CVE-2019-10923 HIGH

CVE-2019-10923

Vendor Siemens

Product Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller

Weakness CWE-400

Published October 10, 2019

Last update February 11, 2025

View on NVD All CVEs

CVSS base score

7.5/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

What the vulnerability does

01Description

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

Key dates

02Disclosure timeline

October 10, 2019 CVE published

February 11, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-10923 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/400.html

Related vulnerabilities

Identifiers

CVE CVE-2019-10923

CWE CWE-400

CVSS 7.5 / HIGH

Affected versions

Vendor Siemens

Product Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller

Affected All versions < V4.1.1 Patch 05

Vendor Siemens

Product Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200

Affected All versions < V4.5.0 Patch 01

Vendor Siemens

Product Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P

Affected All versions < V4.5.0

Vendor Siemens

Product SCALANCE X-200IRT family (incl. SIPLUS NET variants)

Affected All versions < V5.2.1

Vendor Siemens

Product SIMATIC CP 1604

Affected All versions < V2.8

Vendor Siemens

Product SIMATIC CP 1616

Affected All versions < V2.8

Vendor Siemens

Product SIMATIC ET 200M (incl. SIPLUS variants)

Affected All versions

Vendor Siemens

Product SIMATIC ET 200MP IM 155-5 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIMATIC ET 200MP IM 155-5 PN ST

Affected < V4.1.0

Vendor Siemens

Product SIMATIC ET 200pro IM 154-3 PN HF

Affected < *

Vendor Siemens

Product SIMATIC ET 200pro IM 154-4 PN HF

Affected < *

Vendor Siemens

Product SIMATIC ET 200pro IM 154-8 PN/DP CPU

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC ET 200pro IM 154-8F PN/DP CPU

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC ET 200pro IM 154-8FX PN/DP CPU

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC ET 200S IM 151-8 PN/DP CPU

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC ET 200S IM 151-8F PN/DP CPU

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC ET 200SP IM 155-6 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIMATIC ET 200SP IM 155-6 PN ST

Affected < V4.1.0

Vendor Siemens

Product SIMATIC ET 200SP IM 155-6 PN ST BA

Affected < V4.1.0

Vendor Siemens

Product SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 4AO U/I 4xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12

Affected All versions

Vendor Siemens

Product SIMATIC ET200ecoPN: IO-Link Master

Affected All versions

Vendor Siemens

Product SIMATIC ET200S (incl. SIPLUS variants)

Affected All versions

Vendor Siemens

Product SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)

Affected All versions

Vendor Siemens

Product SIMATIC S7-300 CPU 314C-2 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC S7-300 CPU 315-2 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC S7-300 CPU 315F-2 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC S7-300 CPU 315T-3 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC S7-300 CPU 317-2 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC S7-300 CPU 317F-2 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC S7-300 CPU 317T-3 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC S7-300 CPU 317TF-3 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC S7-300 CPU 319-3 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC S7-300 CPU 319F-3 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIMATIC S7-400 CPU 412-2 PN V7

Affected < V7.0.3

Vendor Siemens

Product SIMATIC S7-400 CPU 414-3 PN/DP V7

Affected < V7.0.3

Vendor Siemens

Product SIMATIC S7-400 CPU 414F-3 PN/DP V7

Affected < V7.0.3

Vendor Siemens

Product SIMATIC S7-400 CPU 416-3 PN/DP V7

Affected < V7.0.3

Vendor Siemens

Product SIMATIC S7-400 CPU 416F-3 PN/DP V7

Affected < V7.0.3

Vendor Siemens

Product SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)

Affected < *

Vendor Siemens

Product SIMATIC WinAC RTX 2010

Affected All versions < V2010 SP3

Vendor Siemens

Product SIMATIC WinAC RTX F 2010

Affected All versions < V2010 SP3

Vendor Siemens

Product SIMOTION

Affected All versions

Vendor Siemens

Product SINAMICS DCM

Affected All versions < V1.5 HF1

Vendor Siemens

Product SINAMICS DCP

Affected All versions < V1.3

Vendor Siemens

Product SINAMICS G110M V4.7 Control Unit

Affected All versions < V4.7 SP10 HF5

Vendor Siemens

Product SINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants)

Affected All versions < V4.7 SP10 HF5

Vendor Siemens

Product SINAMICS G130

Affected < V4.7 HF29

Vendor Siemens

Product SINAMICS G150

Affected < V4.7 HF29

Vendor Siemens

Product SINAMICS GH150 V4.7 Control Unit

Affected All versions

Vendor Siemens

Product SINAMICS GL150 V4.7 Control Unit

Affected All versions

Vendor Siemens

Product SINAMICS GM150 V4.7 Control Unit

Affected All versions

Vendor Siemens

Product SINAMICS S110 Control Unit

Affected All versions

Vendor Siemens

Product SINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants)

Affected All versions < V4.7 HF34

Vendor Siemens

Product SINAMICS S150

Affected < V4.7 HF29

Vendor Siemens

Product SINAMICS SL150 V4.7 Control Unit

Affected All versions < V4.7 HF33

Vendor Siemens

Product SINAMICS SM120 V4.7 Control Unit

Affected All versions

Vendor Siemens

Product SINUMERIK 828D

Affected All versions < V4.8 SP5

Vendor Siemens

Product SINUMERIK 840D sl

Affected All versions < V4.8 SP5

Vendor Siemens

Product SIPLUS ET 200MP IM 155-5 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200MP IM 155-5 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200MP IM 155-5 PN ST

Affected < V4.1.0

Vendor Siemens

Product SIPLUS ET 200MP IM 155-5 PN ST TX RAIL

Affected < V4.1.0

Vendor Siemens

Product SIPLUS ET 200S IM 151-8 PN/DP CPU

Affected All versions < V3.2.17

Vendor Siemens

Product SIPLUS ET 200S IM 151-8F PN/DP CPU

Affected All versions < V3.2.17

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN HF

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL

Affected < V4.2.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN ST

Affected < V4.1.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN ST BA

Affected < V4.1.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN ST BA TX RAIL

Affected < V4.1.0

Vendor Siemens

Product SIPLUS ET 200SP IM 155-6 PN ST TX RAIL

Affected < V4.1.0

Vendor Siemens

Product SIPLUS S7-300 CPU 314C-2 PN/DP

Affected All versions < V3.3.17

Vendor Siemens

Product SIPLUS S7-300 CPU 315-2 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIPLUS S7-300 CPU 315F-2 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIPLUS S7-300 CPU 317-2 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIPLUS S7-300 CPU 317F-2 PN/DP

Affected All versions < V3.2.17

Vendor Siemens

Product SIPLUS S7-400 CPU 414-3 PN/DP V7

Affected < V7.0.3

Vendor Siemens

Product SIPLUS S7-400 CPU 416-3 PN/DP V7

Affected < V7.0.3

CVE-2019-10923

01Description

02Disclosure timeline

03References

04Related CVE