CVE-2019-10952
moderate-risk
Published 2019-05-01
An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. A cold restart is required for recovering CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.
Do I need to act?
-
0.51% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (4)
Compactlogix 5370 L1 Firmware
Compactlogix 5370 L2 Firmware
Compactlogix 5370 L3 Firmware
Armor Compact Guardlogix 5370 Firmware
Affected Vendors
References (6)
Third Party Advisory
http://www.securityfocus.com/bid/108118
Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01
Third Party Advisory
http://www.securityfocus.com/bid/108118
Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01
44
/ 100
moderate-risk
Severity
32/34 · Critical
Exploitability
2/34 · Minimal
Exposure
10/34 · Low