VYPR
Unrated severityNVD Advisory· Published Mar 10, 2020· Updated Aug 4, 2024

CVE-2019-5158

CVE-2019-5158

Description

An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software v1.6.1.5. A specially crafted firmware update file can allow an attacker to install an older firmware version while the user thinks a newer firmware version is being installed. An attacker can create a custom firmware update package with invalid metadata in order to trigger this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Agentejo/Cockpitllm-fuzzy
    Range: = 1.6.1.5
  • Wago/WAGO e!COCKPITv5
    Range: 1.6.1.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.