CVE-2019-13946
First published: Tue Feb 11 2020(Updated: )
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.
Credit: productcert@siemens.com productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens DK Standard Ethernet Controller Evaluation Kit | ||
| Siemens SIMATIC PROFINET Driver | <2.1 | |
| Siemens Simatic IPC Support | ||
| All of | ||
| Siemens EK-ERTEC 200 | <4.5 | |
| Siemens EK-ERTEC 200pn io | ||
| All of | ||
| Siemens EK-ERTEC 200P PN IO Firmware | <4.6 | |
| Siemens EK-ERTEC 200P Evaluation Kit | ||
| All of | ||
| Siemens RUGGEDCOM RM1224 | <4.3 | |
| Siemens RuggedCom RM1224 LTE | ||
| All of | ||
| Siemens SCALANCE M-800 | <4.3 | |
| Siemens Scalance M-800 Firmware | ||
| All of | ||
| Siemens Scalance S615 EEC Firmware | <4.3 | |
| Siemens Scalance S615 Firmware | ||
| All of | ||
| Siemens SCALANCE W700 | <=6.0.1 | |
| Siemens SCALANCE W-700 IEEE 802.11n family | ||
| All of | ||
| Siemens Scalance XC-200 Firmware | ||
| Siemens SCALANCE XC-200 | ||
| All of | ||
| Siemens Scalance XF-200BA Firmware | ||
| Siemens Scalance XF-200BA Firmware | ||
| All of | ||
| Siemens Scalance XP-200 Firmware | ||
| Siemens SCALANCE XP-200 | ||
| All of | ||
| Siemens Scalance XB-200 Firmware | ||
| Siemens SCALANCE XB-200 | ||
| All of | ||
| Siemens Scalance X-200 Firmware | <5.3 | |
| Siemens SCALANCE X-200 | ||
| All of | ||
| Siemens SCALANCE XR300-WG firmware | <3.0 | |
| Siemens SCALANCE X-300WG | ||
| All of | ||
| Siemens Scalance X300 Firmware | ||
| Siemens SCALANCE X-300 series firmware | ||
| All of | ||
| Siemens Scalance XB-200 Firmware | <3.0 | |
| Siemens SCALANCE XB-200 | ||
| All of | ||
| Siemens Scalance XC-200 Firmware | <3.0 | |
| Siemens SCALANCE XC-200 | ||
| All of | ||
| Siemens Scalance XP-200 Firmware | <3.0 | |
| Siemens SCALANCE XP-200 | ||
| All of | ||
| Siemens Scalance XF-200BA Firmware | <3.0 | |
| Siemens SCALANCE XF-200BA | ||
| All of | ||
| Siemens Scalance X-400 | <6.0 | |
| Siemens Scalance X-400 Firmware | ||
| All of | ||
| Siemens Scalance XM-400 Firmware | <6.0 | |
| Siemens Scalance XM-400 Firmware | ||
| All of | ||
| Siemens Scalance XR524 | <6.0 | |
| Siemens Scalance XR524-8C | ||
| All of | ||
| Siemens Scalance XR526-8C Firmware | <6.0 | |
| Siemens Scalance XR526-8C Firmware | ||
| All of | ||
| Siemens Scalance XR528-6M Firmware | <6.0 | |
| Siemens Scalance XR528-6M Firmware | ||
| All of | ||
| Siemens Scalance XR552-12 Firmware | <6.0 | |
| Siemens Scalance XR552-12 | ||
| All of | ||
| Siemens Simatic Net CP 1616 | <2.8 | |
| Siemens Simatic Net CP 1616 | ||
| All of | ||
| Siemens CP 1604 | ||
| Siemens CP 1604 Firmware | <2.8 | |
| All of | ||
| Siemens Simatic CP 343-1 | ||
| Siemens CP 343-1 Lean | ||
| All of | ||
| Siemens SIMATIC NET CP 343-1 Advanced firmware | ||
| Siemens Simatic CP 343-1 Advanced | ||
| All of | ||
| Siemens Simatic CP 343-1 Firmware | ||
| Siemens SIMATIC CP 343-1 ERPC Firmware | ||
| All of | ||
| Siemens SIMATIC NET CP 343-1 Lean Firmware | ||
| Siemens CP 343-1 Lean | ||
| All of | ||
| Siemens SIMATIC CP 443-1 Std Firmware | ||
| Siemens Simatic CP443-1 Advanced Firmware | ||
| All of | ||
| Siemens Simatic CP443-1 Advanced Firmware | ||
| Siemens Simatic CP443-1 Advanced | ||
| All of | ||
