Rewterz Threat Advisory – CVE-2019-6822 – Schneider Electric Zelio Soft 2 Remote Code Execution vulnerability
July 10, 2019Rewterz Threat Advisory – CVE-2019-5630 – Nexpose Security Console Cross-Site Request Forgery Vulnerability
July 10, 2019Rewterz Threat Advisory – CVE-2019-6822 – Schneider Electric Zelio Soft 2 Remote Code Execution vulnerability
July 10, 2019Rewterz Threat Advisory – CVE-2019-5630 – Nexpose Security Console Cross-Site Request Forgery Vulnerability
July 10, 2019Severity
Medium
Analysis Summary
CVE-2019-10930
A remote attacker could use specially crafted packets sent to Port 443/TCP to upload, download, or delete files in certain parts of the file system.
CVE-2019-10931
Specially crafted packets sent to Port 443/TCP could cause a denial-of-service condition.
Impact
Denial of service
Affected Vendors
Siemens
Affected Products
SIPROTEC 5 and DIGISI 5
Remediation
Siemens recommends users upgrade to V7.90.