Published: 05/03/2019 Updated: 19/10/2020

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy versions Telecontrol Gateway 3G Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway XS-MU Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway VM Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Smart Telecontrol Unit TCG Versions 5.0.27, 5.1.19, 6.0.16 and prior, and IEC104 Security Proxy Version 2.2.10 and prior The web application browser interprets input as active HTML, JavaScript, or VBScript, which could allow an malicious user to execute arbitrary code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
psigridconnect telecontrol_gateway_xs-mu_firmware
psigridconnect telecontrol_gateway_vm_firmware
psigridconnect telecontrol_gateway_3g_firmware
psigridconnect smart_telecontrol_unit_tcg_firmware
psigridconnect iec104_security_proxy_firmware

CWE-79 https://ics-cert.us-cert.gov/advisories/ICSA-19-059-01 http://www.securityfocus.com/bid/107201 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-6528

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect