CVE-2019-6833
First published: Tue Sep 17 2019(Updated: )
A CWE-754 – Improper Check for Unusual or Exceptional Conditions vulnerability exists in Magelis HMI Panels (all versions of - HMIGTO, HMISTO, XBTGH, HMIGTU, HMIGTUX, HMISCU, HMISTU, XBTGT, XBTGT, HMIGXO, HMIGXU), which could cause a temporary freeze of the HMI when a high rate of frames is received. When the attack stops, the buffered commands are processed by the HMI panel.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider Electric HMI GTO Firmware | ||
| Schneider Electric HMI GTO Firmware | ||
| Schneider Electric HMIGTO1310 | ||
| Schneider Electric HMIGTO2300 | ||
| Schneider Electric HMIGTO2310 | ||
| HMI GTU 2315 | ||
| Schneider Electric HMIGTO3510 | ||
| Schneider-electric Hmigto4310 | ||
| Schneider-electric HMIGTO5310 | ||
| Schneider Electric HMIGTO5315 | ||
| Schneider Electric HMI GTO Firmware | ||
| Schneider Electric HMIGTO6315 | ||
| Schneider-electric Hmisto Firmware | ||
| Schneider Electric HMI STO 501 | ||
| Schneider Electric HMI Sto 511 | ||
| Schneider Electric HMISTO512 | ||
| Schneider Electric HMI STO 531 | ||
| Schneider Electric HMI STO 532 | ||
| Schneider Electric HMISTO 705 | ||
| Schneider Electric Hmisto 715 | ||
| Schneider Electric Hmisto735 | ||
| Schneider-electric Xbtgh Firmware | ||
| Schneider-electric Xbtgh Firmware | ||
| Schneider-electric Hmigtu Firmware | ||
| Schneider-Electric HMIG2U | ||
| Schneider Electric HMiG3UFC | ||
| Schneider Electric HMiG3UFC | ||
| Schneider Electric HMIG5U | ||
| Schneider Electric HMIG5U | ||
| Schneider Electric HMIG5UFC | ||
| Schneider Electric HMIG5UL8A | ||
| Schneider-electric Hmiscu Firmware | ||
| Schneider Electric Harmony HMISCU6A5 | ||
| Schneider Electric HMISCU6B5 | ||
| Schneider Electric HMI SCU 8A5 | ||
| Schneider Electric HMISCU8B5 | ||
| Schneider-electric Hmistu Firmware | ||
| Schneider-electric Hmistu655 | ||
| Schneider-electric Hmistu655w | ||
| Schneider Electric HMISTU855W | ||
| Schneider Electric HMISTU855W | ||
| Schneider-electric Xbtgt Firmware | ||
| Schneider-electric Xbtgt Firmware | ||
| Schneider-electric Xbtgt Firmware | ||
| Schneider Electric HMIGXO | ||
| Schneider Electric HMIGXO | ||
| Schneider-electric Hmigxu Firmware | ||
| Schneider-electric Hmigxu35 | ||
| Schneider Electric HMIGXU55 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-6833.
What is the severity rating of CVE-2019-6833?
The severity rating of CVE-2019-6833 is medium with a value of 6.5.
Which software versions are affected by CVE-2019-6833?
The Magelis HMI Panels, including all versions of HMIGTO, HMISTO, XBTGH, HMIGTU, HMIGTUX, HMISCU, HMISTU, XBTGT, HMIGXO, and HMIGXU are affected by CVE-2019-6833.
What is the impact of CVE-2019-6833?
The vulnerability could cause a temporary freeze of the HMI when a high rate of frames is received.
How can I fix CVE-2019-6833?
To fix CVE-2019-6833, it is recommended to apply the security patches provided by Schneider-electric. Please refer to their website for more information.
- agent/type
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/schneider-electric
- canonical/schneider electric hmi gto firmware
- canonical/schneider electric hmigto1310
- canonical/schneider electric hmigto2300
- canonical/schneider electric hmigto2310
- canonical/hmi gtu 2315
- canonical/schneider electric hmigto3510
- canonical/schneider-electric hmigto4310
- canonical/schneider-electric hmigto5310
- canonical/schneider electric hmigto5315
- canonical/schneider electric hmigto6315
- canonical/schneider-electric hmisto firmware
- canonical/schneider electric hmi sto 501
- canonical/schneider electric hmi sto 511
- canonical/schneider electric hmisto512
- canonical/schneider electric hmi sto 531
- canonical/schneider electric hmi sto 532
- canonical/schneider electric hmisto 705
- canonical/schneider electric hmisto 715
- canonical/schneider electric hmisto735
- canonical/schneider-electric xbtgh firmware
- canonical/schneider-electric hmigtu firmware
- canonical/schneider-electric hmig2u
- canonical/schneider electric hmig3ufc
- canonical/schneider electric hmig5u
- canonical/schneider electric hmig5ufc
- canonical/schneider electric hmig5ul8a
- canonical/schneider-electric hmiscu firmware
- canonical/schneider electric harmony hmiscu6a5
- canonical/schneider electric hmiscu6b5
- canonical/schneider electric hmi scu 8a5
- canonical/schneider electric hmiscu8b5
- canonical/schneider-electric hmistu firmware
- canonical/schneider-electric hmistu655
- canonical/schneider-electric hmistu655w
- canonical/schneider electric hmistu855w
- canonical/schneider-electric xbtgt firmware
- canonical/schneider electric hmigxo
- canonical/schneider-electric hmigxu firmware
- canonical/schneider-electric hmigxu35
- canonical/schneider electric hmigxu55