EUVD-2019-16394

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Format String vulnerability in U.motion Server could allow arbitrary command execution by attackers.

Reporter	Title	Published	Views	Family All 8
CNVD	Multiple Schneider Electric Products Formatting String Error Vulnerability	23 Sep 201900:00	–	cnvd
CVE	CVE-2019-6840	17 Sep 201919:19	–	cve
Cvelist	CVE-2019-6840	17 Sep 201919:19	–	cvelist
NVD	CVE-2019-6840	17 Sep 201920:15	–	nvd
OSV	CVE-2019-6840	17 Sep 201920:15	–	osv
Prion	Format string	17 Sep 201920:15	–	prion
Positive Technologies	PT-2019-18375 · U.Motion · U.Motion Server	17 Sep 201900:00	–	ptsecurity
RedhatCVE	CVE-2019-6840	22 May 202510:18	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "0c3f03ad-bd0b-356a-9857-1d4c60522325",
        "vendor": {
          "name": "Schneider Electric SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "24521aab-b67f-38b1-b16f-4fc26bf3835d",
        "product": {
          "name": "U.motion Server"
        },
        "product_version": "Touch 15"
      },
      {
        "id": "4b7dbfc7-bbbd-3e02-a9e8-af93a80c9d4d",
        "product": {
          "name": "U.motion Server"
        },
        "product_version": "MEG6501-0002 - U.motion KNX Server Plus"
      },
      {
        "id": "d81b0bbc-d900-35f7-9140-82eb0ecf0e18",
        "product": {
          "name": "U.motion Server"
        },
        "product_version": "MEG6260-0415 - U.motion KNX Server Plus"
      },
      {
        "id": "f14d5b0d-5535-31ea-b090-90fbf1d4f419",
        "product": {
          "name": "U.motion Server"
        },
        "product_version": "MEG6501-0001 - U.motion KNX server"
      },
      {
        "id": "f295e857-5317-398e-b59b-920a0f6a3723",
        "product": {
          "name": "U.motion Server"
        },
        "product_version": "MEG6260-0410 - U.motion KNX Server Plus"
      },
      {
        "id": "fab5cd9d-68cd-3874-9c20-b50cc178eb67",
        "product": {
          "name": "U.motion Server"
        },
        "product_version": "Touch 10"
      }
    ]
  }
]

Source	Link
schneider-electric	www.schneider-electric.com/ww/en/download/document/SEVD-2019-253-01
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

9.2High risk

Vulners AI Score9.2

CVSS 3.19.8

CVSS 27.5

EPSS0.00504