Versio.io

CVE-2019-19282

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 10-03-2020 09:15
Last modified: - 12-04-2022 12:15
Total changes: - 4

Description

A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition. Successful exploitation requires no system privileges and no user interaction.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
None
Confidentiality
None
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
7.5
Base score
3.9
3.6
Exploitability score
Impact score
 

Verification logic

OR
vendor=siemens AND product=openpcs_7 AND version=9.0 AND update=-
vendor=siemens AND product=openpcs_7 AND version=9.0_update_1
vendor=siemens AND product=simatic_batch AND version=9.0 AND update=-
vendor=siemens AND product=simatic_batch AND version=9.0 AND update=sp1
vendor=siemens AND product=simatic_batch AND version=9.0 AND update=sp1_update_1
vendor=siemens AND product=simatic_batch AND version=9.0 AND update=sp1_update_2
vendor=siemens AND product=simatic_batch AND version=9.0 AND update=sp1_update_3
vendor=siemens AND product=simatic_batch AND version=9.0 AND update=sp1_update_4
vendor=siemens AND product=simatic_net_pc AND versionEndExcluding=16
vendor=siemens AND product=simatic_net_pc AND version=16 AND update=-
vendor=siemens AND product=simatic_pcs_7 AND version=8.1
vendor=siemens AND product=simatic_pcs_7 AND version=8.2
vendor=siemens AND product=simatic_pcs_7 AND version=9.0 AND update=-
vendor=siemens AND product=simatic_pcs_7 AND version=9.0 AND update=sp1
vendor=siemens AND product=simatic_pcs_7 AND version=9.0 AND update=sp2
vendor=siemens AND product=simatic_route_control AND versionEndExcluding=9.0
vendor=siemens AND product=simatic_route_control AND version=9.0 AND update=-
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=-
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_1
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_10
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_11
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_12
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_13
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_2
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_3
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_4
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_5
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_6
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_7
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_8
vendor=siemens AND product=simatic_wincc AND version=7.4 AND update=sp1_update_9
vendor=siemens AND product=simatic_wincc AND version=7.5 AND update=-
vendor=siemens AND product=simatic_wincc AND version=7.5 AND update=sp1 AND edition=-
vendor=siemens AND product=simatic_wincc AND version=7.5.1 AND update=-
vendor=siemens AND product=simatic_wincc AND version=13 AND update=-
vendor=siemens AND product=simatic_wincc AND version=13 AND update=sp1
vendor=siemens AND product=simatic_wincc AND version=14.0.1
vendor=siemens AND product=simatic_wincc AND version=15.1 AND update=-
vendor=siemens AND product=simatic_wincc AND version=15.1 AND update=update_1
vendor=siemens AND product=simatic_wincc AND version=15.1 AND update=update_2
vendor=siemens AND product=simatic_wincc AND version=15.1 AND update=update_3
vendor=siemens AND product=simatic_wincc AND version=15.1 AND update=update_4
vendor=siemens AND product=simatic_wincc AND version=16 AND update=-
 

Reference

 


Keywords

NVD

 

CVE-2019-19282

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.