CVE-2019-13537: Buffer Overflow
First published: Tue Jan 14 2020(Updated: )
The IEC870IP driver for AVEVA’s Vijeo Citect and Citect SCADA and Schneider Electric’s Power SCADA Operation has a buffer overflow vulnerability that could result in a server-side crash.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Aveva Iec870ip Firmware | <=4.14.02 | |
| Aveva Iec870ip |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-13537.
What software is affected by this vulnerability?
The IEC870IP driver for AVEVA’s Vijeo Citect and Citect SCADA and Schneider Electric’s Power SCADA Operation is affected by this vulnerability.
What is the severity of CVE-2019-13537?
The severity of CVE-2019-13537 is 7.5 (high).
How can this vulnerability be exploited?
This vulnerability can be exploited by causing a buffer overflow, which could result in a server-side crash.
Are there any available patches or fixes for this vulnerability?
No patches or fixes are mentioned in the available references, so it is advisable to follow the recommendations provided by AVEVA and Schneider Electric in their security bulletins.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/aveva
- canonical/aveva iec870ip firmware
- version/aveva iec870ip firmware/4.14.02
- canonical/aveva iec870ip