CVE-2019-10928

EPSS 0.13%
Veröffentlicht 13.08.2019 19:15:14
Zuletzt bearbeitet 21.11.2024 04:20:10
Quelle productcert@siemens.com
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability has been identified in SCALANCE SC-600 (V2.0). An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by an authenticated attacker with physical access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the confidentiality, integrity and availability of the affected device.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Siemens ≫ Scalance Sc-600 Firmware Version2.0

Siemens ≫ Scalance Sc-600 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.335

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.6	0.7	5.9	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-703 Improper Check or Handling of Exceptional Conditions

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

https://cert-portal.siemens.com/productcert/pdf/ssa-671286.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-10928

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-10928

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-10928

EUVD