Vulnerabilities > Siemens > EK Ertec 200 Firmware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-11 | CVE-2019-13946 | Resource Exhaustion vulnerability in Siemens products Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. | 7.5 |
2019-10-10 | CVE-2019-10936 | Resource Exhaustion vulnerability in Siemens products Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition. | 7.5 |
2019-10-10 | CVE-2019-10923 | Resource Exhaustion vulnerability in Siemens products An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation. | 7.5 |