7.5

CVE-2019-10953

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AbbPm554-tp-eth Firmware Version-
   AbbPm554-tp-eth Version-
Schneider-electricModicon M221 Firmware Version < 1.10.0.0
   Schneider-electricModicon M221 Version-
WagoKnx Ip Firmware Version-
   WagoKnx Ip Version-
WagoPfc100 Firmware Version-
   WagoPfc100 Version-
WagoEthernet Firmware Version-
   WagoEthernet Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.67% 0.882
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

http://www.securityfocus.com/bid/108413
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-19-106-03
Third Party Advisory
US Government Resource
Mitigation
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2019/icsa-19-106-03.json