Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server by Siemens
CVE-2019-18324
9.8CRITICAL
Key Information:
- Vendor
- Siemens
- Vendor
- CVE Published:
- 12 December 2019
Summary
A vulnerability in the SPPA-T3000 MS3000 Migration Server allows an attacker with network access to disrupt service availability and potentially execute arbitrary code. By sending specially crafted packets to the server's listening port (5010/tcp), the attacker can induce a Denial-of-Service condition. Exploitation of this flaw necessitates accessible network permissions, and there have been no known public exploits at the time of this announcement. It is critical for users to secure their network environments to mitigate potential risks.
Affected Version(s)
SPPA-T3000 MS3000 Migration Server All versions
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved