PT-2018-16945 · Marine Pro+1 · Marine Pro Observer Android App+2
Brian Olson
+1
·
Publicado
2018-10-08
·
Atualizado
2019-10-09
·
CVE-2018-5401
CVSS v3.1
9.1
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Auto-Maskin DCU-210E versions prior to 3.7
Auto-Maskin RP-210E versions prior to 3.7
Marine Pro Observer Android App versions prior to 3.7
Description
The affected devices transmit sensitive data in cleartext via unencrypted Modbus communications, allowing unauthorized actors to intercept this information. An attacker with access to the network can exploit this issue to observe configurations, settings, and sensor information, which could aid in crafting spoofed messages.
Recommendations
For Auto-Maskin DCU-210E versions prior to 3.7, update to version 3.7 or later to resolve the issue.
For Auto-Maskin RP-210E versions prior to 3.7, update to version 3.7 or later to resolve the issue.
For Marine Pro Observer Android App versions prior to 3.7, update to version 3.7 or later to resolve the issue.
Correção
Cleartext Transmission of Sensitive Information
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Auto-Maskin Dcu-210E
Auto-Maskin Rp210E
Marine Pro Observer Android App