Sign-up

ID

VAR-201912-1178


CVE

CVE-2019-13927


TITLE

Siemens Desigo PX Web Remote Denial of Service Vulnerability

Trust: 0.8

sources: IVD: d3f319f9-c20f-4266-a625-8d3798935796 // CNVD: CNVD-2019-40514

DESCRIPTION

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web server (All firmware versions < V6.00.320). The device contains a vulnerability that could allow an attacker to cause a denial of service condition on the device's web server by sending a specially crafted HTTP message to the web server port (tcp/80). The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device's web service. While the device itself stays operational, the web server responds with HTTP status code 404 (Not found) to any further request. A reboot is required to recover the web interface. At the time of advisory publication no public exploitation of this security vulnerability was known. Several Siemens products are vulnerable to a resource leak into the wrong area.Service operation interruption (DoS) There is a possibility of being put into a state. The Desigo-PX automation station and operator unit control and monitor the building automation system. They allow alarm signals, time-based programs and trend recording. Desigo PX is a modern building automation and controlsystem for the entire field of building service plants

Trust: 2.43

sources: NVD: CVE-2019-13927 // JVNDB: JVNDB-2019-013813 // CNVD: CNVD-2019-40514 // IVD: d3f319f9-c20f-4266-a625-8d3798935796 // ZSL: ZSL-2019-5542

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: d3f319f9-c20f-4266-a625-8d3798935796 // CNVD: CNVD-2019-40514

AFFECTED PRODUCTS

vendor:siemensmodel:pxc00-uscope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxc100-e.dscope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxc00-e.dscope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxc50-e.dscope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxc128-uscope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxa30-w1scope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxa30-w2scope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxa40-w1scope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxc36-e.dscope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxc36.1-e.dscope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxa30-w0scope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxc200-e.dscope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxa40-w2scope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxc22.1-e.dscope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxc64-uscope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxa40-w0scope:ltversion:6.00.320

Trust: 1.0

vendor:siemensmodel:pxa40-w0scope: - version: -

Trust: 0.8

vendor:siemensmodel:pxa40-w1scope: - version: -

Trust: 0.8

vendor:siemensmodel:pxa40-w2scope: - version: -

Trust: 0.8

vendor:siemensmodel:pxc00-e.dscope: - version: -

Trust: 0.8

vendor:siemensmodel:pxc00-uscope: - version: -

Trust: 0.8

vendor:siemensmodel:pxc100-e.dscope: - version: -

Trust: 0.8

vendor:siemensmodel:pxc128-uscope: - version: -

Trust: 0.8

vendor:siemensmodel:pxc200-e.dscope: - version: -

Trust: 0.8

vendor:siemensmodel:pxc50-e.dscope: - version: -

Trust: 0.8

vendor:siemensmodel:pxc64-uscope: - version: -

Trust: 0.8

vendor:siemensmodel:pxa40-w2scope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxa40-w1scope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc200-e.d with de-sigo px web modules pxa40-w0scope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc100-e.dscope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc50-e.dscope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc00-e.dscope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxa30-w2scope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxa30-w1scope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc128-u with desigo px web mod-ules pxa30-w0scope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc64-uscope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc00-uscope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc36.1-e.d with activated webserverscope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc36-e.dscope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc22.1-e.dscope:ltversion:v6.00.320

Trust: 0.6

vendor:siemensmodel:pxc00-e.dscope:eqversion: -

Trust: 0.6

vendor:siemensmodel:pxc00-uscope:eqversion: -

Trust: 0.6

vendor:siemensmodel:pxa40-w0scope:eqversion: -

Trust: 0.6

vendor:siemensmodel:pxc100-e.dscope:eqversion: -

Trust: 0.6

vendor:siemensmodel:pxc36-e.dscope:eqversion: -

Trust: 0.6

vendor:siemensmodel:pxc36.1-e.dscope:eqversion: -

Trust: 0.6

vendor:siemensmodel:pxc50-e.dscope:eqversion: -

Trust: 0.6

vendor:siemensmodel:pxa40-w1scope:eqversion: -

Trust: 0.6

vendor:siemensmodel:pxa40-w2scope:eqversion: -

Trust: 0.6

vendor:siemensmodel:pxc200-e.dscope:eqversion: -

Trust: 0.6

vendor:siemensmodel:desigo px vscope:eqversion:all firmware versions &lt; v6.00.320

