Symantec Security ResponseSMNTC-107842Multiple Siemens Products CVE-2019-6568 Unspecified Denial of Service Vulnerability
0.001 Low
EPSS
Percentile
45.8%
Description
Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.
Technologies Affected
- Siemens CP 1604
- Siemens CP 1616
- Siemens RFID 181-EIP
- Siemens SIMATIC CP 343-1 Advanced
- Siemens SIMATIC CP 443-1
- Siemens SIMATIC CP 443-1 Advanced
- Siemens SIMATIC CP 443-1 OPC UA
- Siemens SIMATIC ET200 Open Controller CPU 1515SP PC
- Siemens SIMATIC ET200 Open Controller CPU 1515SP PC2
- Siemens SIMATIC HMI Comfort Outdoor Panels
- Siemens SIMATIC HMI Comfort Panels
- Siemens SIMATIC HMI KTP Mobile Panels
- Siemens SIMATIC HMI KTP400F Mobile
- Siemens SIMATIC HMI KTP700 Mobile
- Siemens SIMATIC HMI KTP700F Mobile
- Siemens SIMATIC HMI KTP900 Mobile
- Siemens SIMATIC HMI KTP900F Mobile
- Siemens SIMATIC IPC DiagMonitor
- Siemens SIMATIC RF182C
- Siemens SIMATIC RF185C
- Siemens SIMATIC RF186C
- Siemens SIMATIC RF188C
- Siemens SIMATIC RF600R
- Siemens SIMATIC S7-1500 CPU
- Siemens SIMATIC S7-1500 Software Controller
- Siemens SIMATIC S7-300 CPU
- Siemens SIMATIC S7-400 PN V6
- Siemens SIMATIC S7-400 PN/DP 7
- Siemens SIMATIC S7-PLCSIM Advanced
- Siemens SIMATIC Teleservice Adapter IE Advanced
- Siemens SIMATIC Teleservice Adapter IE Basic
- Siemens SIMATIC Teleservice Adapter IE Standard
- Siemens SIMATIC WinAC RTX 2010
- Siemens SIMATIC Wincc Runtime Advanced
- Siemens SIMOCODE pro V EIP
- Siemens SIMOCODE pro V PN
- Siemens SINAMICS GH150 4.7
- Siemens SINAMICS GH150 4.8
- Siemens SINAMICS GL150 4.7
- Siemens SINAMICS GL150 4.8
- Siemens SINAMICS GM150 4.7
- Siemens SINAMICS GM150 4.8
- Siemens SINAMICS S210 5.1
- Siemens SINAMICS S210 5.1 SP1
- Siemens SINAMICS SL150 4.7.0
- Siemens SINAMICS SL150 4.8
- Siemens SINAMICS SM120 4.7
- Siemens SINAMICS SM120 4.8
- Siemens SINAMICS SM150 4.8
- Siemens SITOP Manager
- Siemens SITOP PSU8600
- Siemens SITOP UPS1600
- Siemens Sinamics G130 4.6
- Siemens Sinamics G130 4.7
- Siemens Sinamics G130 4.7 SP1
- Siemens Sinamics G130 4.8
- Siemens Sinamics G130 5.1
- Siemens Sinamics G130 5.1 SP1
- Siemens Sinamics G150 4.6
- Siemens Sinamics G150 4.7
- Siemens Sinamics G150 4.7 SP1
- Siemens Sinamics G150 4.8
- Siemens Sinamics G150 5.1
- Siemens Sinamics G150 5.1 SP1
- Siemens Sinamics S120 4.6
- Siemens Sinamics S120 4.7
- Siemens Sinamics S120 4.7 SP1
- Siemens Sinamics S120 4.8
- Siemens Sinamics S120 5.1
- Siemens Sinamics S120 5.1 SP1
- Siemens Sinamics S150 4.6
- Siemens Sinamics S150 4.7
- Siemens Sinamics S150 4.7 SP1
- Siemens Sinamics S150 4.8
- Siemens Sinamics S150 5.1
- Siemens Sinamics S150 5.1 SP1
- Siemens TIM 1531 IRC
Recommendations
Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected device at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.
Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.
Updates are available. Please see the references or vendor advisory for more information.
References
Related
