CVE-2019-18336

Name of the Vulnerable Software and Affected Versions SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) versions prior to V3.X.17 SIMATIC TDC CP51M1 versions prior to V1.1.8 SIMATIC TDC CPU555 versions prior to V1.1.1 SINUMERIK 840D sl versions prior to V4.8.6 SINUMERIK 840D sl versions prior to V4.94

Description A vulnerability has been identified that allows an attacker to cause the affected device to go into defect mode by sending specially crafted packets to port 102/tcp (Profinet). Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interaction is required. The issue is related to an uncontrolled resource consumption (exhaustion) that can be exploited remotely.

Recommendations For SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) versions prior to V3.X.17, update to version V3.X.17 or later. For SIMATIC TDC CP51M1 versions prior to V1.1.8, update to version V1.1.8 or later. For SIMATIC TDC CPU555 versions prior to V1.1.1, update to version V1.1.1 or later. For SINUMERIK 840D sl versions prior to V4.8.6, update to version V4.8.6 or later. For SINUMERIK 840D sl versions prior to V4.94, update to version V4.94 or later. As a temporary workaround, consider restricting access to port 102/tcp to minimize the risk of exploitation.