Podatność CVE-2019-6571


Publikacja: 2019-06-12

Opis:
A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02). An attacker with network access to port 10005/tcp of the LOGO! device could cause a Denial-of-Service condition by sending specially crafted packets. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Typ:

CWE-284

(Improper Access Control)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
7.8/10
6.9/10
10/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Brak
Brak
Pełny
Affected software
Siemens -> 6ed1052-1cc01-0ba8 firmware 
Siemens -> 6ed1052-1fb00-0ba8 firmware 
Siemens -> 6ed1052-1hb00-0ba8 firmware 
Siemens -> 6ed1052-1md00-0ba8 firmware 
Siemens -> 6ed1052-2cc01-0ba8 firmware 
Siemens -> 6ed1052-2fb00-0ba8 firmware 
Siemens -> 6ed1052-2hb00-0ba8 firmware 
Siemens -> 6ed1052-2md00-0ba8 firmware 

 Referencje:
https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdf

Copyright 2024, cxsecurity.com

 

Back to Top