Simatic S7 300 Cpu Firmware
CVE-2019-18336
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known.
AnalysisAI
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Uncontrolled Resource Consumption (CWE-400), which allows attackers to cause denial of service by exhausting system resources. A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl (All versions < V4.94). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known. Affected products include: Siemens Simatic S7-300 Cpu Firmware, Siemens Simatic S7-300 Cpu 312 Ifm Firmware, Siemens Simatic S7-300 Cpu 313 Firmware, Siemens Simatic S7-300 Cpu 314 Firmware, Siemens Simatic S7-300 Cpu 314 Ifm Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement rate limiting, set resource quotas, validate input sizes, use timeouts.
More in Simatic S7 300 Cpu Firmware
View allA vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. Rated high severity (CVSS 8.8), this vulnerabili
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP s
Affected devices improperly handle large amounts of specially crafted UDP packets. Rated high severity (CVSS 7.5), this
An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. Rated medium severity (CVSS 5.3), this vulnerabi
Same weakness CWE-400 – Uncontrolled Resource Consumption
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today