PT-2017-17387 · Siemens · Siemens Ozw672+1

Published

2017-08-08

Updated

2019-10-09

CVE-2017-6872

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Siemens OZW672 (all versions) Siemens OZW772 (all versions)

Description A vulnerability was discovered that could allow an attacker with access to port 21/tcp to access or alter historical measurement data stored on the device.

Recommendations For Siemens OZW672, restrict access to port 21/tcp to minimize the risk of exploitation. For Siemens OZW772, restrict access to port 21/tcp to minimize the risk of exploitation.

Fix

Missing Authentication

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306CWE-668

Related Identifiers

CVE-2017-6872

Affected Products

Siemens Ozw672

Siemens Ozw772

PT-2017-17387 · Siemens · Siemens Ozw672+1

CVE-2017-6872

Weakness Enumeration

Related Identifiers

Affected Products

References · 3