← volver
CVE-2019-10938

CVE-2019-10938

EPSS 1.5%CWE-284
A vulnerability has been identified in SIPROTEC 5 devices with CPU variants CP200 (All versions < V7.59), SIPROTEC 5 devices with CPU variants CP300 and CP100 (All versions < V8.01), Siemens Power Meters Series 9410 (All versions < V2.2.1), Siemens Power Meters Series 9810 (All versions). An unauthenticated attacker with network access to the device could potentially insert arbitrary code which is executed before firmware verification in the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
Productos afectados
Siemens AG · Siemens Power Meters Series 9410Siemens AG · Siemens Power Meters Series 9810Siemens AG · SIPROTEC 5 devices with CPU variants CP200Siemens AG · SIPROTEC 5 devices with CPU variants CP300 and CP100

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf