CVE-2019-19301
Published: Apr 14, 2020
Modified: Aug 5, 2024
CVSS v3.1
7.5
Description
A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALANCE X204IRT PRO, SCALANCE X206-1, SCALANCE X206-1LD, SCALANCE X208, SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204-2, SCALANCE XF204-2BA IRT, SCALANCE XF204IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIMATIC CP 343-1 Advanced, SIMATIC CP 442-1 RNA, SIMATIC CP 443-1, SIMATIC CP 443-1, SIMATIC CP 443-1 Advanced, SIMATIC CP 443-1 RNA, SIMATIC RF180C, SIMATIC RF182C, SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SIPLUS NET SCALANCE X308-2. The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.
| Vendor | Product | Versions |
|---|---|---|
Siemens | SCALANCE X200-4P IRT | affected All versions < V5.5.0 |
Siemens | SCALANCE X201-3P IRT | affected All versions < V5.5.0 |
Siemens | SCALANCE X201-3P IRT PRO | affected All versions < V5.5.0 |
Siemens | SCALANCE X202-2IRT | affected All versions < V5.5.0 |
Siemens | SCALANCE X202-2P IRT | affected All versions < V5.5.0 |
Siemens | SCALANCE X202-2P IRT PRO | affected All versions < V5.5.0 |
Siemens | SCALANCE X204-2 | affected All versions < V5.2.5 |
Siemens | SCALANCE X204-2FM | affected All versions < V5.2.5 |
Siemens | SCALANCE X204-2LD | affected All versions < V5.2.5 |
Siemens | SCALANCE X204-2LD TS | affected All versions < V5.2.5 |
Siemens | SCALANCE X204-2TS | affected All versions < V5.2.5 |
Siemens | SCALANCE X204IRT | affected All versions < V5.5.0 |
Siemens | SCALANCE X204IRT PRO | affected All versions < V5.5.0 |
Siemens | SCALANCE X206-1 | affected All versions < V5.2.5 |
Siemens | SCALANCE X206-1LD | affected All versions < V5.2.5 |
Siemens | SCALANCE X208 | affected All versions < V5.2.5 |
Siemens | SCALANCE X208PRO | affected All versions < V5.2.5 |
Siemens | SCALANCE X212-2 | affected All versions < V5.2.5 |
Siemens | SCALANCE X212-2LD | affected All versions < V5.2.5 |
Siemens | SCALANCE X216 | affected All versions < V5.2.5 |
Siemens | SCALANCE X224 | affected All versions < V5.2.5 |
Siemens | SCALANCE X302-7 EEC (230V, coated) | affected All versions < V4.1.4 |
Siemens | SCALANCE X302-7 EEC (230V) | affected All versions < V4.1.4 |
Siemens | SCALANCE X302-7 EEC (24V, coated) | affected All versions < V4.1.4 |
Siemens | SCALANCE X302-7 EEC (24V) | affected All versions < V4.1.4 |
Siemens | SCALANCE X302-7 EEC (2x 230V, coated) | affected All versions < V4.1.4 |
Siemens | SCALANCE X302-7 EEC (2x 230V) | affected All versions < V4.1.4 |
Siemens | SCALANCE X302-7 EEC (2x 24V, coated) | affected All versions < V4.1.4 |
Siemens | SCALANCE X302-7 EEC (2x 24V) | affected All versions < V4.1.4 |
Siemens | SCALANCE X304-2FE | affected All versions < V4.1.4 |
Siemens | SCALANCE X306-1LD FE | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-2 EEC (230V, coated) | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-2 EEC (230V) | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-2 EEC (24V, coated) | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-2 EEC (24V) | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-2 EEC (2x 230V, coated) | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-2 EEC (2x 230V) | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-2 EEC (2x 24V, coated) | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-2 EEC (2x 24V) | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-3 | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-3 | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-3LD | affected All versions < V4.1.4 |
Siemens | SCALANCE X307-3LD | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2 | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2 | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2LD | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2LD | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2LH | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2LH | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2LH+ | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2LH+ | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2M | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2M | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2M PoE | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2M PoE | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2M TS | affected All versions < V4.1.4 |
Siemens | SCALANCE X308-2M TS | affected All versions < V4.1.4 |
Siemens | SCALANCE X310 | affected All versions < V4.1.4 |
Siemens | SCALANCE X310 | affected All versions < V4.1.4 |
Siemens | SCALANCE X310FE | affected All versions < V4.1.4 |
Siemens | SCALANCE X310FE | affected All versions < V4.1.4 |
Siemens | SCALANCE X320-1 FE | affected All versions < V4.1.4 |
Siemens | SCALANCE X320-1-2LD FE | affected All versions < V4.1.4 |
Siemens | SCALANCE X408-2 | affected All versions < V4.1.4 |
Siemens | SCALANCE XF201-3P IRT | affected All versions < V5.5.0 |
Siemens | SCALANCE XF202-2P IRT | affected All versions < V5.5.0 |
Siemens | SCALANCE XF204 | affected All versions < V5.2.5 |
Siemens | SCALANCE XF204-2 | affected All versions < V5.2.5 |
Siemens | SCALANCE XF204-2BA IRT | affected All versions < V5.5.0 |
Siemens | SCALANCE XF204IRT | affected All versions < V5.5.0 |
Siemens | SCALANCE XF206-1 | affected All versions < V5.2.5 |
Siemens | SCALANCE XF208 | affected All versions < V5.2.5 |
Siemens | SCALANCE XR324-12M (230V, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-12M (230V, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-12M (230V, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-12M (230V, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-12M (24V, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-12M (24V, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-12M (24V, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-12M (24V, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-12M TS (24V) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-12M TS (24V) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (24V, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (24V, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (24V, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (24V, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (2x 24V, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (2x 24V, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (2x 24V, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M EEC (2x 24V, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M PoE (230V, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M PoE (230V, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M PoE (24V, ports on front) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M PoE (24V, ports on rear) | affected All versions < V4.1.4 |
Siemens | SCALANCE XR324-4M PoE TS (24V, ports on front) | affected All versions < V4.1.4 |
Siemens | SIMATIC CP 343-1 Advanced | affected All versions |
Siemens | SIMATIC CP 442-1 RNA | affected All versions < V1.5.18 |
Siemens | SIMATIC CP 443-1 | affected All versions < V3.3 |
Siemens | SIMATIC CP 443-1 | affected All versions < V3.3 |
Siemens | SIMATIC CP 443-1 Advanced | affected All versions < V3.3 |
Siemens | SIMATIC CP 443-1 RNA | affected All versions < V1.5.18 |
Siemens | SIMATIC RF180C | affected All versions |
Siemens | SIMATIC RF182C | affected All versions |
Siemens | SIPLUS NET CP 343-1 Advanced | affected All versions |
Siemens | SIPLUS NET CP 443-1 | affected All versions < V3.3 |
Siemens | SIPLUS NET CP 443-1 Advanced | affected All versions < V3.3 |
Siemens | SIPLUS NET SCALANCE X308-2 | affected All versions < V4.1.4 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now