Multiple Siemens Products CVE-2019-6568 Unspecified Denial of Service Vulnerability

Risk

Medium

Date Discovered

April 9, 2019

Description

Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.

Technologies Affected

  • Siemens CP 1604
  • Siemens CP 1616
  • Siemens RFID 181-EIP
  • Siemens SIMATIC CP 343-1 Advanced
  • Siemens SIMATIC CP 443-1
  • Siemens SIMATIC CP 443-1 Advanced
  • Siemens SIMATIC CP 443-1 OPC UA
  • Siemens SIMATIC ET200 Open Controller CPU 1515SP PC
  • Siemens SIMATIC ET200 Open Controller CPU 1515SP PC2
  • Siemens SIMATIC HMI Comfort Outdoor Panels
  • Siemens SIMATIC HMI Comfort Panels
  • Siemens SIMATIC HMI KTP Mobile Panels
  • Siemens SIMATIC HMI KTP400F Mobile
  • Siemens SIMATIC HMI KTP700 Mobile
  • Siemens SIMATIC HMI KTP700F Mobile
  • Siemens SIMATIC HMI KTP900 Mobile
  • Siemens SIMATIC HMI KTP900F Mobile
  • Siemens SIMATIC IPC DiagMonitor
  • Siemens SIMATIC RF182C
  • Siemens SIMATIC RF185C
  • Siemens SIMATIC RF186C
  • Siemens SIMATIC RF188C
  • Siemens SIMATIC RF600R
  • Siemens SIMATIC S7-1500 CPU
  • Siemens SIMATIC S7-1500 Software Controller
  • Siemens SIMATIC S7-300 CPU
  • Siemens SIMATIC S7-400 PN V6
  • Siemens SIMATIC S7-400 PN/DP 7
  • Siemens SIMATIC S7-PLCSIM Advanced
  • Siemens SIMATIC Teleservice Adapter IE Advanced
  • Siemens SIMATIC Teleservice Adapter IE Basic
  • Siemens SIMATIC Teleservice Adapter IE Standard
  • Siemens SIMATIC WinAC RTX 2010
  • Siemens SIMATIC Wincc Runtime Advanced
  • Siemens SIMOCODE pro V EIP
  • Siemens SIMOCODE pro V PN
  • Siemens SINAMICS GH150 4.7
  • Siemens SINAMICS GH150 4.8
  • Siemens SINAMICS GL150 4.7
  • Siemens SINAMICS GL150 4.8
  • Siemens SINAMICS GM150 4.7
  • Siemens SINAMICS GM150 4.8
  • Siemens SINAMICS S210 5.1
  • Siemens SINAMICS S210 5.1 SP1
  • Siemens SINAMICS SL150 4.7.0
  • Siemens SINAMICS SL150 4.8
  • Siemens SINAMICS SM120 4.7
  • Siemens SINAMICS SM120 4.8
  • Siemens SINAMICS SM150 4.8
  • Siemens SITOP Manager
  • Siemens SITOP PSU8600
  • Siemens SITOP UPS1600
  • Siemens Sinamics G130 4.6
  • Siemens Sinamics G130 4.7
  • Siemens Sinamics G130 4.7 SP1
  • Siemens Sinamics G130 4.8
  • Siemens Sinamics G130 5.1
  • Siemens Sinamics G130 5.1 SP1
  • Siemens Sinamics G150 4.6
  • Siemens Sinamics G150 4.7
  • Siemens Sinamics G150 4.7 SP1
  • Siemens Sinamics G150 4.8
  • Siemens Sinamics G150 5.1
  • Siemens Sinamics G150 5.1 SP1
  • Siemens Sinamics S120 4.6
  • Siemens Sinamics S120 4.7
  • Siemens Sinamics S120 4.7 SP1
  • Siemens Sinamics S120 4.8
  • Siemens Sinamics S120 5.1
  • Siemens Sinamics S120 5.1 SP1
  • Siemens Sinamics S150 4.6
  • Siemens Sinamics S150 4.7
  • Siemens Sinamics S150 4.7 SP1
  • Siemens Sinamics S150 4.8
  • Siemens Sinamics S150 5.1
  • Siemens Sinamics S150 5.1 SP1
  • Siemens TIM 1531 IRC

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn't needed, filter access to the affected device at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Updates are available. Please see the references or vendor advisory for more information.

References

Credits

The vendor reported this issue.


© 1995- Symantec Corporation

Permission to redistribute this alert electronically is granted as long as it is not edited in any way unless authorized by Symantec Security Response. Reprinting the whole or part of this alert in any medium other than electronically requires permission from secure@symantec.com.

Disclaimer

The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

Symantec, Symantec products, Symantec Security Response, and secure@symantec.com are registered trademarks of Symantec Corp. and/or affiliated companies in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners.