{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T21:05:18.053","vulnerabilities":[{"cve":{"id":"CVE-2019-19301","sourceIdentifier":"productcert@siemens.com","published":"2020-04-14T20:15:14.967","lastModified":"2024-11-21T04:34:31.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALANCE X204IRT PRO, SCALANCE X206-1, SCALANCE X206-1LD, SCALANCE X208, SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204-2, SCALANCE XF204-2BA IRT, SCALANCE XF204IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIMATIC CP 343-1 Advanced, SIMATIC CP 442-1 RNA, SIMATIC CP 443-1, SIMATIC CP 443-1, SIMATIC CP 443-1 Advanced, SIMATIC CP 443-1 RNA, SIMATIC RF180C, SIMATIC RF182C, SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SIPLUS NET SCALANCE X308-2. The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALANCE X204IRT PRO, SCALANCE X206-1, SCALANCE X206-1LD, SCALANCE X208, SCALANCE X208PRO, SCALANCE X212-2, SCALANCE X212-2LD, SCALANCE X216, SCALANCE X224, SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, revestido), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, revestido), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, revestido), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, revestido), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, revestido), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, revestido), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, revestido), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, revestido), SCALANCE X307-3 SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XF201-3P IRT, SCALANCE XF202-2P IRT, SCALANCE XF204, SCALANCE XF204-2, SCALANCE XF204-2BA IRT, SCALANCE XF204IRT, SCALANCE XF206-1, SCALANCE XF208, SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte delantera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (230V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte delantera) SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M (24V, puertos en la parte trasera), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte delantera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M EEC (2x 24V, puertos en la parte trasera), SCALANCE XR324-4M PoE (230V, puertos en la parte delantera), SCALANCE XR324-4M PoE (230V, puertos en la parte trasera), SCALANCE XR324-4M PoE (24V, puertos en la parte delantera), SCALANCE XR324-4M PoE (24V, puertos en la parte trasera), SCALANCE XR324-4M PoE TS (24V, puertos en la parte delantera), SIMATIC CP 343-1 Advanced, SIMATIC CP 442-1 RNA, SIMATIC CP 443-1, SIMATIC CP 443-1 Advanced, SIMATIC CP 443-1 RNA, SIMATIC RF180C, SIMATIC RF182C, SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SIPLUS NET SCALANCE X308-2. La pila TCP de Profinet basada en VxWorks puede verse obligada a realizar llamadas muy costosas por cada paquete entrante, lo que puede provocar una denegaciĆ³n de servicio"}],"metrics":{"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"C08F92C8-0A5D-470E-8CFC-F622C3014336"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*","matchCriteriaId":"7719E194-EE3D-4CE8-8C85-CF0D82A553AA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:scalance_xf-200_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"96432C6B-6A9E-406F-9A64-9448CB786352"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xf-200:-:*:*:*:*:*:*:*","matchCriteriaId":"BB503096-C528-478C-BD07-019C2CC882E4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"3491A486-47F3-4B30-B613-DCC412F6EF5B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*","matchCriteriaId":"8F962FC7-0616-467F-8CCA-ADEA224B5F7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"E673B450-C436-49F3-B2F3-872B704FE075"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*","matchCriteriaId":"6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:scalance_x-200irt_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.5.0","matchCriteriaId":"02DA7157-4088-4EB8-98AF-18C7D64F6AE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_x-200irt:-:*:*:*:*:*:*:*","matchCriteriaId":"94C7BE35-D3A6-488C-BB3D-D17D65DF4B80"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:scalance_x-200irt_pro_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"A977EB4D-F64E-44CB-A3EF-CCE9F69D77BC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_x-200irt_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"0CB57CFF-C367-4988-A3EE-889164B48034"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"64A47C63-7150-4F8D-BFD9-2F5C2761DBDF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*","matchCriteriaId":"434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:scalance_x-300_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"3F2C50BB-CC63-40BE-A5F0-0F0C342586CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_x-300:-:*:*:*:*:*:*:*","matchCriteriaId":"B2D0AB50-6F0B-4232-8C8E-1647410D362D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:scalance_xr-300_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"B357AD42-1806-4BE5-B76D-F798E475F659"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr-300:-:*:*:*:*:*:*:*","matchCriteriaId":"889CF2C0-EE6C-447F-85F1-005730EAD232"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:simatic_cp_443-1_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"88638890-5ABE-4824-A41F-FCF30532A538"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:*:*:*:*","matchCriteriaId":"F58423D0-954E-426E-9F8F-3DD95FBDF50C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:simatic_cp_443-1_advanced_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"5B01B39C-0039-4126-95F2-6F691C5158A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:simatic_cp_443-1_advanced:-:*:*:*:*:*:*:*","matchCriteriaId":"E478FE71-32D1-4FE4-8AC9-1C898EFFD0B3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:simatic_rf180c_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"167F39FD-FFB5-4C82-BE39-0787ED369546"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:simatic_rf180c:-:*:*:*:*:*:*:*","matchCriteriaId":"62129B85-7C98-4951-8194-2E602A8DCDBD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:simatic_rf182c_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"0FC4F972-3A3B-421C-8D62-9C5C4D1992CF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*","matchCriteriaId":"7540DAD9-2AAC-46A9-B1C5-BB1AC4FCE710"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-102233.pdf","source":"productcert@siemens.com","tags":["Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-102233.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}