CVE-2019-10936

Description

Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.

CVSS breakdown

Affected products

• Siemens / Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller0 – *
• Siemens / Development/Evaluation Kits for PROFINET IO: EK-ERTEC 2000 – *
• Siemens / Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PAll versions < V4.6 Patch 01 – All versions < V4.6 Patch 01
• Siemens / SIMATIC CFU PA0 – V1.2.0
• Siemens / SIMATIC ET 200AL IM 157-1 PNAll versions – All versions
• Siemens / SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 4AO U/I 4xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12All versions – All versions
• Siemens / SIMATIC ET200ecoPN: IO-Link MasterAll versions – All versions
• Siemens / SIMATIC ET 200M (incl. SIPLUS variants)All versions – All versions
• Siemens / SIMATIC ET 200MP IM 155-5 PN BA0 – V4.3.0
• Siemens / SIMATIC ET 200MP IM 155-5 PN HF0 – V4.4.0
• Siemens / SIMATIC ET 200MP IM 155-5 PN ST0 – *
• Siemens / SIMATIC ET 200pro IM 154-3 PN HF0 – *
• Siemens / SIMATIC ET 200pro IM 154-4 PN HF0 – *
• Siemens / SIMATIC ET 200pro IM 154-8F PN/DP CPUAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC ET 200pro IM 154-8FX PN/DP CPUAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC ET 200pro IM 154-8 PN/DP CPUAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC ET 200S IM 151-8F PN/DP CPUAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC ET 200S IM 151-8 PN/DP CPUAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC ET200S (incl. SIPLUS variants)All versions – All versions
• Siemens / SIMATIC ET 200SP IM 155-6 PN/2 HF0 – V4.2.2
• Siemens / SIMATIC ET 200SP IM 155-6 PN/3 HF0 – V4.2.1
• Siemens / SIMATIC ET 200SP IM 155-6 PN BA0 – *
• Siemens / SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)All versions < V1.2.1 – All versions < V1.2.1
• Siemens / SIMATIC ET 200SP IM 155-6 PN HF0 – V4.2.2
• Siemens / SIMATIC ET 200SP IM 155-6 PN HS0 – V4.0.1
• Siemens / SIMATIC ET 200SP IM 155-6 PN ST0 – *
• Siemens / SIMATIC ET 200SP IM 155-6 PN ST BA0 – *
• Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)0 – V2.0
• Siemens / SIMATIC HMI Comfort Outdoor Panels (incl. SIPLUS variants)0 – *
• Siemens / SIMATIC HMI Comfort Panels (incl. SIPLUS variants)0 – *
• Siemens / SIMATIC HMI KTP Mobile Panels0 – *
• Siemens / SIMATIC PN/PN CouplerAll versions < V4.2.1 – All versions < V4.2.1
• Siemens / SIMATIC PROFINET DriverAll versions < V2.1 – All versions < V2.1
• Siemens / SIMATIC S7-1200 CPU family (incl. SIPLUS variants)All versions < V4.4.0 – All versions < V4.4.0
• Siemens / SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)All versions < V2.0 – All versions < V2.0
• Siemens / SIMATIC S7-1500 Software ControllerAll versions < V2.0 – All versions < V2.0
• Siemens / SIMATIC S7-300 CPU 314C-2 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC S7-300 CPU 315-2 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC S7-300 CPU 315F-2 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC S7-300 CPU 315T-3 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC S7-300 CPU 317-2 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC S7-300 CPU 317F-2 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC S7-300 CPU 317T-3 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC S7-300 CPU 317TF-3 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC S7-300 CPU 319-3 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC S7-300 CPU 319F-3 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIMATIC S7-400 CPU 412-2 PN V70 – V7.0.3
