CVE-2019-19300
First published: Tue Apr 14 2020(Updated: )
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions), KTK ATE530S (All versions), SIDOOR ATD430W (All versions), SIDOOR ATE530S COATED (All versions), SIDOOR ATE531S (All versions), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC MICRO-DRIVE PDC (All versions), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (All versions >= V4.2), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0), SIMATIC S7-1500 Software Controller (All versions < V2.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions), SIMATIC S7-300 CPU 315-2 PN/DP (All versions), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions), SIMATIC S7-300 CPU 317-2 PN/DP (All versions), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions), SIMATIC S7-300 CPU 319-3 PN/DP (All versions), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions), SIMATIC S7-400 H V6 CPU family and below (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SINAMICS S/G Control Unit w. PROFINET (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions), SIPLUS NET PN/PN Coupler (All versions >= V4.2), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions), SIPLUS S7-300 CPU 315-2 PN/DP (All versions), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions), SIPLUS S7-300 CPU 317-2 PN/DP (All versions), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.
Credit: productcert@siemens.com productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| siemens KTK ATE530S firmware | ||
| siemens KTK ATE530S | ||
| siemens SIDOOR ATD430W firmware | ||
| siemens SIDOOR ATD430W | ||
| siemens SIDOOR ATE530S COATED firmware | ||
| siemens SIDOOR ATE530S COATED | ||
| siemens SIDOOR ATE531S firmware | ||
| siemens SIDOOR ATE531S | ||
| siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC firmware | <2.0 | |
| siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC | ||
| Siemens SIMATIC ET 200SP Open Controller firmware | <2.0 | |
| Siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Firmware | ||
| Siemens SIMATIC ET200MP IM155-5 PN HF Firmware | <=4.2 | |
| Siemens SIMATIC ET200MP IM155-5 PN HF Firmware | ||
| siemens SIMATIC ET200SP IM155-6 MF HF firmware | ||
| siemens SIMATIC ET200SP IM155-6 MF HF | ||
| siemens SIMATIC ET200SP IM155-6 PN ha firmware | ||
| siemens SIMATIC ET200SP IM155-6 PN ha | ||
| Siemens SIMATIC ET200SP IM155-6 PN HF Firmware | <=4.2 | |
| Siemens SIMATIC ET200SP IM155-6 PN HF Firmware | ||
| siemens SIMATIC ET200SP IM155-6 pn\/2 HF firmware | <=4.2 | |
| siemens SIMATIC ET200SP IM155-6 pn\/2 HF | ||
| siemens SIMATIC MICRO-DRIVE PDC firmware | ||
| siemens SIMATIC MICRO-DRIVE PDC | ||
| Siemens Simatic PN/PN Coupler Firmware | <=4.2 | |
| Siemens Simatic PN/PN Coupler | ||
| siemens SIMATIC S7-1500 CPU 1511-1 PN firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1511-1 PN | ||
| siemens SIMATIC S7-1500 CPU 1513-1 PN firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1513-1 PN | ||
| siemens SIMATIC S7-1500 CPU 1515-2 PN firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1515-2 PN | ||
