How severe is CVE-2019-13929?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2019-13929?

This is classified as CWE-321, which is a common weakness in software security.

CVE-2019-13929 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write access to the related TeamCenter station. The security vulnerability could be exploited only if the attacker is authenticated. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises the confidentiality of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Related Vulnerabilities

CVE-2019-10990

MEDIUM

CVSS:6.5(Medium)

Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to ...

CWE-3212019

CVE-2019-17098

MEDIUM

CVSS:6.5(Medium)

Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication ...

CWE-3212019

CVE-2020-25180

MEDIUM

CVSS:6.5(Medium)

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime ...

CWE-3212020

CVE-2023-20016

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to ...

CWE-3212023

CVE-2024-33849

MEDIUM

CVSS:6.5(Medium)

ci solution CI-Out-of-Office Manager through 6.0.0.77 uses a Hard-coded Cryptographic Key.

CWE-3212024

CVE-2025-48417

MEDIUM

CVSS:6.5(Medium)

The certificate and private key used for providing transport layer security for connections to the web interface (TCP port 443) is hard-coded in the firmware and are shipped with the update files. An ...

CWE-3212025