7.5
CVE-2019-10953
- EPSS 3.67%
- Veröffentlicht 17.04.2019 15:29:00
- Zuletzt bearbeitet 04.06.2026 20:16:53
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Abb ≫ Pm554-tp-eth Firmware Version-
Phoenixcontact ≫ Ilc 151 Eth Firmware Version-
Schneider-electric ≫ Modicon M221 Firmware Version < 1.10.0.0
Siemens ≫ 6es7211-1ae40-0xb0 Firmware Version-
Siemens ≫ 6es7314-6eh04-0ab0 Firmware Version-
Siemens ≫ 6ed1052-1cc01-0ba8 Firmware Version-
Wago ≫ Knx Ip Firmware Version-
Wago ≫ Pfc100 Firmware Version-
Wago ≫ Ethernet Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.67% | 0.882 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
http://www.securityfocus.com/bid/108413
https://ics-cert.us-cert.gov/advisories/ICSA-19-106-03
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2019/icsa-19-106-03.json