Free Trial

Multiple vulnerabilities in Schneider Electric U.motion servers

Overview :
Schneider Electric detected multiple vulnerabilities in its U.motion din rail and touch panels servers.
Affected Product(s) :
U.motion servers :
  • MEG6501-0001 – U.motion KNX server
  • MEG6501-0002 – U.motion KNX Server Plus
  • MEG6260-0410 – U.motion KNX Server Plus, Touch 10
  • MEG6260-0415 – U.motion KNX Server Plus, Touch 15
Vulnerability Details :
CVE ID : CVE-2019-6835
CVSS v3.0 Base Score 5.4 | (Medium) | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
A Cross-Site Scripting (XSS) CWE-79 vulnerability exists, which could allow an attacker to inject client-side script when a user visits a web page.
CVE ID : CVE-2019-6836
CVSS v3.0 Base Score 8.8 | (High) | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
An Improper Access Control: CWE-284 vulnerability exists, which could allow the file system to access the wrong file.
CVE ID : CVE-2019-6837
CVSS v3.0 Base Score 9.6 | (Critical) | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists, which could cause server configuration data to be exposed when an attacker modifies a URL.
CVE ID : CVE-2019-6838
CVSS v3.0 Base Score 6.5 | (Medium) | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
An Improper Access Control: CWE-284 vulnerability exists, which could allow a user with low privileges to delete a critical file.
CVE ID : CVE-2019-6839
CVSS v3.0 Base Score 8.8 | (High) | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
An Improper Access Control: CWE-284 vulnerability exists, which could allow a user with low privileges to upload a rogue file.
CVE ID : CVE-2019-6840
CVSS v3.0 Base Score 8.8 | (High) | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
A Format String: CWE-134 vulnerability exists, which could allow an attacker to send a crafted message to the target server, thereby causing arbitrary commands to be executed.

Solution : The vulnerabilities are fixed in version 1.3.7 and is available for download.

 

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-48889 : FORTINET FORTIMANAGER UP TO 6.4.14/7.0.12/7.2.7/7.4.4/7.6.0 FGFM REQUEST OS COMMAND INJECTION

CVE-2024-48889 : FORTINET FORTIMANAGER UP TO 6.4.14/7.0.12/7.2.7/7.4.4/7.6.0 FGFM REQUEST OS COMMAND INJECTION

Description An Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability [CWE-78] in FortiManager version

Learn more
CVE-2023-34990 : FORTINET FORTIWLM UP TO 8.5.4/8.6.5 WEB REQUEST PATH TRAVERSAL

CVE-2023-34990 : FORTINET FORTIWLM UP TO 8.5.4/8.6.5 WEB REQUEST PATH TRAVERSAL

Description A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute

Learn more
CVE-2024-47104 : IBM I 7.4/7.5 PHYSICAL FILE SECURITY ATTRIBUTES PERMISSION ASSIGNMENT

CVE-2024-47104 : IBM I 7.4/7.5 PHYSICAL FILE SECURITY ATTRIBUTES PERMISSION ASSIGNMENT

Description IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A

Learn more