CVE-2019-19278

Name of the Vulnerable Software and Affected Versions SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR32..-.....-.... (All versions) SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR4...-.....-.... (All versions) SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR5...-.....-.... (All versions) SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR325.-.....-.... (All versions)

Description The issue is related to insufficient input validation, which could allow an attacker to compromise the confidentiality, integrity, and availability of the device. Successful exploitation requires physical access to the system but does not require system privileges or user interaction. The vulnerability could be used to restore the device to a state where predefined application and operating system protection mechanisms are not in place.

Recommendations For SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR32..-.....-...., restrict physical access to the system to minimize the risk of exploitation. For SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR4...-.....-...., restrict physical access to the system to minimize the risk of exploitation. For SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR5...-.....-...., restrict physical access to the system to minimize the risk of exploitation. For SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR325.-.....-...., restrict physical access to the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.