Trust: 0.5

vendor:pxc00 e dmodel: - scope:eqversion:*

Trust: 0.2

vendor:pxc128 umodel: - scope:eqversion:*

Trust: 0.2

vendor:pxa30 w0model: - scope:eqversion:*

Trust: 0.2

vendor:pxa30 w1model: - scope:eqversion:*

Trust: 0.2

vendor:pxa30 w2model: - scope:eqversion:*

Trust: 0.2

vendor:pxc22 1 e dmodel: - scope:eqversion:*

Trust: 0.2

vendor:pxc36 e dmodel: - scope:eqversion:*

Trust: 0.2

vendor:pxc36 1 e dmodel: - scope:eqversion:*

Trust: 0.2

vendor:pxc50 e dmodel: - scope:eqversion:*

Trust: 0.2

vendor:pxc100 e dmodel: - scope:eqversion:*

Trust: 0.2

vendor:pxc200 e dmodel: - scope:eqversion:*

Trust: 0.2

vendor:pxa40 w0model: - scope:eqversion:*

Trust: 0.2

vendor:pxa40 w1model: - scope:eqversion:*

Trust: 0.2

vendor:pxa40 w2model: - scope:eqversion:*

Trust: 0.2

vendor:pxc00 umodel: - scope:eqversion:*

Trust: 0.2

vendor:pxc64 umodel: - scope:eqversion:*

Trust: 0.2

vendor:siemensmodel:desigo px vscope:eqversion:pxc200-e.d

Trust: 0.1

vendor:siemensmodel:desigo px vscope:eqversion:pxa40-w2

Trust: 0.1

vendor:siemensmodel:desigo px vscope:eqversion:pxc128-u

Trust: 0.1

vendor:siemensmodel:desigo px vscope:eqversion:pxa30-w2

Trust: 0.1

vendor:siemensmodel:desigo px vscope:eqversion:pxc36.1-e.d

Trust: 0.1

vendor:siemensmodel:desigo px vscope:eqversion:with activated web server

Trust: 0.1

sources: ZSL: ZSL-2019-5542 // IVD: d3f319f9-c20f-4266-a625-8d3798935796 // CNVD: CNVD-2019-40514 // JVNDB: JVNDB-2019-013813 // CNNVD: CNNVD-201911-799 // NVD: CVE-2019-13927

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-13927
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-13927
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-40514
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201911-799
value: MEDIUM

Trust: 0.6

IVD: d3f319f9-c20f-4266-a625-8d3798935796
value: MEDIUM

Trust: 0.2

ZSL: ZSL-2019-5542
value: (3/5)

Trust: 0.1

nvd@nist.gov: CVE-2019-13927
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-40514
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: d3f319f9-c20f-4266-a625-8d3798935796
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2019-13927
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2019-13927
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: ZSL: ZSL-2019-5542 // IVD: d3f319f9-c20f-4266-a625-8d3798935796 // CNVD: CNVD-2019-40514 // JVNDB: JVNDB-2019-013813 // CNNVD: CNNVD-201911-799 // NVD: CVE-2019-13927

PROBLEMTYPE DATA

problemtype:CWE-668

Trust: 1.8

problemtype:CWE-472

Trust: 1.0

sources: JVNDB: JVNDB-2019-013813 // NVD: CVE-2019-13927

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201911-799

TYPE

other

Trust: 0.8

sources: IVD: d3f319f9-c20f-4266-a625-8d3798935796 // CNNVD: CNNVD-201911-799

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-013813

EXPLOIT AVAILABILITY
sources:
            
            
            ZSL: ZSL-2019-5542

PATCH
title:SSA-898181url:https://cert-portal.siemens.com/productcert/pdf/ssa-898181.pdf
Trust: 0.8
title:Patch for Siemens Desigo PX Web Remote Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/189931
Trust: 0.6
title:Siemens Desigo PX Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=102823
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-40514 // 
            
            
            
            JVNDB: JVNDB-2019-013813 // 
            
            
            
