CVE-2019-6569

moderate-risk
Published 2019-03-26

The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior.

Do I need to act?

-
0.51% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10 Critical
NETWORK / LOW complexity

Affected Products (5)

Scalance X-200 Firmware
Scalance X-300 Firmware
Scalance Xp-200 Firmware
Scalance Xc-200 Firmware
Scalance Xf-200 Firmware

Affected Vendors

Siemens

References (2)

Patch https://cert-portal.siemens.com/productcert/pdf/ssa-557804.pdf
Patch https://cert-portal.siemens.com/productcert/pdf/ssa-557804.pdf
45
/ 100
moderate-risk
Severity 31/34 · Critical
Exploitability 2/34 · Minimal
Exposure 12/34 · Low