{"vulnerability": "CVE-2019-1393", "sightings": [{"uuid": "a0435ddf-edf9-4ba0-afea-a89374106722", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13932", "type": "seen", "source": "https://t.me/ctinow/204528", "content": "https://ift.tt/Y0Fo67H\nCVE-2019-13932 | XHQ up to 6.0.0.1 Web Application input validation (ssa-525454)", "creation_timestamp": "2024-03-11T09:11:25.000000Z"}, {"uuid": "02c88fd7-9b68-4cf1-9c50-ae38d6ea6732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13931", "type": "seen", "source": "https://t.me/ctinow/204527", "content": "https://ift.tt/xOpUAZs\nCVE-2019-13931 | XHQ up to 6.0.0.1 Web Interface cross site scripting (ssa-525454)", "creation_timestamp": "2024-03-11T09:11:24.000000Z"}, {"uuid": "c79e0277-61f3-4792-b0ca-208602592d04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1393", "type": "seen", "source": "https://t.me/ctinow/182813", "content": "https://ift.tt/8ZM5NRm\nCVE-2019-1393 | Microsoft Windows up to Server 2019 Win32k privileges management", "creation_timestamp": "2024-02-11T15:06:58.000000Z"}, {"uuid": "87fb4d92-4ae8-4d30-bbf0-c47d5156a3ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13939", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17909", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2019-13939\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H)\n\ud83d\udd39 Description: A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8.2 < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8.2 < V2.8.19), Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Desigo PXC00-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC100-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC12-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC22-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC22.1-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC36.1-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC50-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3 < V6.0.327), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.\n\ud83d\udccf Published: 2020-01-16T15:35:24\n\ud83d\udccf Modified: 2025-06-10T15:17:09.328Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf\n2. https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf\n3. https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06\n4. https://cert-portal.siemens.com/productcert/html/ssa-434032.html\n5. https://cert-portal.siemens.com/productcert/html/ssa-162506.html", "creation_timestamp": "2025-06-10T15:31:09.000000Z"}, {"uuid": "59a042fc-d22d-4b00-be08-1964342dbba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13930", "type": "seen", "source": "https://t.me/ctinow/204526", "content": "https://ift.tt/njSPYO7\nCVE-2019-13930 | XHQ up to 6.0.0.1 Web Interface cross-site request forgery (ssa-525454)", "creation_timestamp": "2024-03-11T09:11:23.000000Z"}, {"uuid": "610abb7c-333d-4436-8d87-c6924bbc82d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13934", "type": "seen", "source": "https://t.me/ctinow/195707", "content": "https://ift.tt/iPOgVdk\nCVE-2019-13934 | Siemens Polarion up to 19.1 Web Page Generator Reflected cross site scripting", "creation_timestamp": "2024-02-28T18:16:45.000000Z"}, {"uuid": "f6d68855-6a17-4ffd-a4a4-cb33402925be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13936", "type": "seen", "source": "https://t.me/ctinow/195752", "content": "https://ift.tt/dPwGj3O\nCVE-2019-13936 | Siemens Polarion up to 19.1 Web Page Generator Persistent cross site scripting", "creation_timestamp": "2024-02-28T18:46:24.000000Z"}, {"uuid": "e61b4cca-f0e9-468c-b8b4-ac0b8839169e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13935", "type": "seen", "source": "https://t.me/ctinow/195751", "content": "https://ift.tt/7JdHw15\nCVE-2019-13935 | Siemens Polarion up to 19.1 Web Page Generator Reflected cross site scripting", "creation_timestamp": "2024-02-28T18:46:23.000000Z"}]}