Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2019-13524
HistoryJan 16, 2020 - 6:15 p.m.

CVE-2019-13524

2020-01-1618:15:11
CWE-20
[email protected]
web.nvd.nist.gov
47
ge pacsystems
rx3i
cpe100
cpe115
cpe302
cpe305
cpe310
cpe330
cpe400
cpe410
cru320
vulnerability
denial of service
nvd
cve-2019-13524

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.4%

JSON

GE PACSystems RX3i CPE100/115: All versions prior to R9.85,CPE302/305/310/330/400/410: All versions prior to R9.90,CRU/320 All versions(End of Life) may allow an attacker sending specially manipulated packets to cause the module state to change to halt-mode, resulting in a denial-of-service condition. An operator must reboot the CPU module after removing battery or energy pack to recover from halt-mode.

Affected configurations

NVD
Node
emersonrx3i_cpe100_firmwareRange<r9.85
AND
emersonrx3i_cpe100Match-
Node
emersonrx3i_cpe115_firmwareRange<r9.85
AND
emersonrx3i_cpe115Match-
Node
emersonrx3i_cpe302_firmwareRange<r9.90
AND
emersonrx3i_cpe302Match-
Node
emersonrx3i_cpe305_firmwareRange<r9.90
AND
emersonrx3i_cpe305Match-
Node
emersonrx3i_cpe310_firmwareRange<r9.90
AND
emersonrx3i_cpe310Match-
Node
emersonrx3i_cru320_firmware
AND
emersonrx3i_cru320Match-
Node
emersonrx3i_cpe330_firmwareRange<r9.90
AND
emersonrx3i_cpe330Match-
Node
emersonrx3i_cpe400_firmwareRange<r9.90
AND
emersonrx3i_cpe400Match-
Node
emersonrx3i_cpl410_firmwareRange<r9.90
AND
emersonrx3i_cpl410Match-

CNA Affected

[
  {
    "product": "GE PACSystems RX3i",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "CPE100/115: All versions prior to R9.85,CPE302/305/310/330/400/410: All versions prior to R9.90,CRU320 All versions(End of Life)"
      }
    ]
  }
]

Related

ics 1
nessus 2
nvd 1
prion 1
cvelist 1
ics
ics
GE PACSystems RX3i
2020-01-16 12:00:00
nessus
nessus
Emerson Rx3i Improper Input Validation
2021-08-10 00:00:00
GE PACSystems RX3i Improper Input Validation (CVE-2019-13524)
2022-02-07 00:00:00
nvd
nvd
CVE-2019-13524
2020-01-16 18:15:11
prion
prion
Design/Logic Flaw
2020-01-16 18:15:00
cvelist
cvelist
CVE-2019-13524
2020-01-16 17:53:12

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.4%

JSON
Related for CVE-2019-13524
ics1nessus2nvd1prion1cvelist1