CVE-2019-10926

🗓️ 12 Jun 2019 13:47:56Reported by siemensType

Vulnerability in SIMATIC MV400 family (All Versions < V7.0.6). Unencrypted communication allows eavesdropping, compromising data confidentiality

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of the microprogramming software of the Simatic Ident industrial identification and positioning system, due to the lack of encryption, allows attackers to gain access to the data.	18 Jul 201900:00	–	bdu_fstec
CNVD	Siemens SIMATIC Ident MV420 and Siemens SIMATIC Ident MV440 Information Disclosure Vulnerability	12 Jun 201900:00	–	cnvd
Cvelist	CVE-2019-10926	12 Jun 201913:47	–	cvelist
EUVD	EUVD-2019-2640	7 Oct 202500:30	–	euvd
ICS	Siemens SIMATIC Ident MV440 Family (Update A)	11 Jun 201900:00	–	ics
NCSC	Vulnerabilities fixed in Siemens Simatic	9 Mar 202100:00	–	ncsc
NVD	CVE-2019-10926	12 Jun 201914:29	–	nvd
Prion	Privilege escalation	12 Jun 201914:29	–	prion
RedhatCVE	CVE-2019-10926	22 May 202510:25	–	redhatcve

NVD

Node

siemens simatic_mv420_firmware

AND

siemens simatic_mv420Match-

Node

siemens simatic_mv440_firmware

AND

siemens simatic_mv440Match-

[
  {
    "product": "SIMATIC MV400 family",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions <  V7.0.6"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/108725
ics-cert	www.ics-cert.us-cert.gov/advisories/ICSA-19-162-02
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf

17 Jun 2026 02:11Current

5.1Medium risk

Vulners AI Score5.1

CVSS 22.6

CVSS 35.3

EPSS0.01548