CVE-2019-10953

HIGH

ABB PM554-TP-ETH Firmware - Denial of Service via Network Packet Flood

Title source: llm
STIX 2.1

Description

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.0367
EPSS Percentile 88.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-400 CWE-770
Status published
Products (25)
None/ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers Multiple
ABB/1SAP120600R0071 PM554-TP-ETH Multiple
abb/pm554-tp-eth_firmware
Phoenix Contact/2700974 ILC 151 ETH Multiple
Phoenix Contact/ILC 191 ETH 2TX Multiple
phoenixcontact/ilc_151_eth_firmware
Schneider Electric/EcoStruxure Machine Expert – Basic < v1.0
Schneider Electric/EcoStruxure Machine Expert – Basic v1.0
Schneider Electric/Modicon M221 < v1.10.0.0
Schneider Electric/Modicon M221 v1.10.0.0
... and 15 more
Published Apr 17, 2019
Tracked Since Feb 18, 2026