CVE-2019-13939

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.

CVSS v3 7.1 HIGH
CVSS v2.0 4.8 MEDIUM

7.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 4.2

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

4.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:L/Au:N/C:N/I:P/A:P

Exploitability : 6.5 / Impact : 4.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-162506.html
https://cert-portal.siemens.com/productcert/html/ssa-434032.html
https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf	Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf	Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06	Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:siemens:capital_vstar::::::::
	cpe:2.3:a:siemens:nucleus_net::::::::
	cpe:2.3:a:siemens:nucleus_readystart::::::::
	cpe:2.3:a:siemens:nucleus_safetycert::::::::
	cpe:2.3:a:siemens:nucleus_source_code::::::::
	cpe:2.3:o:siemens:nucleus_rtos::::::::

Configuration 2 (hide)

AND

cpe:2.3:o:siemens:apogee_modular_equiment_controller_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:apogee_modular_equiment_controller:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:apogee_modular_building_controller_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:apogee_modular_building_controller:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:siemens:apogee_pxc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:apogee_pxc:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:desigo_pxc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigo_pxc:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:siemens:desigo_pxm20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigo_pxm20:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:simotics_connect_400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simotics_connect_400:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:siemens:talon_tc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:talon_tc:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:siemens:desigo_pxc00-e.d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigo_pxc00-e.d:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:siemens:desigo_pxc00-u_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigo_pxc00-u:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:siemens:desigo_pxc001-e.d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigo_pxc001-e.d:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:siemens:desigo_pxc12-e.d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigo_pxc12-e.d:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:siemens:desigo_pxc22-e.d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigo_pxc22-e.d:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:siemens:desigo_pxc22.1-e.d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigo_pxc22.1-e.d:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:siemens:desigo_pxc36.1-e.d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigo_pxc36.1-e.d:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:siemens:desigopxc50-e.d_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigopxc50-e.d:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:siemens:desigopxc64-u_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigopxc64-u:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:siemens:desigopxc100-e.d_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigopxc100-e.d:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:siemens:desigopxc128-u_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigopxc128-u:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:siemens:desigopxc200-e.d_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigopxc200-e.d:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:siemens:desigopxm20-e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:desigopxm20-e:-:*:*:*:*:*:*:*

History

13 Feb 2024, 09:15

Type	Values Removed	Values Added
References		() https://cert-portal.siemens.com/productcert/html/ssa-162506.html - () https://cert-portal.siemens.com/productcert/html/ssa-434032.html -
Summary	(en) A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2 and < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.	(en) A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.
CWE	~~CWE-840~~	CWE-20

09 May 2023, 16:27

Type	Values Removed	Values Added
First Time		Siemens desigo Pxc00-e.d Firmware Siemens desigopxc200-e.d Siemens desigopxc100-e.d Firmware Siemens desigo Pxc00-e.d Siemens desigo Pxc12-e.d Firmware Siemens desigo Pxc12-e.d Siemens desigo Pxc00-u Firmware Siemens desigopxm20-e Firmware Siemens desigopxc64-u Firmware Siemens desigopxm20-e Siemens desigopxc50-e.d Siemens desigopxc50-e.d Firmware Siemens desigo Pxc00-u Siemens desigo Pxc001-e.d Siemens desigopxc100-e.d Siemens desigopxc200-e.d Firmware Siemens desigo Pxc22.1-e.d Firmware Siemens desigopxc64-u Siemens desigo Pxc001-e.d Firmware Siemens desigo Pxc36.1-e.d Siemens desigopxc128-u Firmware Siemens desigo Pxc22-e.d Firmware Siemens desigo Pxc36.1-e.d Firmware Siemens desigo Pxc22.1-e.d Siemens desigopxc128-u Siemens desigo Pxc22-e.d
CPE		cpe:2.3:o:siemens:desigo_pxc36.1-e.d_firmware:::::::: cpe:2.3:o:siemens:desigopxc50-e.d_firmware:-:::::::* cpe:2.3:h:siemens:desigo_pxc22.1-e.d:-:::::::* cpe:2.3:o:siemens:desigo_pxc12-e.d_firmware:::::::: cpe:2.3:h:siemens:desigopxc200-e.d:-:::::::* cpe:2.3:o:siemens:desigo_pxc00-e.d_firmware:::::::: cpe:2.3:o:siemens:desigopxc200-e.d_firmware:-:::::::* cpe:2.3:h:siemens:desigo_pxc00-e.d:-:::::::* cpe:2.3:h:siemens:desigo_pxc36.1-e.d:-:::::::* cpe:2.3:h:siemens:desigo_pxc12-e.d:-:::::::* cpe:2.3:o:siemens:desigopxc100-e.d_firmware:-:::::::* cpe:2.3:o:siemens:desigo_pxc001-e.d_firmware:::::::: cpe:2.3:h:siemens:desigo_pxc001-e.d:-:::::::* cpe:2.3:h:siemens:desigopxc50-e.d:-:::::::* cpe:2.3:h:siemens:desigopxm20-e:-:::::::* cpe:2.3:o:siemens:desigopxm20-e_firmware:-:::::::* cpe:2.3:o:siemens:desigopxc128-u_firmware:-:::::::* cpe:2.3:h:siemens:desigopxc100-e.d:-:::::::* cpe:2.3:o:siemens:desigo_pxc22-e.d_firmware:::::::: cpe:2.3:h:siemens:desigopxc64-u:-:::::::* cpe:2.3:h:siemens:desigo_pxc22-e.d:-:::::::* cpe:2.3:h:siemens:desigopxc128-u:-:::::::* cpe:2.3:o:siemens:desigo_pxc22.1-e.d_firmware:::::::: cpe:2.3:h:siemens:desigo_pxc00-u:-:::::::* cpe:2.3:o:siemens:desigo_pxc00-u_firmware:::::::: cpe:2.3:o:siemens:desigopxc64-u_firmware:-:::::::*
References	~~(MISC) https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06 -~~	(MISC) https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06 - Third Party Advisory, US Government Resource

