CVE-2019-18313: Malicious File Upload
First published: Thu Dec 12 2019(Updated: )
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could gain remote code execution by sending specifically crafted objects to one of the RPC services. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Sppa-t3000 Ms3000 Migration Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-18313?
CVE-2019-18313 is classified as having a critical severity level due to the potential for remote code execution by an attacker.
How do I fix CVE-2019-18313?
To mitigate CVE-2019-18313, it is recommended to apply the latest patches provided by Siemens for the SPPA-T3000 MS3000 Migration Server.
What are the consequences of exploiting CVE-2019-18313?
Exploitation of CVE-2019-18313 could allow an attacker to execute arbitrary code on the MS3000 Server, compromising its integrity and functionality.
Who is affected by CVE-2019-18313?
All versions of the Siemens SPPA-T3000 MS3000 Migration Server are affected by CVE-2019-18313.
What type of access is required to exploit CVE-2019-18313?
An attacker needs to have network access to the MS3000 Server to exploit CVE-2019-18313.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/severity
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- agent/source
- vendor/siemens
- canonical/siemens sppa-t3000 ms3000 migration server