| siemens SIMATIC S7-1500 CPU 1516-3 pn\/dp firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1516-3 pn\/dp | ||
| siemens SIMATIC S7-1500 CPU 1517-3 pn\/dp firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1517-3 pn\/dp | ||
| siemens SIMATIC S7-1500 CPU 1518-4 pn\/dp firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1518-4 pn\/dp | ||
| siemens SIMATIC S7-1500 CPU 1511f-1 PN firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1511f-1 PN | ||
| siemens SIMATIC S7-1500 CPU 1513f-1 PN firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1513f-1 PN | ||
| siemens SIMATIC S7-1500 CPU 1515f-2 PN firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1515f-2 PN | ||
| siemens SIMATIC S7-1500 CPU 1516f-3 pn\/dp firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1516f-3 pn\/dp | ||
| siemens SIMATIC S7-1500 CPU 1517f-3 pn\/dp firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1517f-3 pn\/dp | ||
| siemens SIMATIC S7-1500 CPU 1518f-4 pn\/dp firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1518f-4 pn\/dp | ||
| Siemens Simatic S7-1500 | <2.0 | |
| Siemens SIMATIC S7-300 CPU Firmware | ||
| Siemens SIMATIC S7-300 | ||
| siemens SIMATIC S7-400 pn\/dp firmware | ||
| siemens SIMATIC S7-400 pn\/dp | =v7 | |
| siemens SIMATIC S7-410 CPU firmware | ||
| siemens SIMATIC S7-410 CPU | ||
| Siemens SIMATIC TDC CP51M1 | ||
| Siemens SIMATIC TDC CP51M1 Firmware | ||
| Siemens SIMATIC TDC CPU555 | ||
| Siemens SIMATIC TDC CPU555 Firmware | ||
| Siemens Simatic WinAC RTX (F) 2010 Firmware | ||
| Siemens Simatic Winac RTX (F) 2010 | ||
| siemens SINAMICS s\/g Control Unit firmware | ||
| siemens SINAMICS s\/g Control Unit | ||
| All of | ||
| siemens KTK ATE530S | ||
| siemens KTK ATE530S firmware | ||
| All of | ||
| siemens SIDOOR ATD430W | ||
| siemens SIDOOR ATD430W firmware | ||
| All of | ||
| siemens SIDOOR ATE530S COATED | ||
| siemens SIDOOR ATE530S COATED firmware | ||
| All of | ||
| siemens SIDOOR ATE531S | ||
| siemens SIDOOR ATE531S firmware | ||
| All of | ||
| siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC firmware | <2.0 | |
| siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC | ||
| All of | ||
| Siemens SIMATIC ET 200SP Open Controller firmware | <2.0 | |
| Siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Firmware | ||
| All of | ||
| Siemens SIMATIC ET200MP IM155-5 PN HF Firmware | <=4.2 | |
| Siemens SIMATIC ET200MP IM155-5 PN HF Firmware | ||
| All of | ||
| siemens SIMATIC ET200SP IM155-6 MF HF | ||
| siemens SIMATIC ET200SP IM155-6 MF HF firmware | ||
| All of | ||
| siemens SIMATIC ET200SP IM155-6 PN ha firmware | ||
| siemens SIMATIC ET200SP IM155-6 PN ha | ||
| All of | ||
| Siemens SIMATIC ET200SP IM155-6 PN HF Firmware | ||
| Siemens SIMATIC ET200SP IM155-6 PN HF Firmware | <=4.2 | |
| All of | ||
| siemens SIMATIC ET200SP IM155-6 pn\/2 HF | ||
| siemens SIMATIC ET200SP IM155-6 pn\/2 HF firmware | <=4.2 | |
| All of | ||
| siemens SIMATIC MICRO-DRIVE PDC | ||
| siemens SIMATIC MICRO-DRIVE PDC firmware | ||
| All of | ||
