Denial-of-Service Vulnerability in SIMATIC TDC CP51M1 by Siemens
CVE-2019-10937

7.5HIGH

Key Information:

Vendor: Siemens Ag
Status: Simatic Tdc Cp51m1
Vendor: CVE Published:; 13 September 2019

Summary

A vulnerability exists in the SIMATIC TDC CP51M1 device, impacting all versions below V1.1.7. This vulnerability allows an attacker with network access to execute a denial-of-service attack by sending specially crafted UDP packets. The exploitation of this vulnerability does not require authentication and can be performed remotely without any user interaction. Successful attacks compromise the availability of the targeted system, potentially disrupting operations. At the time of the advisory, there were no known public exploits for this vulnerability.

Affected Version(s)

SIMATIC TDC CP51M1 All versions < V1.1.7

References

https://cert-portal.siemens.com/productcert/pdf/ssa-25061...

x_refsource_MISC

https://www.us-cert.gov/ics/advisories/icsa-19-253-05

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 13, 2019
Vulnerability Reserved
Apr 8, 2019