CVE-2019-13939

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2019-13939
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.

7.1 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 4.2

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

4.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:L/Au:N/C:N/I:P/A:P

Exploitability : 6.5 / Impact : 4.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://cert-portal.siemens.com/productcert/html/ssa-162506.html
https://cert-portal.siemens.com/productcert/html/ssa-434032.html
https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:siemens:capital_vstar:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:nucleus_net:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:nucleus_readystart:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:nucleus_safetycert:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:nucleus_source_code:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:nucleus_rtos:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:h:siemens:apogee_modular_equiment_controller:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:apogee_modular_equiment_controller_firmware:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:h:siemens:apogee_modular_building_controller:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:apogee_modular_building_controller_firmware:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:h:siemens:apogee_pxc:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:apogee_pxc_firmware:*:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:h:siemens:desigo_pxc:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:desigo_pxc_firmware:*:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:h:siemens:desigo_pxm20:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:desigo_pxm20_firmware:*:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:h:siemens:simotics_connect_400:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simotics_connect_400_firmware:*:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:h:siemens:talon_tc:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:talon_tc_firmware:*:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:siemens:desigo_pxc00-e.d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigo_pxc00-e.d:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:siemens:desigo_pxc00-u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigo_pxc00-u:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:siemens:desigo_pxc001-e.d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigo_pxc001-e.d:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:desigo_pxc12-e.d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigo_pxc12-e.d:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:siemens:desigo_pxc22-e.d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigo_pxc22-e.d:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:siemens:desigo_pxc22.1-e.d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigo_pxc22.1-e.d:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:siemens:desigo_pxc36.1-e.d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigo_pxc36.1-e.d:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:siemens:desigopxc50-e.d_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigopxc50-e.d:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:siemens:desigopxc64-u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigopxc64-u:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:siemens:desigopxc100-e.d_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigopxc100-e.d:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:siemens:desigopxc128-u_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigopxc128-u:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:siemens:desigopxc200-e.d_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigopxc200-e.d:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:siemens:desigopxm20-e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:desigopxm20-e:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2020-01-16 16:15

Updated : 2024-02-13 09:15

NVD link : CVE-2019-13939

Mitre link : CVE-2019-13939

CVE.ORG link : CVE-2019-13939

JSON object : View

Products Affected

siemens

  • desigopxc100-e.d_firmware
  • desigo_pxc001-e.d
  • desigo_pxc36.1-e.d
  • desigopxc64-u
  • nucleus_net
  • apogee_modular_building_controller
  • capital_vstar
  • talon_tc
  • apogee_modular_equiment_controller_firmware
  • talon_tc_firmware
  • desigopxc128-u_firmware
  • desigo_pxc22-e.d_firmware
  • desigopxc200-e.d_firmware
  • desigo_pxc22.1-e.d
  • desigo_pxc_firmware
  • desigo_pxc00-e.d
  • desigo_pxc22-e.d
  • nucleus_safetycert
  • desigo_pxm20
  • desigopxc64-u_firmware
  • desigo_pxc36.1-e.d_firmware
  • nucleus_rtos
  • desigopxc50-e.d
  • apogee_pxc_firmware
  • apogee_pxc
  • desigo_pxc12-e.d_firmware
  • simotics_connect_400
  • apogee_modular_building_controller_firmware
  • desigo_pxc12-e.d
  • nucleus_source_code
  • desigopxc128-u
  • desigopxm20-e
  • desigopxc100-e.d
  • desigopxm20-e_firmware
  • desigo_pxc00-u_firmware
  • desigopxc200-e.d
  • desigo_pxc
  • desigo_pxc00-e.d_firmware
  • desigo_pxc00-u
  • desigo_pxc22.1-e.d_firmware
  • desigopxc50-e.d_firmware
  • simotics_connect_400_firmware
  • nucleus_readystart
  • desigo_pxc001-e.d_firmware
  • desigo_pxm20_firmware
  • apogee_modular_equiment_controller
CWE
CWE-20

Improper Input Validation

NVD-CWE-noinfo