← Volver a CVEs
CVE-2019-6527
CRITICAL9.8
Descripcion
PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado2/12/2019
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
kunbus:pr100088_modbus_gatewaykunbus:pr100088_modbus_gateway_firmware
Debilidades (CWE)
CWE-287CWE-287
Referencias
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05(ics-cert@hq.dhs.gov)
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.