VDB

CVE-2019-18289

CVE-2019-18289 PUBLISHED CVSS 9.800000190734863 CRITICAL

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18293, CVE-2019-18295, and CVE-2019-18296. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

EPSS 6.42% · 91.2th percentile

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
6.42%
91.2th percentile

Affected Products

VendorProductVersions
siemenssppa-t3000_ms3000_migration_server
SiemensSPPA-T3000 MS3000 Migration ServerAll versions

Exploit Intelligence

Timeline

  • Dec 12, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • May 13, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›