Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-10943
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V20.8), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-1500 Software Controller (All versions >= V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC S7-PLCSIM Advanced (All versions >= V3.0). An attacker with network access to port 102/tcp could potentially modify the user program on the PLC in a way that the running code is different from the source code which is stored on the device. An attacker must have network access to affected devices and must be able to perform changes to the user program. The vulnerability could impact the perceived integrity of the user program stored on the CPU. An engineer that tries to obtain the code of the user program running on the device, can receive different source code that is not actually running on the device.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
缺失完整性检查支持
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Siemens产品数据伪造问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens SIMATIC ET200 Open Controller CPU 1515SP PC2是德国西门子(Siemens)公司的一款逻辑控制器。 多款Siemens产品中存在数据伪造问题漏洞。该漏洞源于网络系统或产品未充分验证数据的来源或真实性。攻击者可利用伪造的数据进行攻击。以下产品和版本受到影响:SIMATIC ET 200SP Open Controller CPU。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
SiemensSIMATIC Drive Controller family All versions -
SiemensSIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) All versions -
SiemensSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) All versions < V20.8 -
SiemensSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) All versions >= V20.8 -
SiemensSIMATIC S7-1200 CPU family (incl. SIPLUS variants) All versions < V4.4.0 -
SiemensSIMATIC S7-1200 CPU family (incl. SIPLUS variants) All versions >= V4.4.0 -
SiemensSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) All versions < V2.8.1 -
SiemensSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) All versions >= V2.8.1 -
SiemensSIMATIC S7-1500 Software Controller All versions < V20.8 -
SiemensSIMATIC S7-1500 Software Controller All versions >= V20.8 -
SiemensSIMATIC S7-PLCSIM Advanced All versions < V3.0 -
SiemensSIMATIC S7-PLCSIM Advanced All versions >= V3.0 -
II. Public POCs for CVE-2019-10943
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2019-10943
Please Login to view more intelligence information
New Vulnerabilities
Product: SIMATIC Drive Controller family
Vendor: Siemens
Same weakness: CWE-353
V. Comments for CVE-2019-10943

No comments yet

Leave a comment