Vulnerability Description
A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write access to the related TeamCenter station. The security vulnerability could be exploited only if the attacker is authenticated. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises the confidentiality of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Simatic It Uadm | < 1.3 |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-984700.pdfVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-984700.pdfVendor Advisory
FAQ
What is CVE-2019-13929?
CVE-2019-13929 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a passw...
How severe is CVE-2019-13929?
CVE-2019-13929 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-13929?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Simatic It Uadm.