Description
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
E
Physical
RL
O
RC
Changed
Affected products
- Siemens / Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller0 – *
- Siemens / Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200All Versions < V4.5 – All Versions < V4.5
- Siemens / Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PAll Versions < V4.6 – All Versions < V4.6
- Siemens / PROFINET Driver for ControllerAll Versions < V2.1 – All Versions < V2.1
- Siemens / RUGGEDCOM RM1224 familyAll versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE M804PBAll versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE M812-1 ADSL-RouterAll versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE M816-1 ADSL-RouterAll versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE M826-2 SHDSL-RouterAll versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE M874-2All versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE M874-3All versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE M876-3All versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE M876-3 (ROK)All versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE M876-4 (EU)All versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE M876-4 (NAM)All versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE S615 LAN-RouterAll versions < V4.3 – All versions < V4.3
- Siemens / SCALANCE W-700 IEEE 802.11n familyAll versions <= V6.0.1 – All versions <= V6.0.1
- Siemens / SCALANCE X200-4P IRTAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE X201-3P IRTAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE X201-3P IRT PROAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE X202-2IRTAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE X202-2P IRTAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE X202-2P IRT PROAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE X204-2All versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X204-2FMAll versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X204-2LDAll versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X204-2LD TSAll versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X204-2TSAll versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X204IRTAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE X204IRT PROAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE X206-1All versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X206-1LDAll versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X208All versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X208PROAll versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X212-2All versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X212-2LDAll versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X216All versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X224All versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE X302-7 EEC (230V)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X302-7 EEC (230V, coated)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X302-7 EEC (24V)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X302-7 EEC (24V, coated)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X302-7 EEC (2x 230V)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X302-7 EEC (2x 230V, coated)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X302-7 EEC (2x 24V)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X302-7 EEC (2x 24V, coated)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X304-2FEAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X306-1LD FEAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X307-2 EEC (230V)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X307-2 EEC (230V, coated)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X307-2 EEC (24V)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X307-2 EEC (24V, coated)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X307-2 EEC (2x 230V)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X307-2 EEC (2x 230V, coated)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X307-2 EEC (2x 24V)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X307-2 EEC (2x 24V, coated)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X307-3All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X307-3LDAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X308-2All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X308-2LDAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X308-2LHAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X308-2MAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X308-2M PoEAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X308-2M TSAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X310All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X310FEAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X320-1-2LD FEAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X320-1 FEAll versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE X408-2All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XB-200 familyAll Versions < V3.0 – All Versions < V3.0
- Siemens / SCALANCE XC-200All Versions < V3.0 – All Versions < V3.0
- Siemens / SCALANCE XF-200BAAll Versions < V3.0 – All Versions < V3.0