            CNNVD: CNNVD-201911-799

EXTERNAL IDS
db:NVDid:CVE-2019-13927
Trust: 3.3
db:SIEMENSid:SSA-898181
Trust: 2.3
db:CNVDid:CNVD-2019-40514
Trust: 0.8
db:CNNVDid:CNNVD-201911-799
Trust: 0.8
db:JVNDBid:JVNDB-2019-013813
Trust: 0.8
db:ICS CERTid:ICSA-19-318-03
Trust: 0.7
db:PACKETSTORMid:155321
Trust: 0.7
db:AUSCERTid:ESB-2019.4313
Trust: 0.6
db:IVDid:D3F319F9-C20F-4266-A625-8D3798935796
Trust: 0.2
db:EXPLOIT-DBid:47657
Trust: 0.1
db:ZSLid:ZSL-2019-5542
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2019-5542 // 
            
            
            
            IVD: d3f319f9-c20f-4266-a625-8d3798935796 // 
            
            
            
            CNVD: CNVD-2019-40514 // 
            
            
            
            JVNDB: JVNDB-2019-013813 // 
            
            
            
            CNNVD: CNNVD-201911-799 // 
            
            
            
            NVD: CVE-2019-13927

REFERENCES
url:https://cert-portal.siemens.com/productcert/pdf/ssa-898181.pdf
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2019-13927
Trust: 1.5
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13927
Trust: 0.9
url:https://www.us-cert.gov/ics/advisories/icsa-19-318-03
Trust: 0.7
url:https://packetstormsecurity.com/files/155321/siemens-desigo-px-6.00-denial-of-service.html
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.4313/
Trust: 0.6
url:https://support.industry.siemens.com/cs/document/109772802
Trust: 0.1
url:https://new.siemens.com/global/en/products/services/cert.html
Trust: 0.1
url:https://cert-portal.siemens.com/productcert/txt/ssa-898181.txt
Trust: 0.1
url:https://new.siemens.com/global/en/products/services/cert/hall-of-thanks.html
Trust: 0.1
url:https://new.siemens.com/global/en/company/stories/research-technologies/cybersecurity/rhythm-for-security.html
Trust: 0.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/171445
Trust: 0.1
url:https://packetstormsecurity.com/files/155321
Trust: 0.1
url:https://www.exploit-db.com/exploits/47657
Trust: 0.1
url:https://www.symantec.com/security-center/vulnerabilities/writeup/110866
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2019-5542 // 
            
            
            
            CNVD: CNVD-2019-40514 // 
            
            
            
            JVNDB: JVNDB-2019-013813 // 
            
            
            
            CNNVD: CNNVD-201911-799 // 
            
            
            
            NVD: CVE-2019-13927

CREDITS
LiquidWorm
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201911-799

SOURCES
db:ZSLid:ZSL-2019-5542
db:IVDid:d3f319f9-c20f-4266-a625-8d3798935796
db:CNVDid:CNVD-2019-40514
db:JVNDBid:JVNDB-2019-013813
db:CNNVDid:CNNVD-201911-799
db:NVDid:CVE-2019-13927

LAST UPDATE DATE
2024-11-23T22:55:19.766000+00:00

SOURCES UPDATE DATE
db:ZSLid:ZSL-2019-5542date:2019-11-15T00:00:00
db:CNVDid:CNVD-2019-40514date:2019-11-14T00:00:00
db:JVNDBid:JVNDB-2019-013813date:2020-01-16T00:00:00
db:CNNVDid:CNNVD-201911-799date:2019-12-31T00:00:00
db:NVDid:CVE-2019-13927date:2024-11-21T04:25:42.927

SOURCES RELEASE DATE
db:ZSLid:ZSL-2019-5542date:2019-11-13T00:00:00
db:IVDid:d3f319f9-c20f-4266-a625-8d3798935796date:2019-11-14T00:00:00
db:CNVDid:CNVD-2019-40514date:2019-11-14T00:00:00
db:JVNDBid:JVNDB-2019-013813date:2020-01-16T00:00:00
db:CNNVDid:CNNVD-201911-799date:2019-11-13T00:00:00
db:NVDid:CVE-2019-13927date:2019-12-12T14:15:14.897