CVE-2019-6833

Name of the Vulnerable Software and Affected Versions Magelis HMI Panels versions all

Description A vulnerability exists due to improper check for unusual or exceptional conditions, which could cause a temporary freeze of the HMI when a high rate of frames is received. Once the attack stops, the buffered commands are processed by the HMI panel. The issue is also related to insufficient checking of unusual or exceptional states in the software, allowing a remote attacker to cause a denial of service.

Recommendations For all versions of Magelis HMI Panels, consider implementing measures to limit the rate of frames received to prevent the temporary freeze of the HMI panel. As a temporary workaround, restrict the input of high-rate frames until a more permanent solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.