CVE-2019-6529 Details

CVE-2019-6529

Published: 2020-01-07 21:15:00
CVE Author: NIST National Vulnerability Database (NVD)
Summary:

An attacker could specially craft an FTP request that could crash the PR100088 Modbus gateway versions prior to release R02 (or Software Version 1.1.13166).

Exploitability Analysis:

This is a vulnerability exploitable with network access which means the vulnerable software is bound to the network stack and the attacker does not require local network access or local access to exploit it. Such a vulnerability is often termed “remotely exploitable”.

Exploitability Complexity:

Specialized access conditions or extenuating circumstances do not exist. The following are examples: The affected product typically requires access to a wide range of systems and users, possibly anonymous an untrusted (e.g., Internet-facing web or mail server). The affected configuration is default or ubiquitous. The attack can be performed manually and requires little skill or additional information gathering. The 'race condition' is a lazy one (i.e., it is technically a race but easily winnable).

Authentication:

One instance of authentication is required to access and exploit the vulnerability.

Confidentiality Impact:

There is no impact to the confidentiality of the system.

Integrity Impact:

There is no impact to the integrity of the system.

Availability Impact:

There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

CVE-2019-6529

Search
Impact
Medium
CVSS Score
6.8
Exploitable
Remotely Exploitable

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage 137,529 vulnerabilities.