FKIE_CVE-2019-6538

Vulnerability from fkie_nvd - Published: 2019-03-25 22:29 - Updated: 2025-05-22 20:15
Severity ?
9.3 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product’s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device.
References
ics-cert@hq.dhs.govhttp://www.securityfocus.com/bid/107544Third Party Advisory, VDB Entry
ics-cert@hq.dhs.govhttps://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01Mitigation, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/107544Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01Mitigation, Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
medtronic mycarelink_monitor_firmware 24950
medtronic mycarelink_monitor_firmware 24952
medtronic mycarelink_monitor -
medtronic carelink_monitor_firmware 2490c
medtronic carelink_monitor -
medtronic carelink_2090_firmware -
medtronic carelink_2090 -
medtronic amplia_crt-d_firmware -
medtronic amplia_crt-d -
medtronic claria_crt-d_firmware -
medtronic claria_crt-d -
medtronic compia_crt-d_firmware -
medtronic compia_crt-d -
medtronic concerto_crt-d_firmware -
medtronic concerto_crt-d -
medtronic concerto_ii_crt-d_firmware -
medtronic concerto_ii_crt-d -
medtronic consulta_crt-d_firmware -
medtronic consulta_crt-d -
medtronic evera_icd_firmware -
medtronic evera_icd -
medtronic maximo_ii_crt-d_and_lcd_firmware -
medtronic maximo_ii_crt-d_and_lcd -
medtronic mirro_icd_firmware -
medtronic mirro_icd -
medtronic nayamed_nd_icd_firmware -
medtronic nayamed_nd_icd -
medtronic primo_icd_firmware -
medtronic primo_icd -
medtronic protecta_icd_and_crt-d_firmware -
medtronic protecta_icd_and_crt-d -
medtronic secura_icd_firmware -
medtronic secura_icd -
medtronic virtuoso_icd_firmware -
medtronic virtuoso_icd -
medtronic virtuoso_ii_icd_firmware -
medtronic virtuoso_ii_icd -
medtronic visia_af_icd_firmware -
medtronic visia_af_icd -
medtronic viva_crt-d_firmware -
medtronic viva_crt-d -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:mycarelink_monitor_firmware:24950:*:*:*:*:*:*:*",
              "matchCriteriaId": "1683D2B0-A4AA-4035-8E30-4641F399BF77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:medtronic:mycarelink_monitor_firmware:24952:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9F02305-2B0B-4F12-99FD-986ADB46B845",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:mycarelink_monitor:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8588B5D-10B2-4AD3-B550-2AD7C252BAB4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:carelink_monitor_firmware:2490c:*:*:*:*:*:*:*",
              "matchCriteriaId": "9822CAEC-D72E-4B49-98A0-734E35D25C3B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:carelink_monitor:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80CF9694-488A-4829-98B2-1C40136C416E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:carelink_2090_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FE6438F-F84A-4876-B13E-4C06050EF7D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:carelink_2090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA96FB28-A2B2-4144-87F2-19D0EEB3CBB2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:amplia_crt-d_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53F40F63-1FFD-4F1D-BB91-A0109CCE62A3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:amplia_crt-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E64609AE-EA44-423A-B0E1-5FBF219165C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:claria_crt-d_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F3C231-C8D2-40A1-BA0D-8381208AD3B5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:claria_crt-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "756E8B59-2D00-4647-8DCE-A293626FFFDD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:compia_crt-d_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "832EC0E7-9AD0-42E9-9663-F9033763ADF1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:compia_crt-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41A7F4D2-233C-4BF7-9054-C814CE5110DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:concerto_crt-d_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "008FD034-1206-41DA-9537-1F4244236286",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:concerto_crt-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A17D5C-5BC8-4066-8C2C-7AB6CA25B4F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:concerto_ii_crt-d_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA48969-0F33-434D-B210-B18D0459316C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:concerto_ii_crt-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77FD6FAE-32FD-48DD-8A95-881C9373F9EE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:consulta_crt-d_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D02CD1C6-9229-408A-8E6E-CAB394DC489A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:consulta_crt-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6347AAA-ACB2-4CDF-B3F5-49CA8BB17577",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:evera_icd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64C40F66-1FA6-4DC6-BA87-4D7811650F81",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:evera_icd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEBB88DD-94C3-478D-8AFE-BC63BA73E94C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:maximo_ii_crt-d_and_lcd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "283D42FD-D107-4340-85F3-B85F66CA9AA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:maximo_ii_crt-d_and_lcd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "468E068D-8598-4D42-A483-7D1040665C4C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:mirro_icd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBAA5C99-D5AA-4377-86A0-48862582F769",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:mirro_icd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1525A59B-E8F7-43FD-8ECD-5546C4E268F6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:nayamed_nd_icd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F92F9AA6-56B1-4969-AADD-0D181F1F26F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:nayamed_nd_icd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6BA1499-CB4E-4067-984E-048CADDB5473",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:primo_icd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "374D02EF-E15A-4C1A-BB1B-770F3FB75EC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:primo_icd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1941334A-A540-4ED3-8DCF-9298DC18D67E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:protecta_icd_and_crt-d_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE78A2F7-1A2F-488C-A129-41F6D0A7C648",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:protecta_icd_and_crt-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A12FFDDC-10A2-4C96-9256-D168C1E3EB5E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:secura_icd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "348706DF-2F3D-4875-9450-218A2A4E9210",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:secura_icd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82FFC9C-960C-4709-AB17-0D6C7BC0E39E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:virtuoso_icd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85BD02A6-B421-4E90-A91E-D966F3CE70A8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:virtuoso_icd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "618D26D4-6690-4F17-B9F5-2CD05486EB65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:virtuoso_ii_icd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B06688-4AF7-4354-A6AF-B335424F1D51",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:virtuoso_ii_icd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2F9A58D-D3E8-4E57-93D9-A1FB1BEB65D6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:visia_af_icd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D21AD86-5D91-4279-8A54-9A6E6A1B6960",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:visia_af_icd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17418686-EC2F-4FDB-88F8-2B4C60A8B48D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:medtronic:viva_crt-d_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "468772A4-BCD2-4884-A7C0-4CD49DFC6C1E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:medtronic:viva_crt-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7222E296-5DA5-4611-BA1C-85059D7918A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product\u2019s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device."
    },
    {
      "lang": "es",
      "value": "El protocolo de telemetr\u00eda Conexus utilizado en las versiones 24950 y 24952 de Medtronic MyCareLink Monitor, CareLink Monitor versi\u00f3n 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D e ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD y CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD y Viva CRT- D no implementa autenticaci\u00f3n o autorizaci\u00f3n. Un atacante con acceso adyacente de corto alcance a un producto afectado, en situaciones donde la radio del producto est\u00e1 encendida, puede inyectar, reproducir, modificar o interceptar datos dentro de la comunicaci\u00f3n de telemetr\u00eda. Este protocolo de comunicaci\u00f3n proporciona la capacidad de leer y escribir valores de memoria en dispositivos card\u00edacos implantados afectados; por lo tanto, un atacante podr\u00eda explotar este protocolo de comunicaci\u00f3n para cambiar la memoria en el dispositivo card\u00edaco implantado."
    }
  ],
  "id": "CVE-2019-6538",
  "lastModified": "2025-05-22T20:15:20.660",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.3,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.8,
        "source": "ics-cert@hq.dhs.gov",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-25T22:29:00.763",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107544"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107544"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        },
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.