalance s602
- canonical/siemens scalance s612 firmware
- version/siemens scalance s612 firmware/3.0
- canonical/siemens scalance s612
- canonical/siemens scalance s623 firmware
- version/siemens scalance s623 firmware/3.0
- canonical/siemens scalance s623
- canonical/siemens scalance s627-2m firmware
- version/siemens scalance s627-2m firmware/3.0
- canonical/siemens scalance s627-2m