VDB
ICSA-19-134-07
ICSA-19-134-07
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Successful exploitation of these vulnerabilities could allow an attacker execute arbitrary commands within the underlying operating system, discover sensitive information, take administrative actions on the device, or expose session cookies for an administrative session.
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SCALANCE W1750D: All versions < V8.4.0.1 |
Exploit Intelligence
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-134-07.json (circl)
- https://www.cisa.gov/news-events/ics-advisories/icsa-19-134-07 (circl)
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 (circl)
- https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf (circl)
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B (circl)
- https://cert-portal.siemens.com/productcert/txt/SSA-549547.txt (circl)
- https://support.industry.siemens.com/cs/us/en/view/109766816/ (circl)
Timeline
- May 14, 2019 CVE Published
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-134-07.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-19-134-07 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url
- https://cert-portal.siemens.com/productcert/txt/SSA-549547.txt url
- https://support.industry.siemens.com/cs/us/en/view/109766816/ fix