20 May 2022, 14:15

Type	Values Removed	Values Added
Summary	A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2 and < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.	A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2 and < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.

20 May 2022, 13:15

Type	Values Removed	Values Added
Summary	A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.	A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2 and < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.

12 Apr 2022, 10:15

Type	Values Removed	Values Added
Summary	A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.	A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.

12 Apr 2022, 09:15

Type	Values Removed	Values Added
Summary	A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions >= V3.0), APOGEE PXC Series (P2) (All versions >= V2.8.2), Desigo PXC (Power PC) (All versions >= V2.3x and < V6.00.327), Desigo PXM20 (Power PC) (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions <= V0.3.0.95), TALON TC Series (BACnet) (All versions >= V3.0), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.	A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.

09 Nov 2021, 14:04

Type	Values Removed	Values Added
CPE	cpe:2.3:a:siemens:vstar::::::::	cpe:2.3:a:siemens:capital_vstar::::::::

14 Jan 2021, 00:15

Type	Values Removed	Values Added
References	{'url': 'https://www.us-cert.gov/ics/advisories/icsa-20-105-06', 'name': 'https://www.us-cert.gov/ics/advisories/icsa-20-105-06', 'tags': ['Third Party Advisory', 'US Government Resource'], 'refsource': 'MISC'}	(MISC) https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06 -

12 Jan 2021, 21:15

Type	Values Removed	Values Added
Summary	A vulnerability has been identified in Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), VSTAR (All versions). By sending specially crafted DHCP packets to a device, an attacker may be able to affect availability and integrity of the device. Adjacent network access, but no authentication and no user interaction is needed to conduct this attack. At the time of advisory publication no public exploitation of this security vulnerability was known.	A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions >= V3.0), APOGEE PXC Series (P2) (All versions >= V2.8.2), Desigo PXC (Power PC) (All versions >= V2.3x and < V6.00.327), Desigo PXM20 (Power PC) (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions <= V0.3.0.95), TALON TC Series (BACnet) (All versions >= V3.0), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.

Information

Published : 2020-01-16 16:15

Updated : 2024-02-13 09:15

NVD link : CVE-2019-13939

Mitre link : CVE-2019-13939

CVE.ORG link : CVE-2019-13939

JSON object : View

Products Affected

siemens

desigo_pxc001-e.d_firmware
desigo_pxc36.1-e.d
apogee_modular_equiment_controller_firmware
nucleus_readystart
simotics_connect_400_firmware
talon_tc
desigopxc50-e.d_firmware
desigopxc64-u
desigo_pxm20
capital_vstar
talon_tc_firmware
nucleus_net
apogee_modular_building_controller_firmware
nucleus_source_code
apogee_pxc
desigo_pxc00-e.d
desigopxc100-e.d_firmware
desigo_pxc_firmware
apogee_pxc_firmware
desigopxm20-e
desigopxc200-e.d_firmware
apogee_modular_equiment_controller
nucleus_rtos
nucleus_safetycert
desigo_pxc00-u
desigo_pxc22.1-e.d_firmware
desigo_pxc36.1-e.d_firmware
desigo_pxc
desigopxm20-e_firmware
desigo_pxc001-e.d
desigopxc64-u_firmware
desigopxc128-u_firmware
desigopxc50-e.d
desigo_pxc12-e.d_firmware
desigo_pxm20_firmware
desigo_pxc12-e.d
desigo_pxc22.1-e.d
desigo_pxc22-e.d
desigopxc100-e.d
desigo_pxc00-e.d_firmware
apogee_modular_building_controller
simotics_connect_400
desigopxc128-u
desigo_pxc22-e.d_firmware
desigopxc200-e.d
desigo_pxc00-u_firmware

CWE

CWE-20

Improper Input Validation

NVD-CWE-noinfo

7.1 /10

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

4.8 /10

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2019-13939

7.1^/10

4.8^/10

Attach tags to `CVE-2019-13939`