The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior.

The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior.

Matching for this plugin is performed on model name, as they are listed in the Siemens advisory. For the exact MLFBs matching, please refer to the Siemens ssa-557804. 

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

A vulnerability has been identified in Siemens SCALANCE X-200 < v5.2.4, XP/XC/XF-200 < v4.1, and X-300 all versions. This vulnerability may be exploited by an attacker with network access to the traffic-receiving network. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the confidentiality and availability of the traffic-generating network.

ID	Name	Product	Family	Severity
501032	Siemens SCALANCE X Expected Behavior Violation (CVE-2019-6569)	Tenable OT Security	Tenable.ot	critical
720273	Siemens SCALANCE X-200 < v5.2.4, XP/XC/XF-200 < v4.1, X-300 all versions (ICSA-19-085-01)	Nessus Network Monitor	SCADA	critical

Detections

Analytics

CVE-2019-6569

critical

Tenable Plugins

critical

critical