Unencrypted Communication Vulnerability in SIMATIC MV400 Family (All Versions < V7.0.6)

Unencrypted Communication Vulnerability in SIMATIC MV400 Family (All Versions < V7.0.6)

CVE-2019-10926 · LOW Severity

AV:N/AC:H/AU:N/C:P/I:N/A:N

A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted.

Learn more about our Network Penetration Testing.