CVE-2019-13929

A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write access to the related TeamCenter station. The security vulnerability could be exploited only if the attacker is authenticated. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises the confidentiality of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Published : 2019-10-10 14:15 Updated : 2019-10-15 21:26

4.0
CVSS Score More info
Score 4.0 / 10
4.0
Vendor Product Version URI
Siemens Simatic It Uadm - cpe:/a:siemens:simatic_it_uadm:-
  1. Siemens (1) Search CVE
    1. Simatic It Uadm (1) Search CVE
      1. -

CWE

ID Name Description Links
CWE-522 Insufficiently Protected Credentials This weakness occurs when the application transmits or stores authentication credentials and uses an insecure method that is susceptible to unauthorized interception and/or retrieval. CVE

History of changes

Date Event
2019-10-15 21:26
2019-10-10 14:19

New CVE