Strix
26.1K

CVE-2019-18336

HIGHCVSS 7.5/10EPSS 1.67%

Last modified

CVE-2019-18336 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). EPSS estimates a 1.67% chance of exploitation in the next 30 days.

Description

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known.

Metrics

CVSS 3.1
7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability
1.67%

73.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
SiemensSimatic S7-300 Cpu Firmware< 3.3.17
SiemensSimatic S7-300 Cpu 312 Ifm Firmware< 3.3.17
SiemensSimatic S7-300 Cpu 313 Firmware< 3.3.17
SiemensSimatic S7-300 Cpu 314 Firmware< 3.3.17
SiemensSimatic S7-300 Cpu 314 Ifm Firmware< 3.3.17
SiemensSimatic S7-300 Cpu 315 Firmware< 3.3.17
SiemensSimatic S7-300 Cpu 315-2 Dp Firmware< 3.3.17
SiemensSimatic S7-300 Cpu 316-2 Dp Firmware< 3.3.17
SiemensSimatic S7-300 Cpu 318-2 Firmware< 3.3.17
SiemensSinumerik 840d Sl< 4.8.6
SiemensSinumerik 840d Sl< 4.94
SiemensSimatic Tdc Cp51m1 Firmware< 1.1.8
SiemensSimatic Tdc Cpu555 Firmware< 1.1.1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2019-18336?
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known.
How severe is CVE-2019-18336?
CVE-2019-18336 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.67% probability of exploitation in the next 30 days.
How do I fix CVE-2019-18336?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-18336?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST