// For flags

CVE-2019-10981

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulnerability has been identified that may allow an authenticated local user access to Citect user credentials.

En los sistemas Vijeo Citect versiones 7.30 y 7.40, y CitectSCADA versiones 7.30 y 7.40, ha sido identificada na vulnerabilidad que puede permitir el acceso a las credenciales de usuario de Citect por parte de un usuario local identificado

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-04-08 CVE Reserved
  • 2019-05-31 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-522: Insufficiently Protected Credentials
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Schneider-electric
Search vendor "Schneider-electric"
Citectscada
Search vendor "Schneider-electric" for product "Citectscada"
7.30
Search vendor "Schneider-electric" for product "Citectscada" and version "7.30"
-
Affected
Schneider-electric
Search vendor "Schneider-electric"
Citectscada
Search vendor "Schneider-electric" for product "Citectscada"
7.40
Search vendor "Schneider-electric" for product "Citectscada" and version "7.40"
-
Affected
Schneider-electric
Search vendor "Schneider-electric"
Scada Expert Vijeo Citect
Search vendor "Schneider-electric" for product "Scada Expert Vijeo Citect"
7.30
Search vendor "Schneider-electric" for product "Scada Expert Vijeo Citect" and version "7.30"
-
Affected
Schneider-electric
Search vendor "Schneider-electric"
Scada Expert Vijeo Citect
Search vendor "Schneider-electric" for product "Scada Expert Vijeo Citect"
7.40
Search vendor "Schneider-electric" for product "Scada Expert Vijeo Citect" and version "7.40"
-
Affected