Vulnerability CVE-2019-6568


Published: 2019-04-17

Description:
A vulnerability has been identified in CP1604 (All versions), CP1616 (All versions), SIMATIC CP343-1 Advanced (All versions), SIMATIC CP443-1 (All versions), SIMATIC CP443-1 Advanced (All versions), SIMATIC CP443-1 OPC UA (All versions), SIMATIC ET 200 SP Open Controller CPU 1515SP PC (All versions < V2.1.6), SIMATIC ET 200 SP Open Controller CPU 1515SP PC2 (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions), SIMATIC HMI Comfort Panels 4" - 22" (All versions), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC RF181-EIP (All versions), SIMATIC RF182C (All versions), SIMATIC RF185C (All versions < V1.1.0), SIMATIC RF186C (All versions < V1.1.0), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R (All versions < V3.2.1), SIMATIC S7-1500 CPU family (All versions < V2.6.1), SIMATIC S7-1500 Software Controller (All versions < V2.7), SIMATIC S7-300 CPU family (All versions < V3.X.16), SIMATIC S7-400 PN (incl. F) V6 and below (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V2.0 SP1 UPD1), SIMATIC Teleservice Adapter IE Advanced (All versions), SIMATIC Teleservice Adapter IE Basic (All versions), SIMATIC Teleservice Adapter IE Standard (All versions), SIMATIC WinAC RTX (F) 2010 (All versions < SIMATIC WinAC RTX 2010 SP3), SIMATIC WinCC Runtime Advanced (All versions), SIMOCODE pro V EIP (All versions), SIMOCODE pro V PN (All versions), SINAMICS G130 V4.6 (Control Unit) (All versions), SINAMICS G130 V4.7 (Control Unit) (All versions), SINAMICS G130 V4.7 SP1 (Control Unit) (All versions), SINAMICS G130 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS G130 V5.1 (Control Unit) (All versions), SINAMICS G130 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS G150 V4.6 (Control Unit) (All versions), SINAMICS G150 V4.7 (Control Unit) (All versions), SINAMICS G150 V4.7 SP1 (Control Unit) (All versions), SINAMICS G150 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS G150 V5.1 (Control Unit) (All versions), SINAMICS G150 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS S120 V4.6 (Control Unit) (All versions), SINAMICS S120 V4.7 (Control Unit) (All versions), SINAMICS S120 V4.7 SP1 (Control Unit) (All versions), SINAMICS S120 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS S120 V5.1 (Control Unit) (All versions), SINAMICS S120 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS S150 V4.6 (Control Unit) (All versions), SINAMICS S150 V4.7 (Control Unit) (All versions), SINAMICS S150 V4.7 SP1 (Control Unit) (All versions), SINAMICS S150 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS S150 V5.1 (Control Unit) (All versions), SINAMICS S150 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS S210 V5.1 (Control Unit) (All versions), SINAMICS S210 V5.1 SP1 (Control Unit) (All versions), SITOP Manager (All versions), SITOP PSU8600 (All versions), SITOP UPS1600 (All versions), TIM 1531 IRC (All versions). The webserver of the affected devices contains a vulnerability that may lead to a denial-of-service condition. An attacker may cause a denial-of-service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Siemens -> Simatic cp443-1 opc ua 
Siemens -> Simatic hmi ktp mobile panels ktp700f firmware 
Siemens -> Simatic teleservice adapter ie advanced firmware 
Siemens -> Simatic ipc diagmonitor 
Siemens -> Simatic hmi ktp mobile panels ktp900 firmware 
Siemens -> Simatic teleservice adapter ie basic firmware 
Siemens -> Simatic s7-1500 software controller 
Siemens -> Simatic hmi ktp mobile panels ktp900f firmware 
Siemens -> Simatic teleservice adapter ie standard firmware 
Siemens -> Simatic s7-plcsim advanced 
Siemens -> Simatic rf181-eip firmware 
Siemens -> Simatic winac rtx 2010 firmware 
Siemens -> Simatic wincc runtime advanced 
Siemens -> Simatic rf182c firmware 
Siemens -> Simocode pro v eip firmware 
Siemens -> Sitop manager 
Siemens -> Simatic rf185c firmware 
Siemens -> Simocode pro v pn firmware 
Siemens -> Cp1604 firmware 
Siemens -> Simatic rf186c firmware 
Siemens -> Sinamics s150 firmware 
Siemens -> Cp1616 firmware 
Siemens -> Simatic rf188c firmware 
Siemens -> Sinamics s210 firmware 
Siemens -> Simatic cp343-1 advanced firmware 
Siemens -> Simatic rf600r firmware 
Siemens -> Sitop psu8600 firmware 
Siemens -> Simatic cp443-1 advanced firmware 
Siemens -> Simatic s7-1500 firmware 
Siemens -> Sitop ups1600 firmware 
Siemens -> Simatic cp443-1 firmware 
Siemens -> Simatic s7-1500f firmware 
Siemens -> Tim 1531 irc firmware 
Siemens -> Simatic et 200 sp open controller cpu 1515sp pc2 firmware 
Siemens -> Simatic s7-1500s firmware 
Siemens -> Simatic hmi comfort outdoor panels firmware 
Siemens -> Simatic s7-1500t firmware 
Siemens -> Simatic hmi comfort panels firmware 
Siemens -> Simatic s7-300 firmware 
Siemens -> Simatic hmi ktp mobile panels ktp400f firmware 
Siemens -> Simatic s7-400 pn/dp firmware 
Siemens -> Simatic hmi ktp mobile panels ktp700 firmware 
Siemens -> Simatic s7-400 pn firmware 

 References:
https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf

Copyright 2020, cxsecurity.com

 

Back to Top