CVE-2019-13945 : A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS

A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family < V4.x (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family V4.x (incl. SIPLUS variants) (All versions with Function State (FS) < 11), SIMATIC S7-200 SMART CPU CR20s (6ES7 288-1CR20-0AA1) (All versions <= V2.3.0 and Function State (FS) <= 3), SIMATIC S7-200 SMART CPU CR30s (6ES7 288-1CR30-0AA1) (All versions <= V2.3.0 and Function State (FS) <= 3), SIMATIC S7-200 SMART CPU CR40 (6ES7 288-1CR40-0AA0) (All versions <= V2.2.2 and Function State (FS) <= 8), SIMATIC S7-200 SMART CPU CR40s (6ES7 288-1CR40-0AA1) (All versions <= V2.3.0 and Function State (FS) <= 3), SIMATIC S7-200 SMART CPU CR60 (6ES7 288-1CR60-0AA0) (All versions <= V2.2.2 and Function State (FS) <= 10), SIMATIC S7-200 SMART CPU CR60s (6ES7 288-1CR60-0AA1) (All versions <= V2.3.0 and Function State (FS) <= 3), SIMATIC S7-200 SMART CPU SR20 (6ES7 288-1SR20-0AA0) (All versions <= V2.5.0 and Function State (FS) <= 11), SIMATIC S7-200 SMART CPU SR30 (6ES7 288-1SR30-0AA0) (All versions <= V2.5.0 and Function State (FS) <= 10), SIMATIC S7-200 SMART CPU SR40 (6ES7 288-1SR40-0AA0) (All versions <= V2.5.0 and Function State (FS) <= 10), SIMATIC S7-200 SMART CPU SR60 (6ES7 288-1SR60-0AA0) (All versions <= V2.5.0 and Function State (FS) <= 12), SIMATIC S7-200 SMART CPU ST20 (6ES7 288-1ST20-0AA0) (All versions <= V2.5.0 and Function State (FS) <= 9), SIMATIC S7-200 SMART CPU ST30 (6ES7 288-1ST30-0AA0) (All versions <= V2.5.0 and Function State (FS) <= 9), SIMATIC S7-200 SMART CPU ST40 (6ES7 288-1ST40-0AA0) (All versions <= V2.5.0 and Function State (FS) <= 8), SIMATIC S7-200 SMART CPU ST60 (6ES7 288-1ST60-0AA0) (All versions <= V2.5.0 and Function State (FS) <= 8), SIMATIC S7-200 SMART CPU family (All versions). There is an access mode used during manufacturing of the affected devices that allows additional diagnostic functionality. The security vulnerability could be exploited by an attacker with physical access to the UART interface during boot process.

Published 2019-12-12 14:15:15

Updated 2020-10-09 13:35:41

Source Siemens AG

View at NVD, CVE.org

Products affected by CVE-2019-13945

Siemens » Simatic S7-1200 Firmware
cpe:2.3:o:siemens:simatic_s7-1200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-1200 » Version: N/A
Siemens » S7-200 Smart Firmware
cpe:2.3:o:siemens:s7-200_smart_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » S7-200 Smart » Version: N/A
Siemens » Simatic S7-200 Smart Cpu St20 Firmware
Versions up to, including, (<=) 2.5.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_st20_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu St20 » Version: N/A
Siemens » Simatic S7-200 Smart Cpu St30 Firmware
Versions up to, including, (<=) 2.5.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_st30_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu St30 » Version: N/A
Siemens » Simatic S7-200 Smart Cpu St40 Firmware
Versions up to, including, (<=) 2.5.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_st40_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu St40 » Version: N/A
Siemens » Simatic S7-200 Smart Cpu St60 Firmware
Versions up to, including, (<=) 2.5.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_st60_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu St60 » Version: N/A
Siemens » Simatic S7-200 Smart Cpu Sr20 Firmware
Versions up to, including, (<=) 2.5.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_sr20_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu Sr20 » Version: N/A
Siemens » Simatic S7-200 Smart Cpu Sr30 Firmware
Versions up to, including, (<=) 2.5.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_sr30_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu Sr30 » Version: N/A
Siemens » Simatic S7-200 Smart Cpu Sr40 Firmware
Versions up to, including, (<=) 2.5.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_sr40_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu Sr40 » Version: N/A
Siemens » Simatic S7-200 Smart Cpu Sr60 Firmware
Versions up to, including, (<=) 2.5.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_sr60_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu Sr60 » Version: N/A
Siemens » Simatic S7-200 Smart Cpu Cr40 Firmware
Versions up to, including, (<=) 2.2.2
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_cr40_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu Cr40 » Version: N/A
Siemens » Simatic S7-200 Smart Cpu Cr60 Firmware
Versions up to, including, (<=) 2.2.2
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_cr60_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu Cr60 » Version: N/A
Siemens » Simatic S7-200 Smart Cpu Cr20s Firmware
Versions up to, including, (<=) 2.3.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_cr20s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu Cr20s » Version: N/A
Siemens » Simatic S7-200 Smart Cpu Cr30s Firmware
Versions up to, including, (<=) 2.3.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_cr30s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu Cr30s » Version: N/A
Siemens » Simatic S7-200 Smart Cpu Cr40s Firmware
Versions up to, including, (<=) 2.3.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_cr40s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu Cr40s » Version: N/A
Siemens » Simatic S7-200 Smart Cpu Cr60s Firmware
Versions up to, including, (<=) 2.3.0
cpe:2.3:o:siemens:simatic_s7-200_smart_cpu_cr60s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic S7-200 Smart Cpu Cr60s » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2019-13945

EPSS FAQ

0.15%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 36 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-13945

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
6.8	MEDIUM	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	0.9	5.9	NIST
Attack Vector: Physical Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-13945

CWE-749 Exposed Dangerous Method or Function

The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.

Assigned by: productcert@siemens.com (Secondary)

References for CVE-2019-13945

https://cert-portal.siemens.com/productcert/pdf/ssa-686531.pdf

Vendor Advisory

Jump to

Vulnerability Details : CVE-2019-13945

Products affected by CVE-2019-13945

Exploit prediction scoring system (EPSS) score for CVE-2019-13945

CVSS scores for CVE-2019-13945

CWE ids for CVE-2019-13945

References for CVE-2019-13945