CVE-2019-13929 Vulnerability Details

  /     /     /  

CVE-2019-13929 Metadata Quick Info

CVE Published: 10/10/2019 | CVE Updated: 05/08/2024 | CVE Year: 2019
Source: siemens | Vendor: Siemens AG | Product: SIMATIC IT UADM
Status : PUBLISHED

---

CVE-2019-13929 Description

A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write access to the related TeamCenter station. The security vulnerability could be exploited only if the attacker is authenticated. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises the confidentiality of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-321
CWE Name: CWE-321: Use of Hard-coded Cryptographic Key
Source: Siemens AG

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).