| Siemens Simatic PN/PN Coupler | ||
| Siemens Simatic PN/PN Coupler Firmware | <=4.2 | |
| All of | ||
| siemens SIMATIC S7-1500 CPU 1511-1 PN | ||
| siemens SIMATIC S7-1500 CPU 1511-1 PN firmware | <2.0 | |
| All of | ||
| siemens SIMATIC S7-1500 CPU 1513-1 PN | ||
| siemens SIMATIC S7-1500 CPU 1513-1 PN firmware | <2.0 | |
| All of | ||
| siemens SIMATIC S7-1500 CPU 1515-2 PN | ||
| siemens SIMATIC S7-1500 CPU 1515-2 PN firmware | <2.0 | |
| All of | ||
| siemens SIMATIC S7-1500 CPU 1516-3 pn\/dp | ||
| siemens SIMATIC S7-1500 CPU 1516-3 pn\/dp firmware | <2.0 | |
| All of | ||
| siemens SIMATIC S7-1500 CPU 1517-3 pn\/dp | ||
| siemens SIMATIC S7-1500 CPU 1517-3 pn\/dp firmware | <2.0 | |
| All of | ||
| siemens SIMATIC S7-1500 CPU 1518-4 pn\/dp | ||
| siemens SIMATIC S7-1500 CPU 1518-4 pn\/dp firmware | <2.0 | |
| All of | ||
| siemens SIMATIC S7-1500 CPU 1511f-1 PN | ||
| siemens SIMATIC S7-1500 CPU 1511f-1 PN firmware | <2.0 | |
| All of | ||
| siemens SIMATIC S7-1500 CPU 1513f-1 PN firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1513f-1 PN | ||
| All of | ||
| siemens SIMATIC S7-1500 CPU 1515f-2 PN firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1515f-2 PN | ||
| All of | ||
| siemens SIMATIC S7-1500 CPU 1516f-3 pn\/dp firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1516f-3 pn\/dp | ||
| All of | ||
| siemens SIMATIC S7-1500 CPU 1517f-3 pn\/dp firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1517f-3 pn\/dp | ||
| All of | ||
| siemens SIMATIC S7-1500 CPU 1518f-4 pn\/dp firmware | <2.0 | |
| siemens SIMATIC S7-1500 CPU 1518f-4 pn\/dp | ||
| All of | ||
| Siemens SIMATIC S7-300 CPU Firmware | ||
| Siemens SIMATIC S7-300 | ||
| All of | ||
| siemens SIMATIC S7-400 pn\/dp firmware | ||
| siemens SIMATIC S7-400 pn\/dp | =v7 | |
| All of | ||
| siemens SIMATIC S7-410 CPU firmware | ||
| siemens SIMATIC S7-410 CPU | ||
| All of | ||
| Siemens SIMATIC TDC CP51M1 | ||
| Siemens SIMATIC TDC CP51M1 Firmware | ||
| All of | ||
| Siemens SIMATIC TDC CPU555 | ||
| Siemens SIMATIC TDC CPU555 Firmware | ||
| All of | ||
| Siemens Simatic WinAC RTX (F) 2010 Firmware | ||
| Siemens Simatic Winac RTX (F) 2010 | ||
| All of | ||
| siemens SINAMICS s\/g Control Unit firmware | ||
| siemens SINAMICS s\/g Control Unit |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-19300?
CVE-2019-19300 has been classified with a medium severity rating due to potential exploitation.
How do I fix CVE-2019-19300?
To mitigate CVE-2019-19300, it is recommended to update the firmware of affected devices to the latest version provided by Siemens.
Which devices are affected by CVE-2019-19300?
Devices affected by CVE-2019-19300 include various Siemens PROFINET IO development and evaluation kits and SIMATIC controllers.
Can CVE-2019-19300 be remotely exploited?
Yes, CVE-2019-19300 can potentially be exploited remotely, allowing an attacker to execute unauthorized commands.
Is there a patch available for CVE-2019-19300?
Yes, Siemens has released firmware updates that address CVE-2019-19300 and it is crucial to apply these updates.
