CVE-2019-10953

HIGH

ABB PM554-TP-ETH Firmware - Denial of Service via Network Packet Flood

Title source: llm
STIX 2.1

Description

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.

References (2)

Core 2
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-19-106-03
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/108413

Scores

CVSS v3 7.5
EPSS 0.0044
EPSS Percentile 63.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-770 CWE-400
Status published
Products (10)
abb/pm554-tp-eth_firmware
phoenixcontact/ilc_151_eth_firmware
schneider-electric/modicon_m221_firmware < 1.10.0.0
siemens/6ed1052-1cc01-0ba8_firmware
siemens/6es7211-1ae40-0xb0_firmware
siemens/6es7314-6eh04-0ab0_firmware
wago/bacnet\/ip_firmware
wago/ethernet_firmware
wago/knx_ip_firmware
wago/pfc100_firmware
Published Apr 17, 2019
Tracked Since Feb 18, 2026