CVE-2019-19276 - OpenCVE

A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 4). Specially crafted packets sent to port 161/udp can cause the SNMP service of affected devices to crash. A manual restart of the device is required to resume operation of the service.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Siemens	Simatic Hmi Comfort Panels Simatic Hmi Ktp Mobile Panels Simatic Hmi Ktp Mobile Panels Firmware Simatic Hmi Comfort Panels Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:16:-::::::
	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:16:update_2::::::
	cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:16:update_3::::::

cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:16:-::::::
	cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:16:update_2::::::
	cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:16:update_3::::::

cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-594364.pdf	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: siemens

Published: 2021-05-12T13:18:21

Updated: 2021-05-12T13:18:21

Reserved: 2019-11-26T00:00:00

Link: CVE-2019-19276

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-05-12T14:15:10.543

Modified: 2021-06-02T18:18:33.440

Link: CVE-2019-19276

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V16 Update 4"}]}, {"product": "SIMATIC HMI KTP Mobile Panels", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V16 Update 4"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 4). Specially crafted packets sent to port 161/udp can cause the SNMP service of affected devices to crash. A manual restart of the device is required to resume operation of the service."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-12T13:18:21", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-594364.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2019-19276", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants)", "version": {"version_data": [{"version_value": "All versions < V16 Update 4"}]}}, {"product_name": "SIMATIC HMI KTP Mobile Panels", "version": {"version_data": [{"version_value": "All versions < V16 Update 4"}]}}]}, "vendor_name": "Siemens"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 4). Specially crafted packets sent to port 161/udp can cause the SNMP service of affected devices to crash. A manual restart of the device is required to resume operation of the service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-787: Out-of-bounds Write"}]}]}, "references": {"reference_data": [{"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-594364.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-594364.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-19276", "datePublished": "2021-05-12T13:18:21", "dateReserved": "2019-11-26T00:00:00", "dateUpdated": "2021-05-12T13:18:21", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:16:-:*:*:*:*:*:*", "matchCriteriaId": "C1470479-8A5B-4A72-8B3C-A8311F787F81", "vulnerable": true}, {"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:16:update_2:*:*:*:*:*:*", "matchCriteriaId": "85144667-DFAD-459A-84BE-E842CBC941ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:16:update_3:*:*:*:*:*:*", "matchCriteriaId": "8A7EA7D4-1505-48CE-BCAC-15D65F199529", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1CEB200-E38F-4629-9279-5AF065396678", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:16:-:*:*:*:*:*:*", "matchCriteriaId": "3CFD6C34-08A0-4653-A5DD-8CD4F43EF246", "vulnerable": true}, {"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:16:update_2:*:*:*:*:*:*", "matchCriteriaId": "6FECA798-00DC-4182-AEA4-E06F9C697755", "vulnerable": true}, {"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:16:update_3:*:*:*:*:*:*", "matchCriteriaId": "77C80EA7-5B3F-42FE-9BF0-8B01674BA168", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 4). Specially crafted packets sent to port 161/udp can cause the SNMP service of affected devices to crash. A manual restart of the device is required to resume operation of the service."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Panels 1st Generation (incluyendo variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels (Todas las versiones anteriores a V16 Update 4). Los paquetes especialmente dise\u00f1ados enviados al puerto 161/udp pueden hacer que el servicio SNMP de los dispositivos afectados se bloquee. Se requiere un reinicio manual del dispositivo para reanudar el funcionamiento del servicio"}], "id": "CVE-2019-19276", "lastModified": "2021-06-02T18:18:33.440", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-12T14:15:10.543", "references": [{"source": "productcert@siemens.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-594364.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "productcert@siemens.com", "type": "Primary"}]}