PT-2018-16570 · Siemens · Siclock Tc400+1

Publicado

2018-07-03

Atualizado

2019-10-09

CVE-2018-4852

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SICLOCK TC100 (All versions) SICLOCK TC400 (All versions)

Description A vulnerability has been identified that could allow an attacker with network access to the device to potentially circumvent the authentication mechanism if they are able to obtain certain knowledge specific to the attacked device.

Recommendations For SICLOCK TC100 (All versions), at the moment, there is no information about a newer version that contains a fix for this vulnerability. For SICLOCK TC400 (All versions), at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Authentication Bypass Using an Alternate Path or Channel

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287CWE-288

Identificadores relacionados

CVE-2018-4852

Produtos afetados

Siclock Tc100

Siclock Tc400

PT-2018-16570 · Siemens · Siclock Tc400+1

CVE-2018-4852

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3