• Siemens / SIMATIC S7-400 CPU 414-3 PN/DP V70 – V7.0.3
• Siemens / SIMATIC S7-400 CPU 414F-3 PN/DP V70 – V7.0.3
• Siemens / SIMATIC S7-400 CPU 416-3 PN/DP V70 – V7.0.3
• Siemens / SIMATIC S7-400 CPU 416F-3 PN/DP V70 – V7.0.3
• Siemens / SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)0 – V6.0.9
• Siemens / SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)0 – *
• Siemens / SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)All versions < V8.2.2 – All versions < V8.2.2
• Siemens / SIMATIC TDC CP51M10 – V1.1.8
• Siemens / SIMATIC TDC CPU5550 – V1.1.1
• Siemens / SIMATIC WinAC RTX 2010All versions < V2010 SP3 – All versions < V2010 SP3
• Siemens / SIMATIC WinAC RTX F 2010All versions < V2010 SP3 – All versions < V2010 SP3
• Siemens / SINAMICS DCMAll versions < V1.5 HF1 – All versions < V1.5 HF1
• Siemens / SINAMICS DCPAll versions < V1.3 – All versions < V1.3
• Siemens / SINAMICS G110M V4.7 PN Control UnitAll versions < V4.7 SP10 HF5 – All versions < V4.7 SP10 HF5
• Siemens / SINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants)All versions < V4.7 SP10 HF5 – All versions < V4.7 SP10 HF5
• Siemens / SINAMICS G130 V4.7 Control UnitAll versions < 4.8 – All versions < 4.8
• Siemens / SINAMICS G150 Control UnitAll versions < 4.8 – All versions < 4.8
• Siemens / SINAMICS GH150 V4.7 (Control Unit)All versions – All versions
• Siemens / SINAMICS GL150 V4.7 (Control Unit)All versions – All versions
• Siemens / SINAMICS GM150 V4.7 (Control Unit)All versions – All versions
• Siemens / SINAMICS S110 Control Unit0 – *
• Siemens / SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)0 – *
• Siemens / SINAMICS S150 Control UnitAll versions < 4.8 – All versions < 4.8
• Siemens / SINAMICS SL150 V4.7 (Control Unit)All versions < V4.7 HF33 – All versions < V4.7 HF33
• Siemens / SINAMICS SM120 V4.7 (Control Unit)0 – *
• Siemens / SINUMERIK 828DAll versions < V4.8 SP5 – All versions < V4.8 SP5
• Siemens / SINUMERIK 840D slAll versions < V4.8 SP6 – All versions < V4.8 SP6
• Siemens / SIPLUS ET 200MP IM 155-5 PN HF0 – V4.4.0
• Siemens / SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL0 – V4.4.0
• Siemens / SIPLUS ET 200MP IM 155-5 PN ST0 – *
• Siemens / SIPLUS ET 200MP IM 155-5 PN ST TX RAIL0 – *
• Siemens / SIPLUS ET 200S IM 151-8F PN/DP CPUAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIPLUS ET 200S IM 151-8 PN/DP CPUAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIPLUS ET 200SP IM 155-6 PN HF0 – V4.2.2
• Siemens / SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL0 – V4.2.2
• Siemens / SIPLUS ET 200SP IM 155-6 PN HF TX RAIL0 – V4.2.2
• Siemens / SIPLUS ET 200SP IM 155-6 PN ST0 – *
• Siemens / SIPLUS ET 200SP IM 155-6 PN ST BA0 – *
• Siemens / SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL0 – *
• Siemens / SIPLUS ET 200SP IM 155-6 PN ST TX RAIL0 – *
• Siemens / SIPLUS NET PN/PN CouplerAll versions < V4.2.1 – All versions < V4.2.1
• Siemens / SIPLUS S7-300 CPU 314C-2 PN/DPAll versions < V3.3.17 – All versions < V3.3.17
• Siemens / SIPLUS S7-300 CPU 315-2 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIPLUS S7-300 CPU 315F-2 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIPLUS S7-300 CPU 317-2 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIPLUS S7-300 CPU 317F-2 PN/DPAll versions < V3.2.17 – All versions < V3.2.17
• Siemens / SIPLUS S7-400 CPU 414-3 PN/DP V70 – V7.0.3
• Siemens / SIPLUS S7-400 CPU 416-3 PN/DP V70 – V7.0.3

References

• MISChttps://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf
• MISChttps://cert-portal.siemens.com/productcert/html/ssa-473245.html