- agent/type
- agent/weakness
- agent/references
- agent/severity
- agent/first-publish-date
- agent/event
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/siemens
- canonical/siemens ktk ate530s firmware
- canonical/siemens ktk ate530s
- canonical/siemens sidoor atd430w firmware
- canonical/siemens sidoor atd430w
- canonical/siemens sidoor ate530s coated firmware
- canonical/siemens sidoor ate530s coated
- canonical/siemens sidoor ate531s firmware
- canonical/siemens sidoor ate531s
- canonical/siemens simatic et 200sp open controller cpu 1515sp pc firmware
- canonical/siemens simatic et 200sp open controller cpu 1515sp pc
- canonical/siemens simatic et 200sp open controller firmware
- canonical/siemens simatic et 200sp open controller cpu 1515sp pc2 firmware
- canonical/siemens simatic et200mp im155-5 pn hf firmware
- version/siemens simatic et200mp im155-5 pn hf firmware/4.2
- canonical/siemens simatic et200sp im155-6 mf hf firmware
- canonical/siemens simatic et200sp im155-6 mf hf
- canonical/siemens simatic et200sp im155-6 pn ha firmware
- canonical/siemens simatic et200sp im155-6 pn ha
- canonical/siemens simatic et200sp im155-6 pn hf firmware
- version/siemens simatic et200sp im155-6 pn hf firmware/4.2
- canonical/siemens simatic et200sp im155-6 pn\/2 hf firmware
- version/siemens simatic et200sp im155-6 pn\/2 hf firmware/4.2
- canonical/siemens simatic et200sp im155-6 pn\/2 hf
- canonical/siemens simatic micro-drive pdc firmware
- canonical/siemens simatic micro-drive pdc
- canonical/siemens simatic pn/pn coupler firmware
- version/siemens simatic pn/pn coupler firmware/4.2
- canonical/siemens simatic pn/pn coupler
- canonical/siemens simatic s7-1500 cpu 1511-1 pn firmware
- canonical/siemens simatic s7-1500 cpu 1511-1 pn
- canonical/siemens simatic s7-1500 cpu 1513-1 pn firmware
- canonical/siemens simatic s7-1500 cpu 1513-1 pn
- canonical/siemens simatic s7-1500 cpu 1515-2 pn firmware
- canonical/siemens simatic s7-1500 cpu 1515-2 pn
- canonical/siemens simatic s7-1500 cpu 1516-3 pn\/dp firmware
- canonical/siemens simatic s7-1500 cpu 1516-3 pn\/dp
- canonical/siemens simatic s7-1500 cpu 1517-3 pn\/dp firmware
- canonical/siemens simatic s7-1500 cpu 1517-3 pn\/dp
- canonical/siemens simatic s7-1500 cpu 1518-4 pn\/dp firmware
- canonical/siemens simatic s7-1500 cpu 1518-4 pn\/dp
- canonical/siemens simatic s7-1500 cpu 1511f-1 pn firmware
- canonical/siemens simatic s7-1500 cpu 1511f-1 pn
- canonical/siemens simatic s7-1500 cpu 1513f-1 pn firmware
- canonical/siemens simatic s7-1500 cpu 1513f-1 pn
- canonical/siemens simatic s7-1500 cpu 1515f-2 pn firmware
- canonical/siemens simatic s7-1500 cpu 1515f-2 pn
- canonical/siemens simatic s7-1500 cpu 1516f-3 pn\/dp firmware
- canonical/siemens simatic s7-1500 cpu 1516f-3 pn\/dp
- canonical/siemens simatic s7-1500 cpu 1517f-3 pn\/dp firmware
- canonical/siemens simatic s7-1500 cpu 1517f-3 pn\/dp
- canonical/siemens simatic s7-1500 cpu 1518f-4 pn\/dp firmware
- canonical/siemens simatic s7-1500 cpu 1518f-4 pn\/dp
- canonical/siemens simatic s7-1500
- canonical/siemens simatic s7-300 cpu firmware
- canonical/siemens simatic s7-300
- canonical/siemens simatic s7-400 pn\/dp firmware
- canonical/siemens simatic s7-400 pn\/dp
- version/siemens simatic s7-400 pn\/dp/v7
- canonical/siemens simatic s7-410 cpu firmware
- canonical/siemens simatic s7-410 cpu
- canonical/siemens simatic tdc cp51m1
- canonical/siemens simatic tdc cp51m1 firmware
- canonical/siemens simatic tdc cpu555
- canonical/siemens simatic tdc cpu555 firmware
- canonical/siemens simatic winac rtx (f) 2010 firmware
- canonical/siemens simatic winac rtx (f) 2010
- canonical/siemens sinamics s\/g control unit firmware
- canonical/siemens sinamics s\/g control unit