CVE-2019-6533

EPSS 1.2%CWE-306

Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166).

Affected products

ICS-CERT · PR100088 Modbus gateway

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05