Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2019-6840

UNKNOWN
Published 2019-09-17T19:19:36
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2019-6840. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to send a crafted message to the target server, thereby causing arbitrary commands to be executed.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Schneider Electric SE

U.motion Server

Affected Versions:

MEG6501-0001 - U.motion KNX server MEG6501-0002 - U.motion KNX Server Plus MEG6260-0410 - U.motion KNX Server Plus Touch 10 MEG6260-0415 - U.motion KNX Server Plus Touch 15

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-j26m-33c4-8m5q

Advisory Details

A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to send a crafted message to the target server, thereby causing arbitrary commands to be executed.

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2019-6840
WEB https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-253-01

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: December 1, 2022

References

https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-253-01
Published: 2019-09-17T19:19:36
Last Modified: 2024-08-04T20:31:04.390Z
Copied to clipboard!