How serious is CVE-2019-10952?

This vulnerability has a CVSS score of 9.8 out of 10, classified as CRITICAL severity. Proof-of-concept exploit code is publicly available, making this an active threat.

Is there exploit code available for CVE-2019-10952?

Yes, proof-of-concept exploit code for CVE-2019-10952 is publicly available on GitHub and security research platforms. This increases the risk of active exploitation.

Which products are affected by CVE-2019-10952?

CVE-2019-10952 affects rockwellautomation compactlogix 5370 l1 firmware. Check the full CVE details for specific version information.

How do I fix CVE-2019-10952?

To remediate CVE-2019-10952, check for security patches from rockwellautomation. Apply all available updates and security patches. If no patch is available, implement recommended workarounds or security controls to mitigate the risk.

CVE-2019-10952

Critical

|9.8

Exploit Available

Plain English Summary

AI-powered analysis for quick understanding

An attacker can send a specially crafted web request to crash the CompactLogix 5370 controllers, making them unavailable, and potentially run malicious code on them. This vulnerability affects specific firmware versions and requires a cold restart to recover the device.

Technical Description

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. A cold restart is required for recovering CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.

CVSS Vector Analysis

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

Confidentiality ImpactHigh

Integrity ImpactHigh

Availability ImpactHigh

ScopeUnchanged

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploit Resources

Search for proof-of-concept code and exploit modules

GitHub Search Exploit-DB Nuclei Templates Metasploit Vulners

Official References

NIST NVD

Est. Bounty

$13,000($5K-$15K)

Vendor Response

Grade FPatched in 2486 days

Quick Information

Published

May 1, 2019

almost 7 years ago

Last Modified

Feb 20, 2026

about 2 months ago

Vendor

rockwellautomation

Product

compactlogix 5370 l1 firmware

Related Vulnerabilities

CVE-2021-22681Critical

An attacker can gain unauthorized access to various Rockwell Automation controllers, allowing them to manipulate or control industrial processes without needing to authenticate. This vulnerability affects specific versions of Rockwell's software and requires no prior credentials, making it particularly dangerous for organizations using these systems.

CVE-2019-10954High

An attacker can send specially crafted email packets to a vulnerable Rockwell Automation controller, causing it to crash and enter a state where it cannot recover without a restart. This issue affects specific versions of the CompactLogix and GuardLogix controllers, so those using these devices should be aware of the risk.