← volver
CVE-2019-13923

CVE-2019-13923

EPSS 1.1%CWE-80
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
13 sep 2019Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions). The integrated configuration web server of the affected device could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known.
Productos afectados
Siemens AG · IE/WSN-PA Link WirelessHART Gateway

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://cert-portal.siemens.com/productcert/pdf/ssa-191683.pdfhttps://www.us-cert.gov/ics/advisories/icsa-19-253-04