Vulnerability Description
Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an attacker to gain full access using a brute-force password attack.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Advantech | Spectre Rt Ert351 Firmware | <= 5.1.3 |
| Advantech | Spectre Rt Ert351 | - |
Related Weaknesses (CWE)
References
- https://ep.advantech-bb.cz/support/router-models/download/511/sa-2021-01-fw-5.1.Vendor Advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-21-054-03Third Party AdvisoryUS Government Resource
- https://ep.advantech-bb.cz/support/router-models/download/511/sa-2021-01-fw-5.1.Vendor Advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-21-054-03Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2019-18235?
CVE-2019-18235 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an attacker to gain full access using a brute-force pas...
How severe is CVE-2019-18235?
CVE-2019-18235 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-18235?
Check the references section above for vendor advisories and patch information. Affected products include: Advantech Spectre Rt Ert351 Firmware, Advantech Spectre Rt Ert351.