CVE & CISA-KEV Catalog

CVE-2019-10923

HIGH
7.5
CVSS v3
NVD

Description

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

How to fix

Remediation Available
cp1604 firmwareNVD
Affected:< 2.8Fixed in:2.8CVE-2019-10923derived from NVD
cp1616 firmwareNVD
Affected:< 2.8Fixed in:2.8CVE-2019-10923derived from NVD
dk standard ethernet controller firmwareNVD
Affected:< 4.1.1Fixed in:4.1.1CVE-2019-10923derived from NVD
ek-ertec 200 firmwareNVD
Affected:< 4.5.0Fixed in:4.5.0CVE-2019-10923derived from NVD
ek-ertec 200p firmwareNVD
Affected:< 4.5.0Fixed in:4.5.0CVE-2019-10923derived from NVD
scalance x-200irt firmwareNVD
Affected:< 5.2.1Fixed in:5.2.1CVE-2019-10923derived from NVD
simatic s7-300 cpu 312 ifm firmwareNVD
Affected:< 3.3.17Fixed in:3.3.17CVE-2019-10923derived from NVD
simatic s7-300 cpu 313 firmwareNVD
Affected:< 3.3.17Fixed in:3.3.17CVE-2019-10923derived from NVD
simatic s7-300 cpu 314 firmwareNVD
Affected:< 3.3.17Fixed in:3.3.17CVE-2019-10923derived from NVD
simatic s7-300 cpu 314 ifm firmwareNVD
Affected:< 3.3.17Fixed in:3.3.17CVE-2019-10923derived from NVD
simatic s7-300 cpu 315-2 dp firmwareNVD
Affected:< 3.3.17Fixed in:3.3.17CVE-2019-10923derived from NVD
simatic s7-300 cpu 315 firmwareNVD
Affected:< 3.3.17Fixed in:3.3.17CVE-2019-10923derived from NVD
simatic s7-300 cpu 316-2 dp firmwareNVD
Affected:< 3.3.17Fixed in:3.3.17CVE-2019-10923derived from NVD
simatic s7-300 cpu 318-2 firmwareNVD
Affected:< 3.3.17Fixed in:3.3.17CVE-2019-10923derived from NVD
simatic s7-300 cpu firmwareNVD
Affected:< 3.3.17Fixed in:3.3.17CVE-2019-10923derived from NVD
simatic winac rtx \(f\) firmwareNVD
Affected:< 2010Fixed in:2010CVE-2019-10923derived from NVD
sinamics dcm firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2019-10923derived from NVD
sinamics dcp firmwareNVD
Affected:< 1.3Fixed in:1.3CVE-2019-10923derived from NVD
sinamics g110m firmwareNVD
Affected:< 4.7Fixed in:4.7CVE-2019-10923derived from NVD
sinamics g120 firmwareNVD
Affected:< 4.7Fixed in:4.7CVE-2019-10923derived from NVD
sinamics g130 firmwareNVD
Affected:< 4.7Fixed in:4.7CVE-2019-10923derived from NVD
sinamics g150 firmwareNVD
Affected:< 4.8Fixed in:4.8CVE-2019-10923derived from NVD
sinamics gh150 firmwareNVD
Affected:< 4.8Fixed in:4.8CVE-2019-10923derived from NVD
sinamics gl150 firmwareNVD
Affected:< 4.8Fixed in:4.8CVE-2019-10923derived from NVD
sinamics gm150 firmwareNVD
Affected:< 4.8Fixed in:4.8CVE-2019-10923derived from NVD
sinamics s120 firmwareNVD
Affected:< 4.7Fixed in:4.7CVE-2019-10923derived from NVD
sinamics s150 firmwareNVD
Affected:< 4.8Fixed in:4.8CVE-2019-10923derived from NVD
sinamics sl150 firmwareNVD
Affected:< 4.7Fixed in:4.7CVE-2019-10923derived from NVD
sinumerik 828dNVD
Affected:< 4.8Fixed in:4.8CVE-2019-10923derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

1.40%probability of exploitation in 30 days
69thpercentile

Moderate risk: more likely to be exploited than 69% of all known CVEs.

References

Vendor Advisory1
Other references1

Related Vulnerabilities

Other CWE-400 (Resource Exhaustion) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-44487High7.5100%KEVFix
CVE-2021-44228Critical10.0100%KEV + RansomFix
CVE-2011-3192High7.899%-Fix
CVE-2019-11478Medium5.395%-Fix
CVE-2024-25617Medium5.389%-Fix
CVE-2018-1000115High7.589%-Fix
Embed a live status badge for CVE-2019-10923
CVE-2019-10923 severity badge

Markdown

[![CVE-2019-10923](https://tridentstack.com/cve/badge/CVE-2019-10923.svg)](https://tridentstack.com/cve/CVE-2019-10923)

HTML

<a href="https://tridentstack.com/cve/CVE-2019-10923"><img src="https://tridentstack.com/cve/badge/CVE-2019-10923.svg" alt="CVE-2019-10923"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.