PT-2018-16569 · Siemens · Siclock Tc400+1

Publicado

2018-07-03

Atualizado

2019-10-09

CVE-2018-4851

CVSS v2.0

8.5

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:C

Name of the Vulnerable Software and Affected Versions SICLOCK TC100 (All versions) SICLOCK TC400 (All versions)

Description A vulnerability has been identified that could allow an attacker with network access to cause a Denial-of-Service condition by sending certain packets to the device. This could lead to potential reboots of the device and impact its core functionality. However, the time serving functionality recovers once time synchronization with GPS devices or other NTP servers is completed.

Recommendations For SICLOCK TC100, restrict network access to the device until a fix is available. For SICLOCK TC400, restrict network access to the device until a fix is available.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399CWE-20

Identificadores relacionados

CVE-2018-4851

Produtos afetados

Siclock Tc100

Siclock Tc400

PT-2018-16569 · Siemens · Siclock Tc400+1

CVE-2018-4851

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3