CVE-2019-13946

high-risk

Published 2020-02-11

Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.

Do I need to act?

0.55% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (20)

Simatic Et200M Im153-4 Pn Io Hf Firmware

Simatic Et200M Im153-4 Pn Io St Firmware

Dk Standard Ethernet Controller

Profinet Driver

Simatic Ipc Support

Ek-Ertec 200 Firmware

Ek-Ertec 200P Firmware

Ruggedcom Rm1224 Firmware

Scalance M-800 Firmware

Scalance S615 Firmware

Scalance W700 Ieee 802.11N Firmware

Scalance Xc-200 Firmware

Scalance Xf-200 Firmware

Scalance Xp-200 Firmware

Scalance Xb-200 Firmware

Scalance X-200Irt Firmware

Scalance Xr-300Wg Firmware

Scalance X-300 Firmware

Scalance Xf-200Ba Firmware

Scalance X-400 Firmware

Affected Vendors

Siemens

References (4)

https://cert-portal.siemens.com/productcert/html/ssa-780073.html

Vendor Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf

https://cert-portal.siemens.com/productcert/html/ssa-780073.html

Vendor Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf

/ 100

high-risk

Severity 26/34 · High

Exploitability 2/34 · Minimal

Exposure 26/34 · High