| Siemens Simatic Net CP 443-1 OPC UA Firmware | ||
| Siemens SIMATIC CP 443-1 Firmware | ||
| All of | ||
| Siemens Simatic ET200AL IM 157-1 PN | ||
| Siemens Simatic ET200AL IM 157-1 PN Firmware | ||
| All of | ||
| Siemens Simatic ET 200M IM153-4 PN IO HF | ||
| Siemens Simatic ET 200M IM153-4 PN IO HF | ||
| All of | ||
| Siemens SIMATIC ET 200M IM153-4 PN IO ST | ||
| Siemens SIMATIC ET 200M IM153-4 PN IO ST | ||
| All of | ||
| Siemens SIMATIC ET 200MP IM 155-5 PN HF firmware | <4.2.0 | |
| Siemens SIMATIC ET200MP IM155-5 PN HF Firmware | ||
| All of | ||
| Siemens Simatic ET200MP IM155-5 PN ST | <4.1.0 | |
| Siemens SIMATIC ET 200MP IM 155-5 PN St | ||
| All of | ||
| Siemens SIMATIC ET 200S | ||
| Siemens SIMATIC ET 200S | ||
| All of | ||
| Siemens SIMATIC ET200SP IM155-6 PN Basic | ||
| Siemens SIMATIC ET200SP | ||
| All of | ||
| Siemens SIMATIC ET200SP IM 155-6 PN/2 HF | <3.3.1 | |
| Siemens SIMATIC ET200SP IM155-6 PN HF Firmware | ||
| All of | ||
| Siemens Simatic ET200SP IM155-6 PN ST | <4.1.0 | |
| Siemens SIMATIC ET200SP IM155-6 PN St | ||
| All of | ||
| Siemens SIMATIC ET 200ecoPN Firmware | ||
| Siemens SIMATIC ET 200ecoPN | ||
| All of | ||
| Siemens SIMATIC ET 200pro Firmware | ||
| Siemens SIMATIC ET 200pro | ||
| All of | ||
| Siemens IM 154-3 PN HF | ||
| Siemens IM 154-3 PN HF Firmware | ||
| All of | ||
| Siemens IM 154-4 PN HF | ||
| Siemens IM 154-4 PN HF | ||
| All of | ||
| Siemens Simatic MV440 | ||
| Siemens SIMATIC MV440 | ||
| All of | ||
| Siemens Simatic MV420 | ||
| Siemens Simatic MV420 Firmware | ||
| All of | ||
| Siemens Simatic PN/PN Coupler Firmware | ||
| Siemens Simatic PN/PN Coupler | ||
| All of | ||
| Siemens Simatic RF180C | ||
| Siemens SIMATIC RF180C | ||
| All of | ||
| Siemens Simatic RF182C | ||
| Siemens SIMATIC RF182C | ||
| All of | ||
| Siemens Simatic RF600 Firmware | <3.0 | |
| Siemens Simatic RF600 | ||
| All of | ||
| Siemens Sinamics DCP | <1.3 | |
| Siemens Sinamics DCP Firmware | ||
| Siemens EK-ERTEC 200 | <4.5 | |
| Siemens EK-ERTEC 200pn io | ||
| Siemens EK-ERTEC 200P PN IO Firmware | <4.6 | |
| Siemens EK-ERTEC 200P Evaluation Kit | ||
| Siemens RUGGEDCOM RM1224 | <4.3 | |
| Siemens RuggedCom RM1224 LTE | ||
| Siemens SCALANCE M-800 | <4.3 | |
| Siemens Scalance M-800 Firmware | ||
| Siemens Scalance S615 EEC Firmware | <4.3 | |
| Siemens Scalance S615 Firmware | ||
| Siemens SCALANCE W700 | <=6.0.1 | |
| Siemens SCALANCE W-700 IEEE 802.11n family | ||
| Siemens Scalance XC-200 Firmware | ||
| Siemens SCALANCE XC-200 | ||
| Siemens Scalance XF-200BA Firmware | ||
| Siemens Scalance XF-200BA Firmware | ||
| Siemens Scalance XP-200 Firmware | ||
| Siemens SCALANCE XP-200 | ||
| Siemens Scalance XB-200 Firmware | ||
| Siemens SCALANCE XB-200 | ||
| Siemens Scalance X-200 Firmware | <5.3 | |
| Siemens SCALANCE X-200 | ||
| Siemens SCALANCE XR300-WG firmware | <3.0 | |
| Siemens SCALANCE X-300WG | ||
| Siemens Scalance X300 Firmware | ||
| Siemens SCALANCE X-300 series firmware | ||
| Siemens Scalance XB-200 Firmware | <3.0 | |
| Siemens Scalance XC-200 Firmware | <3.0 | |
| Siemens Scalance XP-200 Firmware | <3.0 | |
| Siemens Scalance XF-200BA Firmware | <3.0 | |
| Siemens SCALANCE XF-200BA | ||
| Siemens Scalance X-400 | <6.0 | |
| Siemens Scalance X-400 Firmware | ||
| Siemens Scalance XM-400 Firmware | <6.0 | |
| Siemens Scalance XM-400 Firmware | ||
| Siemens Scalance XR524 | <6.0 | |
| Siemens Scalance XR524-8C | ||
| Siemens Scalance XR526-8C Firmware | <6.0 | |
| Siemens Scalance XR526-8C Firmware | ||
| Siemens Scalance XR528-6M Firmware | <6.0 | |
| Siemens Scalance XR528-6M Firmware | ||
| Siemens Scalance XR552-12 Firmware | <6.0 | |
| Siemens Scalance XR552-12 | ||
| Siemens Simatic Net CP 1616 | <2.8 | |
| Siemens Simatic Net CP 1616 | ||
| Siemens CP 1604 Firmware | <2.8 | |
| Siemens CP 1604 | ||
| Siemens Simatic CP 343-1 | ||
| Siemens CP 343-1 Lean | ||
| Siemens SIMATIC NET CP 343-1 Advanced firmware | ||
| Siemens Simatic CP 343-1 Advanced | ||
| Siemens Simatic CP 343-1 Firmware | ||
| Siemens SIMATIC CP 343-1 ERPC Firmware | ||
| Siemens SIMATIC NET CP 343-1 Lean Firmware | ||
| Siemens CP 343-1 Lean | ||
| Siemens SIMATIC CP 443-1 Std Firmware | ||
| Siemens Simatic CP443-1 Advanced Firmware | ||
| Siemens Simatic CP443-1 Advanced Firmware | ||
| Siemens Simatic CP443-1 Advanced | ||
| Siemens Simatic Net CP 443-1 OPC UA Firmware | ||
| Siemens SIMATIC CP 443-1 Firmware | ||
| Siemens Simatic ET200AL IM 157-1 PN | ||
| Siemens Simatic ET200AL IM 157-1 PN Firmware | ||
| Siemens Simatic ET 200M IM153-4 PN IO HF | ||
| Siemens Simatic ET 200M IM153-4 PN IO HF | ||
| Siemens SIMATIC ET 200M IM153-4 PN IO ST | ||
| Siemens SIMATIC ET 200M IM153-4 PN IO ST | ||
| Siemens SIMATIC ET 200MP IM 155-5 PN HF firmware | <4.2.0 | |
| Siemens SIMATIC ET200MP IM155-5 PN HF Firmware | ||
| Siemens Simatic ET200MP IM155-5 PN ST | <4.1.0 | |
| Siemens SIMATIC ET 200MP IM 155-5 PN St | ||
| Siemens SIMATIC ET 200S | ||
| Siemens SIMATIC ET 200S | ||
| Siemens SIMATIC ET200SP IM155-6 PN Basic | ||
| Siemens SIMATIC ET200SP | ||
| Siemens SIMATIC ET200SP IM 155-6 PN/2 HF | <3.3.1 | |
| Siemens SIMATIC ET200SP IM155-6 PN HF Firmware | ||
| Siemens Simatic ET200SP IM155-6 PN ST | <4.1.0 | |
| Siemens SIMATIC ET200SP IM155-6 PN St | ||
| Siemens SIMATIC ET 200ecoPN Firmware | ||
| Siemens SIMATIC ET 200ecoPN | ||
| Siemens SIMATIC ET 200pro Firmware | ||
| Siemens SIMATIC ET 200pro | ||
| Siemens IM 154-3 PN HF | ||
| Siemens IM 154-3 PN HF Firmware | ||
| Siemens IM 154-4 PN HF | ||
| Siemens IM 154-4 PN HF | ||
| Siemens Simatic MV440 | ||
| Siemens SIMATIC MV440 | ||
| Siemens Simatic MV420 | ||
| Siemens Simatic MV420 Firmware | ||
| Siemens Simatic PN/PN Coupler Firmware | ||
| Siemens Simatic PN/PN Coupler | ||
| Siemens Simatic RF180C | ||
| Siemens SIMATIC RF180C | ||
| Siemens Simatic RF182C | ||
| Siemens SIMATIC RF182C | ||
| Siemens Simatic RF600 Firmware | <3.0 | |
| Siemens Simatic RF600 | ||
| Siemens Sinamics DCP | <1.3 | |
| Siemens Sinamics DCP Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-13946?
CVE-2019-13946 is rated as a high severity vulnerability due to its potential to cause a denial of service condition.
How do I fix CVE-2019-13946?
To mitigate CVE-2019-13946, upgrade the affected software to the latest version provided by Siemens.
Which devices are affected by CVE-2019-13946?
CVE-2019-13946 affects various Siemens hardware, including multiple versions of the PROFINET IO stack and specific firmware of devices such as the SCALANCE and Ruggedcom series.
What type of issue is CVE-2019-13946?
CVE-2019-13946 is a resource allocation vulnerability that can trigger denial of service attacks when malicious diagnostic requests are sent.
Is CVE-2019-13946 actively exploited?
There is currently no public information indicating that CVE-2019-13946 is being actively exploited in the wild.
- agent/type
- agent/weakness
- agent/description
- agent/severity
- agent/references
- agent/first-publish-date
- agent/event
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/siemens
- canonical/siemens dk standard ethernet controller evaluation kit
- canonical/siemens simatic profinet driver
- canonical/siemens simatic ipc support
- canonical/siemens ek-ertec 200
- canonical/siemens ek-ertec 200pn io
- canonical/siemens ek-ertec 200p pn io firmware
- canonical/siemens ek-ertec 200p evaluation kit
- canonical/siemens ruggedcom rm1224
- canonical/siemens ruggedcom rm1224 lte
- canonical/siemens scalance m-800
- canonical/siemens scalance m-800 firmware
- canonical/siemens scalance s615 eec firmware
- canonical/siemens scalance s615 firmware
- canonical/siemens scalance w700
- version/siemens scalance w700/6.0.1
- canonical/siemens scalance w-700 ieee 802.11n family
- canonical/siemens scalance xc-200 firmware
- canonical/siemens scalance xc-200
- canonical/siemens scalance xf-200ba firmware
- canonical/siemens scalance xp-200 firmware
- canonical/siemens scalance xp-200
- canonical/siemens scalance xb-200 firmware
- canonical/siemens scalance xb-200
- canonical/siemens scalance x-200 firmware
- canonical/siemens scalance x-200
- canonical/siemens scalance xr300-wg firmware
- canonical/siemens scalance x-300wg
- canonical/siemens scalance x300 firmware
- canonical/siemens scalance x-300 series firmware
- canonical/siemens scalance xf-200ba
- canonical/siemens scalance x-400
- canonical/siemens scalance x-400 firmware
- canonical/siemens scalance xm-400 firmware
- canonical/siemens scalance xr524
- canonical/siemens scalance xr524-8c
- canonical/siemens scalance xr526-8c firmware
- canonical/siemens scalance xr528-6m firmware
- canonical/siemens scalance xr552-12 firmware
- canonical/siemens scalance xr552-12
- canonical/siemens simatic net cp 1616
- canonical/siemens cp 1604
- canonical/siemens cp 1604 firmware
- canonical/siemens simatic cp 343-1
- canonical/siemens cp 343-1 lean
- canonical/siemens simatic net cp 343-1 advanced firmware
- canonical/siemens simatic cp 343-1 advanced
- canonical/siemens simatic cp 343-1 firmware
- canonical/siemens simatic cp 343-1 erpc firmware
- canonical/siemens simatic net cp 343-1 lean firmware
- canonical/siemens simatic cp 443-1 std firmware
- canonical/siemens simatic cp443-1 advanced firmware
- canonical/siemens simatic cp443-1 advanced
- canonical/siemens simatic net cp 443-1 opc ua firmware
- canonical/siemens simatic cp 443-1 firmware
- canonical/siemens simatic et200al im 157-1 pn
- canonical/siemens simatic et200al im 157-1 pn firmware
- canonical/siemens simatic et 200m im153-4 pn io hf
- canonical/siemens simatic et 200m im153-4 pn io st
- canonical/siemens simatic et 200mp im 155-5 pn hf firmware
- canonical/siemens simatic et200mp im155-5 pn hf firmware
- canonical/siemens simatic et200mp im155-5 pn st
- canonical/siemens simatic et 200mp im 155-5 pn st
- canonical/siemens simatic et 200s
- canonical/siemens simatic et200sp im155-6 pn basic
- canonical/siemens simatic et200sp
- canonical/siemens simatic et200sp im 155-6 pn/2 hf
- canonical/siemens simatic et200sp im155-6 pn hf firmware
- canonical/siemens simatic et200sp im155-6 pn st
- canonical/siemens simatic et 200ecopn firmware
- canonical/siemens simatic et 200ecopn
- canonical/siemens simatic et 200pro firmware
- canonical/siemens simatic et 200pro
- canonical/siemens im 154-3 pn hf
- canonical/siemens im 154-3 pn hf firmware
- canonical/siemens im 154-4 pn hf
- canonical/siemens simatic mv440
- canonical/siemens simatic mv420
- canonical/siemens simatic mv420 firmware
- canonical/siemens simatic pn/pn coupler firmware
- canonical/siemens simatic pn/pn coupler
- canonical/siemens simatic rf180c
- canonical/siemens simatic rf182c
- canonical/siemens simatic rf600 firmware
- canonical/siemens simatic rf600
- canonical/siemens sinamics dcp
- canonical/siemens sinamics dcp firmware