CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10952

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. A cold restart is required for recovering CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2019-10952

Rockwellautomation » Armor Compact Guardlogix 5370 » Version: N/A

cpe:2.3:h:rockwellautomation:armor_compact_guardlogix_5370:-
Rockwellautomation » Compactlogix 5370 L1 » Version: N/A

cpe:2.3:h:rockwellautomation:compactlogix_5370_l1:-
Rockwellautomation » Compactlogix 5370 L2 » Version: N/A

cpe:2.3:h:rockwellautomation:compactlogix_5370_l2:-
Rockwellautomation » Compactlogix 5370 L3 » Version: N/A

cpe:2.3:h:rockwellautomation:compactlogix_5370_l3:-
Rockwellautomation » Armor Compact Guardlogix 5370 Firmware » Version: 20.011

cpe:2.3:o:rockwellautomation:armor_compact_guardlogix_5370_firmware:20.011
Rockwellautomation » Armor Compact Guardlogix 5370 Firmware » Version: 20.012

cpe:2.3:o:rockwellautomation:armor_compact_guardlogix_5370_firmware:20.012
Rockwellautomation » Armor Compact Guardlogix 5370 Firmware » Version: 20.013

cpe:2.3:o:rockwellautomation:armor_compact_guardlogix_5370_firmware:20.013
Rockwellautomation » Armor Compact Guardlogix 5370 Firmware » Version: 30.014

cpe:2.3:o:rockwellautomation:armor_compact_guardlogix_5370_firmware:30.014
Rockwellautomation » Compactlogix 5370 L1 Firmware » Version: 20.011

cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:20.011
Rockwellautomation » Compactlogix 5370 L1 Firmware » Version: 20.012

cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:20.012
Rockwellautomation » Compactlogix 5370 L1 Firmware » Version: 20.013

cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:20.013
Rockwellautomation » Compactlogix 5370 L1 Firmware » Version: 30.014

cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:30.014
Rockwellautomation » Compactlogix 5370 L2 Firmware » Version: 20.011

cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:20.011
Rockwellautomation » Compactlogix 5370 L2 Firmware » Version: 20.012

cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:20.012
Rockwellautomation » Compactlogix 5370 L2 Firmware » Version: 20.013

cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:20.013
Rockwellautomation » Compactlogix 5370 L2 Firmware » Version: 30.014

cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:30.014
Rockwellautomation » Compactlogix 5370 L3 Firmware » Version: 20.011

cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:20.011
Rockwellautomation » Compactlogix 5370 L3 Firmware » Version: 20.012

cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:20.012
Rockwellautomation » Compactlogix 5370 L3 Firmware » Version: 20.013

cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:20.013
Rockwellautomation » Compactlogix 5370 L3 Firmware » Version: 30.014

cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:30.014

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10952

Products

Pricing

Contact Us