CVE-2019-10953
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/04/2019
Last modified:
31/01/2022
Description
ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:abb:pm554-tp-eth_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:abb:pm554-tp-eth:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:phoenixcontact:ilc_151_eth_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:phoenixcontact:ilc_151_eth:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:schneider-electric:modicon_m221_firmware:*:*:*:*:*:*:*:* | 1.10.0.0 (excluding) | |
cpe:2.3:h:schneider-electric:modicon_m221:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:siemens:6es7211-1ae40-0xb0_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:siemens:6es7211-1ae40-0xb0:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:siemens:6es7314-6eh04-0ab0_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:siemens:6es7314-6eh04-0ab0:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:siemens:6ed1052-1cc01-0ba8_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:siemens:6ed1052-1cc01-0ba8:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:wago:knx_ip_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:knx_ip:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:wago:pfc100_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page