Vulnerabilities > Siemens > Simatic Et200Sp Im155 6 PN Basic Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-02-11 CVE-2019-13946 Resource Exhaustion vulnerability in Siemens products
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device.
network
low complexity
siemens CWE-400
7.5