Privilege Escalation Vulnerability in SIMATIC MV400 Family by Siemens
CVE-2019-10925
7.1HIGH
What is CVE-2019-10925?
A security flaw in the SIMATIC MV400 family allows an authenticated attacker to escalate privileges via specially crafted requests to the device’s integrated webserver. Exploitation of this vulnerability requires valid user credentials and network access to the affected device, but does not need any user interaction. This could compromise the integrity and availability of the system. As of the advisory publication date, no public exploit was reported.
Affected Version(s)
SIMATIC MV400 family All Versions < V7.0.6