CVE-2019-13939
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Summary
A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8.2 < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8.2 < V2.8.19), Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Desigo PXC00-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC100-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC12-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC22-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC22.1-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC36.1-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC50-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3 < V6.0.327), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | APOGEE MEC/MBC/PXC (P2) | All versions < V2.8.2 | affected |
| Siemens | APOGEE PXC Compact (BACnet) | 0 < V3.5.3 | affected |
| Siemens | APOGEE PXC Compact (P2 Ethernet) | V2.8.2 < V2.8.19 | affected |
| Siemens | APOGEE PXC Modular (BACnet) | 0 < V3.5.3 | affected |
| Siemens | APOGEE PXC Modular (P2 Ethernet) | V2.8.2 < V2.8.19 | affected |
| Siemens | Capital Embedded AR Classic 431-422 | 0 < * | affected |
| Siemens | Capital Embedded AR Classic R20-11 | 0 < V2303 | affected |
| Siemens | Desigo PXC00-E.D | V2.3 < V6.0.327 | affected |
| Siemens | Desigo PXC00-U | All versions >= V2.3x and < V6.00.327 | affected |
| Siemens | Desigo PXC001-E.D | V2.3 < V6.0.327 | affected |
| Siemens | Desigo PXC100-E.D | V2.3 < V6.0.327 | affected |
| Siemens | Desigo PXC12-E.D | V2.3 < V6.0.327 | affected |
| Siemens | Desigo PXC128-U | All versions >= V2.3x and < V6.00.327 | affected |
| Siemens | Desigo PXC200-E.D | V2.3 < V6.0.327 | affected |
| Siemens | Desigo PXC22-E.D | V2.3 < V6.0.327 | affected |
| Siemens | Desigo PXC22.1-E.D | V2.3 < V6.0.327 | affected |
| Siemens | Desigo PXC36.1-E.D | V2.3 < V6.0.327 | affected |
| Siemens | Desigo PXC50-E.D | V2.3 < V6.0.327 | affected |
| Siemens | Desigo PXC64-U | All versions >= V2.3x and < V6.00.327 | affected |
| Siemens | Desigo PXM20-E | V2.3 < V6.0.327 | affected |
| Siemens | Nucleus NET | 0 < * | affected |
| Siemens | Nucleus ReadyStart V3 | 0 < V2017.02.3 | affected |
| Siemens | Nucleus Source Code | 0 < * | affected |
| Siemens | SIMOTICS CONNECT 400 | All versions < V0.3.0.330 | affected |
| Siemens | TALON TC Compact (BACnet) | 0 < V3.5.3 | affected |
| Siemens | TALON TC Modular (BACnet) | 0 < V3.5.3 | affected |
Weaknesses
- CWE-20: CWE-20: Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
- https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf
- https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06
- https://cert-portal.siemens.com/productcert/html/ssa-434032.html
- https://cert-portal.siemens.com/productcert/html/ssa-162506.html
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf
- https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06
- https://cert-portal.siemens.com/productcert/html/ssa-434032.html
- https://cert-portal.siemens.com/productcert/html/ssa-162506.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.