QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2019-10925

Back to search

CVE-2019-10925

Published: Jun 12, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

VendorProductVersions

Siemens

SIMATIC MV400 family

affected
All Versions < V7.0.6

Weaknesses (CWE)

CWE-284

References

108725
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now