Unrated severityNVD Advisory· Published Jun 12, 2019· Updated Aug 4, 2024
CVE-2019-10925
CVE-2019-10925
Description
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<7.0.6+ 1 more
- (no CPE)range: <7.0.6
- (no CPE)range: All Versions < V7.0.6
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/108725mitrevdb-entryx_refsource_BID
- cert-portal.siemens.com/productcert/pdf/ssa-816980.pdfmitrex_refsource_MISC
- ics-cert.us-cert.gov/advisories/ICSA-19-162-02mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.