CVE-2019-10938

🗓️ 02 Aug 2019 13:54:07Reported by siemensType

A vulnerability in Siemens SIPROTEC 5 and Power Meters Series devices could allow unauthenticated attackers to insert and execute arbitrary code

Reporter	Title	Published	Views	Family All 8
CNVD	Siemens SIPROTEC 5 Access Privilege Vulnerability	5 Aug 201900:00	–	cnvd
CVE	CVE-2019-10938	2 Aug 201913:54	–	cve
EUVD	EUVD-2019-2652	7 Oct 202500:30	–	euvd
NVD	CVE-2019-10938	2 Aug 201914:15	–	nvd
Tenable Nessus	Siemens Siprotec Improper Access Control	8 Nov 201900:00	–	nessus
Tenable Nessus	Siemens Siprotec5 Improper Access Control (CVE-2019-10938)	7 Feb 202200:00	–	nessus
Prion	Code injection	2 Aug 201914:15	–	prion
RedhatCVE	CVE-2019-10938	22 May 202504:17	–	redhatcve

[
  {
    "product": "SIPROTEC 5 devices with CPU variants CP200",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V7.59"
      }
    ]
  },
  {
    "product": "SIPROTEC 5 devices with CPU variants CP300 and CP100",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V8.01"
      }
    ]
  },
  {
    "product": "Siemens Power Meters Series 9410",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V2.2.1"
      }
    ]
  },
  {
    "product": "Siemens Power Meters Series 9810",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf

10 Jun 2020 16:17Current

9.4High risk

Vulners AI Score9.4

EPSS0.01495

CWE-284