Resource exhaustion in SIMATIC S7-300 and SINUMERIK 840D sl

#VU25862 Resource exhaustion in SIMATIC S7-300 and SINUMERIK 840D sl

Published: 2020-03-10

Vulnerability identifier: #VU25862

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-18336

CWE-ID: CWE-400

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SIMATIC S7-300
Hardware solutions / Firmware
SINUMERIK 840D sl
Server applications / SCADA systems

Vendor: Siemens

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper resource management when processing packets sent to Port 102/TCP (Profinet). A remote attacker can send specially crafted packets, trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SIMATIC S7-300: All versions

SINUMERIK 840D sl: All versions

External links
http://ics-cert.us-cert.gov/advisories/icsa-20-070-02

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in SIMATIC S7-300 CPUs and SINUMERIK 840D sl