Security readout for executives and security teams
Plain-English summary
This CVE affects many Siemens industrial controllers and PROFINET-connected modules using an Interniche-based TCP stack. A remote, unauthenticated attacker could make the device spend excessive processing effort on incoming packets, causing a denial of service. The business risk is operational disruption where these devices support production, safety, or building automation workflows.
Executive priority
Prioritize environments where affected Siemens devices control production, safety, doors, drives, or distributed I/O. The issue is availability-focused, but remote unauthenticated denial of service can still create material operational risk in industrial settings.
Technical view
The issue is CWE-400 uncontrolled resource consumption in the Interniche-based TCP stack. CVSS 3.1 is 7.5: network attack vector, low complexity, no privileges, no user interaction, and high availability impact only. The supplied data names many Siemens SIMATIC, SIPLUS, SIDOOR, SINAMICS, and PROFINET development or evaluation products.
Likely exposure
Exposure is most likely in OT environments running affected Siemens SIMATIC S7, ET 200, SIPLUS, SINAMICS, SIDOOR, or PROFINET evaluation devices on reachable industrial networks. Internet exposure is not stated in the sources and should be verified asset by asset.
Exploitation context
The source bundle marks CISA KEV as false, and no cited source states active exploitation. The CVSS temporal vector lists proof-of-concept exploit maturity, but the bundle does not provide exploit details. Treat this as a credible remote availability risk, not confirmed in-the-wild exploitation.
Researcher notes
The supplied evidence is strong for vulnerability class, impact, CVSS, and broad affected Siemens scope. It is incomplete for exact fixed versions in this prompt excerpt. Use Siemens SSA-593272 as the authoritative source for per-product remediation and avoid assuming unsupported fixes.
Mitigation direction
- Identify affected Siemens product families and exact firmware versions in OT asset inventory.
- Review Siemens SSA-593272 for product-specific updates, mitigations, and lifecycle guidance.
- Apply vendor-supported firmware or software updates where available and operationally approved.
- Restrict network access to affected devices from untrusted or non-operational networks.
- Use OT segmentation and monitoring to reduce denial-of-service blast radius.
Validation and detection
- Compare deployed Siemens model numbers and versions against the Siemens advisory affected list.
- Verify whether affected devices are reachable from corporate, remote-access, or external networks.
- Confirm vendor update status and compensating controls for each affected asset.
- Review monitoring for unusual traffic volume or availability events affecting Siemens OT devices.
Public sources used
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
CWE-400: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
Open ATT&CK lookupCVE-2019-19300 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
Open ATT&CK lookup- Severity
- High
- CVSS
- 7.5 (3.1)
- Known Exploited
- No
- Published
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CNA and ADP enrichment extracted from CVE v5
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
CVSS vector scores
1 official scoreWe collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C3.93.6Primary CVE scoreVulnerability scoring details
Base CVSS 3.1 score
7.5HighVector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Source materials
- CVE List V5 sourceCVE List V5
- https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdfCVE reference
- https://cert-portal.siemens.com/productcert/html/ssa-593272.htmlCVE reference
Products and packages named in the record
CWE details
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
Uncontrolled Resource Consumption
Uncontrolled Resource Consumption represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.
