CVE-2019-6533

Summary

Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166).

Affected Software

VendorProductVersion RangeStatus
ICS-CERTPR100088 Modbus gatewayAll versions prior to Release R02 (or Software Version 1.1.13166)affected

Weaknesses

  • CWE-306: MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306

ADP Enrichment

CVE Program Container

Additional References

References