Strix
26.1K

CVE-2019-13946

HIGHCVSS 7.5/10EPSS 1.41%

Last modified

CVE-2019-13946 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. EPSS estimates a 1.41% chance of exploitation in the next 30 days.

Description

Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.

Metrics

CVSS 3.1
7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability
1.41%

69.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
SiemensDk Standard Ethernet ControllerAll versions
SiemensProfinet Driver< 2.1
SiemensSimatic Ipc SupportAll versions
SiemensEk-Ertec 200 Firmware< 4.5
SiemensEk-Ertec 200p Firmware< 4.6
SiemensRuggedcom Rm1224 Firmware< 4.3
SiemensScalance M-800 Firmware< 4.3
SiemensScalance S615 Firmware< 4.3
SiemensScalance W700 Ieee 802.11n Firmware<= 6.0.1
SiemensScalance Xc-200 FirmwareAll versions
SiemensScalance Xf-200 FirmwareAll versions
SiemensScalance Xp-200 FirmwareAll versions
SiemensScalance Xb-200 FirmwareAll versions
SiemensScalance X-200irt Firmware< 5.3
SiemensScalance Xr-300wg Firmware< 3.0
SiemensScalance X-300 FirmwareAll versions
SiemensScalance Xb-200 Firmware< 3.0
SiemensScalance Xc-200 Firmware< 3.0
SiemensScalance Xp-200 Firmware< 3.0
SiemensScalance Xf-200ba Firmware< 3.0
SiemensScalance X-400 Firmware< 6.0
SiemensScalance Xm-400 Firmware< 6.0
SiemensScalance Xr524 Firmware< 6.0
SiemensScalance Xr526 Firmware< 6.0
SiemensScalance Xr528 Firmware< 6.0
SiemensScalance Xr552 Firmware< 6.0
SiemensSimatic Cp 1616 Firmware< 2.8
SiemensSimatic Cp 1604 Firmware< 2.8
SiemensSimatic Cp 343-1 FirmwareAll versions
SiemensSimatic Cp 343-1 Advanced FirmwareAll versions
SiemensSimatic Cp 343-1 Erpc FirmwareAll versions
SiemensSimatic Cp 343-1 Lean FirmwareAll versions
SiemensSimatic Cp 443-1 FirmwareAll versions
SiemensSimatic Cp 443-1 Advanced FirmwareAll versions
SiemensSimatic Cp 443-1 Opc Ua FirmwareAll versions
SiemensSimatic Et200al Im 157-1 Pn FirmwareAll versions
SiemensSimatic Et200m Im153-4 Pn Io Hf FirmwareAll versions
SiemensSimatic Et200m Im153-4 Pn Io St FirmwareAll versions
SiemensSimatic Et200mp Im155-5 Pn Hf Firmware< 4.2.0
SiemensSimatic Et200mp Im155-5 Pn St Firmware< 4.1.0
SiemensSimatic Et200s FirmwareAll versions
SiemensSimatic Et200sp Im155-6 Pn Basic FirmwareAll versions
SiemensSimatic Et200sp Im155-6 Pn Hf Firmware< 3.3.1
SiemensSimatic Et200sp Im155-6 Pn St Firmware< 4.1.0
SiemensSimatic Et200ecopn FirmwareAll versions
SiemensSimatic Et200pro FirmwareAll versions
SiemensIm 154-3 Pn Hf FirmwareAll versions
SiemensIm 154-4 Pn Hf FirmwareAll versions
SiemensSimatic Mv440 FirmwareAll versions
SiemensSimatic Mv420 FirmwareAll versions

Showing 50 of 55 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2019-13946?
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.
How severe is CVE-2019-13946?
CVE-2019-13946 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.41% probability of exploitation in the next 30 days.
How do I fix CVE-2019-13946?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-13946?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST