CRITICAL🇵🇱 Wersja polska

CVE-2018-4841

CVSS 9.8v3.1pub. 2018-03-29upd. 2024-11-21

A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1). A remote attacker with network access to port 80/tcp or port 443/tcp could perform administrative operations on the device without prior authentication. Successful exploitation could allow to cause a denial-of-service, or read and manipulate data as well as configuration settings of the affected device. At the stage of publishing this security advisory no public exploitation is known. Siemens provides mitigations to resolve it.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Siemens Tim 1531 Irc

    HW
    Siemens
    wszystkie wersje
  • Siemens Tim 1531 Irc Firmware

    OS
    Siemens
    < 1.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2018-13816CRITICAL10.0ten sam produkt

A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authe...

CVE-2022-43768HIGH7.5ten sam produkt

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIM...

CVE-2022-43716HIGH7.5ten sam produkt

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIM...

CVE-2022-43767HIGH7.5ten sam produkt

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIM...

CVE-2021-37185HIGH7.5ten sam produkt

A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMA...