CVE-2019-19277
N/A
N/A
Summary
A vulnerability has been identified in SIPORT MP (All versions < 3.1.4). Vulnerable versions of the device allow the creation of special accounts ("service users") with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of the system, such as granting persons access to a secured area.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens AG | SIPORT MP | All versions < 3.1.4 | affected |
Weaknesses
- CWE-778: CWE-778: Insufficient Logging
ADP Enrichment
CVE Program Container
Additional References
- https://cert-portal.siemens.com/productcert/pdf/ssa-978558.pdf
- https://www.us-cert.gov/ics/advisories/icsa-20-042-08
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-978558.pdf
- https://www.us-cert.gov/ics/advisories/icsa-20-042-08
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.