CVE-2019-18336 — HIGH (7.5)

Q: How severe is CVE-2019-18336?

CVE-2019-18336 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-18336?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Simatic S7-300 Cpu Firmware, Siemens Simatic S7-300 Cpu, Siemens Simatic S7-300 Cpu 312 Ifm Firmware, Siemens Simatic S7-300 Cpu 312 Ifm, Siemens Simatic S7-300 Cpu 313 Firmware.

Vulnerability Description

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Siemens	Simatic S7-300 Cpu Firmware	< 3.3.17
Siemens	Simatic S7-300 Cpu	-
Siemens	Simatic S7-300 Cpu 312 Ifm Firmware	< 3.3.17
Siemens	Simatic S7-300 Cpu 312 Ifm	-
Siemens	Simatic S7-300 Cpu 313 Firmware	< 3.3.17
Siemens	Simatic S7-300 Cpu 313	-
Siemens	Simatic S7-300 Cpu 314 Firmware	< 3.3.17
Siemens	Simatic S7-300 Cpu 314	-
Siemens	Simatic S7-300 Cpu 314 Ifm Firmware	< 3.3.17
Siemens	Simatic S7-300 Cpu 314 Ifm	-
Siemens	Simatic S7-300 Cpu 315 Firmware	< 3.3.17
Siemens	Simatic S7-300 Cpu 315	-
Siemens	Simatic S7-300 Cpu 315-2 Dp Firmware	< 3.3.17
Siemens	Simatic S7-300 Cpu 315-2 Dp	-
Siemens	Simatic S7-300 Cpu 316-2 Dp Firmware	< 3.3.17
Siemens	Simatic S7-300 Cpu 316-2 Dp	-
Siemens	Simatic S7-300 Cpu 318-2 Firmware	< 3.3.17
Siemens	Simatic S7-300 Cpu 318-2	-
Siemens	Sinumerik 840D Sl	< 4.8.6
Siemens	Simatic Tdc Cp51M1 Firmware	< 1.1.8

Related Weaknesses (CWE)

CWE-400

References

https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdfVendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdfVendor Advisory

FAQ

What is CVE-2019-18336?

CVE-2019-18336 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555...

How severe is CVE-2019-18336?

CVE-2019-18336 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-18336?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Simatic S7-300 Cpu Firmware, Siemens Simatic S7-300 Cpu, Siemens Simatic S7-300 Cpu 312 Ifm Firmware, Siemens Simatic S7-300 Cpu 312 Ifm, Siemens Simatic S7-300 Cpu 313 Firmware.