CVE-2019-18301

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290,...

CVE-2019-18309

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file system. This vulnerability is independent from...

CVE-2019-18296

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This...

CVE-2019-18322

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system by sending specifically crafted packets to port 5010/tcp. This vulnerability is...

CVE-2019-18313

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server could gain remote code execution by sending specifically crafted objects to one of the RPC services. Please note that an attacker needs to have network acce...

EUVD-2019-8099

Malware in sbrugna...

Siemens SPPA-T3000 MS3000 Migration Server Integer Overflow Vulnerability (CNVD-2019-45383)

SPPA-T3000 is a distributed control system mainly used in thermal power plants and large-scale renewable energy power plants.MS3000 Migration Server is one of the migration servers. An integer overflow vulnerability exists in the Siemens SPPA-T3000 MS3000 Migration Server. An attacker with networ...

Siemens SPPA-T3000 MS3000 Migration Server Integer Overflow Vulnerability (CNVD-2019-45381)

SPPA-T3000 is a distributed control system mainly used in thermal power plants and large-scale renewable energy power plants.MS3000 Migration Server is one of the migration servers. An integer overflow vulnerability exists in the Siemens SPPA-T3000 MS3000 Migration Server. An attacker with networ...

Critical Remote Code-Execution Bugs Threaten Global Power Plants

Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution. The affected product is SPPA-T3000, a distributed control system used fo...

CVE-2019-18328

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability i...

CVE-2019-18326

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability i...

CVE-2019-18327

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability i...

CVE-2019-18330

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server could cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability...

CVE-2019-18325

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability i...

CVE-2019-18323

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server could cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability...

CVE-2019-18324

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability i...

CVE-2019-18313

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server could gain remote code execution by sending specifically crafted objects to one of the RPC services. Please note that an attacker needs to have network acce...

CVE-2019-18321

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system by sending specifically crafted packets to port 5010/tcp. This vulnerability is...

CVE-2019-18322

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system by sending specifically crafted packets to port 5010/tcp. This vulnerability is...

CVE-2019-18302

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290,...