CVE-2019-6528

Published: 05/03/2019 Updated: 19/10/2020

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy versions Telecontrol Gateway 3G Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway XS-MU Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway VM Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Smart Telecontrol Unit TCG Versions 5.0.27, 5.1.19, 6.0.16 and prior, and IEC104 Security Proxy Version 2.2.10 and prior The web application browser interprets input as active HTML, JavaScript, or VBScript, which could allow an malicious user to execute arbitrary code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
psigridconnect telecontrol gateway xs-mu firmware
psigridconnect telecontrol gateway vm firmware
psigridconnect telecontrol gateway 3g firmware
psigridconnect smart telecontrol unit tcg firmware
psigridconnect iec104 security proxy firmware

CWE-79 https://ics-cert.us-cert.gov/advisories/ICSA-19-059-01 http://www.securityfocus.com/bid/107201 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-6528

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect