CVE-2019-13921

A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large HTTP request is sent to the executing service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the service provided by the software. At the time of advisory publication no public exploitation of this security vulnerability was known.

Published : 2019-10-10 14:15 Updated : 2019-10-15 21:30

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Siemens Simatic Winac Rtx %28f%29 2010 cpe:/a:siemens:simatic_winac_rtx_%28f%29_2010
  1. Siemens (1) Search CVE
    1. Simatic Winac Rtx %28f%29 2010 (1) Search CVE

CWE

ID Name Description Links
CWE-287 Improper Authentication When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. CVE

History of changes

Date Event
2019-10-15 21:30
2019-10-10 14:19

New CVE