Rewterz Threat Advisory – Siemens Industrial Products Multiple Vulnerabilities

Wednesday, September 11, 2019

Severity

Medium

Analysis Summary

CVE-2019-11477

The kernel is affected by an integer overflow when handling TCP Selective Acknowledgements, which could allow a remote attacker to cause a denial-of-service condition.

CVE-2019-11478

A remote attacker sending specially crafted TCP Selective Acknowledgment (SACK) sequences may cause a denial-of-service condition.

CVE-2019-11479

An attacker may exploit a vulnerability in the TCP retransmission queue implementation kernel when handling TCP Selective Acknowledgements (SACK) to cause a denial-of-service condition.

Impact

Denial of service

Affected Vendors

Siemens

Affected Products

  • CM 1542-1: All versions
  • CP 1242-7: All versions
  • CP 1243-1: All versions
  • CP 1243-7 LTE EU: All versions
  • CP 1243-7 LTE US: All versions
  • CP 1243-8 IRC: All versions
  • CP 1542SP-1: All versions
  • CP 1542SP-1 IRC: All versions
  • CP 1543-1: All versions
  • CP 1543SP-1: All versions
  • CloudConnect 712: All versions prior to 1.1.5
  • ROX II: All versions (Only vulnerable to CVE-2019-11479)
  • RUGGEDCOM RM1224: All versions
  • S7-1500 CPU 1518(F)-4 PN/DP MFP: All versions
  • SCALANCE M800: All versions
  • SCALANCE M875: All versions
  • SCALANCE S615: All versions
  • SCALANCE SC-600: All versions prior to 2.0.1
  • SCALANCE W-700 (IEEE 802.11n): All versions
  • SCALANCE W1700: All versions
  • SCALANCE WLC711: All versions
  • SCALANCE WLC712: All versions
  • SIMATIC ITC1500: All versions
  • SIMATIC ITC1500 PRO: All versions
  • SIMATIC ITC1900: All versions
  • SIMATIC ITC1900 PRO: All versions
  • SIMATIC ITC2200: All versions
  • SIMATIC ITC2200 PRO: All versions
  • SIMATIC MV500: All versions
  • SIMATIC RF166C: All versions
  • SIMATIC RF185C: All versions
  • SIMATIC RF186C: All versions
  • SIMATIC RF186CI: All versions
  • SIMATIC RF188C: All versions
  • SIMATIC RF188CI: All versions
  • SIMATIC RF600R: All versions
  • SIMATIC Teleserver Adapter IE Advanced: All versions
  • SIMATIC Teleserver Adapter IE Basic: All versions
  • SINEMA Remote Connect Server: All versions prior to 2.0 SP1
  • SINUMERIK 808D: All versions
  • SINUMERIK 828D: All versions
  • SINUMERIK 840D sl: All versions
  • TIM 1531 IRC: All versions

Remediation

Please see vendor’s advisory for the list of updated patches

https://www.us-cert.gov/ics/advisories/icsa-19-253-03

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 17, September 2019 Rewterz Threat Alert – Emotet Revival with Spam Emails Around the World
  • 17, September 2019 Rewterz Threat Advisory – CVE-2016-1409 – Cisco Products IPv6 Neighbor Discovery Crafted Packet Vulnerability
  • 17, September 2019 Rewterz Threat Alert – Phishing Attack Targets The Guardian’s Whistleblowing Site
  • 16, September 2019 Rewterz Threat Alert – InnfiRAT Malware Steals Litecoin And Bitcoin Wallet Information

Copyright © Rewterz. All rights reserved.