CVE-2019-10926

CVE-2019-10926

Vendor Siemens
Product SIMATIC MV400 family
Weakness CWE-319 · Cleartext transmission
Published June 12, 2019
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted.

Key dates

02Disclosure timeline

June 12, 2019 CVE published
August 4, 2024 Record updated