CVE-2019-6571
Last modified
CVE-2019-6571 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02). An attacker with network access to port 10005/tcp of the LOGO! device could cause a Denial-of-Service condition by sending specially crafted packets. EPSS estimates a 1.60% chance of exploitation in the next 30 days.
Description
A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02). An attacker with network access to port 10005/tcp of the LOGO! device could cause a Denial-of-Service condition by sending specially crafted packets. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Logo\!8 Firmware | >= 1.80.00, <= 1.81.00 |
| Siemens | Logo\!8 Firmware | < 1.82.00 |
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdfPatch, Vendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdfPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-6571?
How severe is CVE-2019-6571?
How do I fix CVE-2019-6571?
Are you affected by CVE-2019-6571?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST