Denial-of-Service Vulnerability in SPPA-T3000 Migration Server by Siemens
CVE-2019-18326

9.8CRITICAL

Key Information:

Vendor: Siemens
Status: Sppa-t3000 Ms3000 Migration Server
Vendor: CVE Published:; 12 December 2019

What is CVE-2019-18326?

A vulnerability exists in the SPPA-T3000 MS3000 Migration Server that enables an attacker with network access to cause a Denial-of-Service condition. By sending specially crafted packets to the server's TCP port 5010, the attacker may also have the potential to gain remote code execution. This vulnerability is not related to other identified vulnerabilities in the same product family. It is crucial for network administrators to implement proper security measures to protect the MS3000 from unauthorized access.

Affected Version(s)

SPPA-T3000 MS3000 Migration Server All versions

References

https://cert-portal.siemens.com/productcert/pdf/ssa-45144...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2019
Vulnerability Reserved
Oct 23, 2019