Siemens Ek-Ertec 200P Firmware vulnerabilities

CVE-2019-13946 [HIGH] CWE-400 CVE-2019-13946: Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation wh Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be

CVE-2019-10936 [HIGH] CWE-400 CVE-2019-10936: Affected devices improperly handle large amounts of specially crafted UDP packets. This could all Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.

CVE-2019-10923 [HIGH] CWE-400 CVE-2019-10923: An attacker with network access to an affected product may cause a denial of service condition by br An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation.

CVE-2017-12741 [HIGH] CWE-400 CVE-2017-12741: Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affect Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.