Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU21932
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-10923
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted packet, break the real-time synchronization of the affected installation and cause a denial-of-service condition on the target system.
SINUMERIK 840D sl: All versions
SINUMERIK 828D: before 4.8 SP5
SINAMICS SM120: All versions
SINAMICS SL150: All versions
SINAMICS S150: before 4.8
SINAMICS S120: before 4.7 HF34
SINAMICS S110: All versions
SINAMICS GM150: All versions
SINAMICS GL150: All versions
SINAMICS GH150: All versions
SINAMICS G150: before 4.8
SINAMICS G130: before 4.7 HF29
SINAMICS G120: before 4.7 SP10 HF5
SINAMICS G110M: before 4.7 SP10 HF5
SINAMICS DCP: All versions
SINAMICS DCM: before 1.5 HF1
SIMOTION Firmware: All versions
SIMATIC WinAC RTX (F) 2010: All versions
SIMATIC S7-400 PN/DP V7: All versions
SIMATIC S7-400: All versions
SIMATIC S7-300: All versions
SIMATIC PN/PN Coupler: All versions
SIMATIC ET 200pro: All versions
SIMATIC ET 200ecoPN: All versions
SIMATIC ET 200S: All versions
SIMATIC ET 200M: All versions
SCALANCE X-200 IRT: before 5.2.1
CP1616: 1.0 - 2.7.2
CP1604: 1.0 - 2.7.2
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf
http://www.us-cert.gov/ics/advisories/icsa-19-283-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.