- Siemens / SCALANCE XF201-3P IRTAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE XF202-2P IRTAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE XF204All versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE XF204-2All versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE XF204-2BA IRTAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE XF204IRTAll Versions < V5.3 – All Versions < V5.3
- Siemens / SCALANCE XF206-1All versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE XF208All versions < V5.2.5 – All versions < V5.2.5
- Siemens / SCALANCE XM-400 familyAll Versions < V6.0 – All Versions < V6.0
- Siemens / SCALANCE XP-200All Versions < V3.0 – All Versions < V3.0
- Siemens / SCALANCE XR-300WG familyAll Versions < V3.0 – All Versions < V3.0
- Siemens / SCALANCE XR324-12M (230V, ports on front)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-12M (230V, ports on rear)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-12M (24V, ports on front)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-12M (24V, ports on rear)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-12M TS (24V)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M EEC (24V, ports on front)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M EEC (24V, ports on rear)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M EEC (2x 24V, ports on front)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M EEC (2x 24V, ports on rear)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M PoE (230V, ports on front)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M PoE (230V, ports on rear)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M PoE (24V, ports on front)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M PoE (24V, ports on rear)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR324-4M PoE TS (24V, ports on front)All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SCALANCE XR-500 familyAll Versions < V6.0 – All Versions < V6.0
- Siemens / SIMATIC CP 1616 and CP 1604All Versions < V2.8 – All Versions < V2.8
- Siemens / SIMATIC CP 343-1All versions – All versions
- Siemens / SIMATIC CP 343-1 AdvancedAll versions – All versions
- Siemens / SIMATIC CP 343-1 ERPCAll versions – All versions
- Siemens / SIMATIC CP 343-1 LeanAll versions – All versions
- Siemens / SIMATIC CP 443-10 – V3.3
- Siemens / SIMATIC CP 443-1 Advanced0 – V3.3
- Siemens / SIMATIC CP 443-1 OPC UAAll versions – All versions
- Siemens / SIMATIC ET 200AL IM 157-1 PNAll versions – All versions
- Siemens / SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 4AO U/I 4xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12All versions – All versions
- Siemens / SIMATIC ET200ecoPN: IO-Link MasterAll versions – All versions
- Siemens / SIMATIC ET 200M IM 153-4 PN IO HF (incl. SIPLUS variants)All versions – All versions
- Siemens / SIMATIC ET 200M IM 153-4 PN IO ST (incl. SIPLUS variants)All versions – All versions
- Siemens / SIMATIC ET 200MP IM 155-5 PN HF0 – V4.2.0
- Siemens / SIMATIC ET 200MP IM 155-5 PN ST0 – V4.1.0
- Siemens / SIMATIC ET 200pro IM 154-3 PN HF0 – *
- Siemens / SIMATIC ET 200pro IM 154-4 PN HFAll versions – All versions
- Siemens / SIMATIC ET200S (incl. SIPLUS variants)All versions – All versions
- Siemens / SIMATIC ET 200SP IM 155-6 PN BA0 – *
- Siemens / SIMATIC ET 200SP IM 155-6 PN HF0 – V4.2.0
- Siemens / SIMATIC ET 200SP IM 155-6 PN ST0 – V4.1.0
- Siemens / SIMATIC ET 200SP IM 155-6 PN ST BA0 – V4.1.0
- Siemens / SIMATIC IPC Support, Package for VxWorks0 – *
- Siemens / SIMATIC MV420 SR-B0 – V7.0.6
- Siemens / SIMATIC MV420 SR-B Body0 – V7.0.6
- Siemens / SIMATIC MV420 SR-P0 – V7.0.6
- Siemens / SIMATIC MV420 SR-P Body0 – V7.0.6
- Siemens / SIMATIC MV440 HR0 – V7.0.6
- Siemens / SIMATIC MV440 SR0 – V7.0.6
- Siemens / SIMATIC MV440 UR0 – V7.0.6
- Siemens / SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)All Versions – All Versions
- Siemens / SIMATIC RF180CAll versions – All versions
- Siemens / SIMATIC RF182CAll versions – All versions
- Siemens / SIMATIC RF600R familyAll versions < V3 – All versions < V3
- Siemens / SIMOTION CAll versions < V4.5 – All versions < V4.5
- Siemens / SIMOTION DAll versions < V4.5 – All versions < V4.5
- Siemens / SIMOTION PAll versions < V4.5 – All versions < V4.5
- Siemens / SINAMICS DCPAll Versions < V1.3 – All Versions < V1.3
- Siemens / SIPLUS ET 200MP IM 155-5 PN HF0 – V4.2.0
- Siemens / SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL0 – V4.2.0
- Siemens / SIPLUS ET 200MP IM 155-5 PN ST0 – V4.1.0
- Siemens / SIPLUS ET 200MP IM 155-5 PN ST TX RAIL0 – V4.1.0
- Siemens / SIPLUS ET 200SP IM 155-6 PN HF0 – V4.2.0
- Siemens / SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL0 – V4.2.0
- Siemens / SIPLUS ET 200SP IM 155-6 PN ST0 – V4.1.0
- Siemens / SIPLUS ET 200SP IM 155-6 PN ST BA0 – V4.1.0
- Siemens / SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL0 – V4.1.0
- Siemens / SIPLUS ET 200SP IM 155-6 PN ST TX RAIL0 – V4.1.0
- Siemens / SIPLUS NET CP 343-1All versions – All versions
- Siemens / SIPLUS NET CP 343-1 AdvancedAll versions – All versions
- Siemens / SIPLUS NET CP 343-1 LeanAll versions – All versions
- Siemens / SIPLUS NET CP 443-10 – V3.3
- Siemens / SIPLUS NET CP 443-1 Advanced0 – V3.3
- Siemens / SIPLUS NET SCALANCE X308-2All versions < V4.1.4 – All versions < V4.1.4
- Siemens / SOFTNET-IE PNIOAll versions – All versions