Vulnetix
Try Vulnetix Request Demo
CVE-2019-6580 PUBLISHED CVSS 9.800000190734863 CRITICAL

A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). An attacker with network access to port 80/TCP could change device properties without authorization. No user interaction is required to exploit this security vulnerability. Successful exploitation compromises confidentiality, integrity and availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

EPSS 0.38% · 59.2th percentile

Risk Scores

CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.38%
59.2th percentile

Affected Products

VendorProductVersions
Siemens AGSiveillance VMS 2019 R1All versions < V13.1a
Siemens AGSiveillance VMS 2017 R2All versions < V11.2a
Siemens AGSiveillance VMS 2018 R3All versions < V12.3a
Siemens AGSiveillance VMS 2018 R2All versions < V12.2a
siemenssiveillance_video_management_software_2018_r30
siemenssiveillance_video_management_software_2019_r10
Siemens AGSiveillance VMS 2018 R1All versions < V12.1a
siemenssiveillance_video_management_software_2018_r20
siemenssiveillance_video_management_software_2018_r10
siemenssiveillance_video_management_software_2017_r20

Timeline

References

Open in Interactive Console →