VDB

CVE-2019-6580

CVE-2019-6580 PUBLISHED CVSS 9.800000190734863 CRITICAL

A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). An attacker with network access to port 80/TCP could change device properties without authorization. No user interaction is required to exploit this security vulnerability. Successful exploitation compromises confidentiality, integrity and availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

EPSS 0.38% · 59.8th percentile

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.38%
59.8th percentile

Affected Products

VendorProductVersions
Siemens AGSiveillance VMS 2019 R1All versions < V13.1a
Siemens AGSiveillance VMS 2017 R2All versions < V11.2a
Siemens AGSiveillance VMS 2018 R3All versions < V12.3a
Siemens AGSiveillance VMS 2018 R2All versions < V12.2a
siemenssiveillance_video_management_software_2018_r30
siemenssiveillance_video_management_software_2019_r10
Siemens AGSiveillance VMS 2018 R1All versions < V12.1a
siemenssiveillance_video_management_software_2018_r20
siemenssiveillance_video_management_software_2018_r10
siemenssiveillance_video_management_software_2017_r20

Exploit Intelligence

Timeline

  • Jun 11, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›