CVE-2019-18322
First published: Thu Dec 12 2019(Updated: )
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18321. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Sppa-t3000 Ms3000 Migration Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-18322?
CVE-2019-18322 is classified as a high severity vulnerability due to its potential for unauthorized file access.
How do I fix CVE-2019-18322?
To mitigate CVE-2019-18322, update to the latest version of the Siemens SPPA-T3000 MS3000 Migration Server as per the vendor's guidance.
Who is affected by CVE-2019-18322?
CVE-2019-18322 affects all versions of the Siemens SPPA-T3000 MS3000 Migration Server.
What is the impact of CVE-2019-18322?
The impact of CVE-2019-18322 allows an attacker to read and write arbitrary files on the local file system if they gain network access.
Is there an exploit available for CVE-2019-18322?
Yes, CVE-2019-18322 can be exploited remotely by sending specially crafted packets to port 5010/tcp.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/severity
- agent/references
- agent/softwarecombine
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- agent/source
- vendor/siemens
- canonical/siemens sppa-t3000 ms3000 migration server