PT-2018-16570 · Siemens · Siclock Tc400+1

Published

2018-07-03

Updated

2019-10-09

CVE-2018-4852

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SICLOCK TC100 (All versions) SICLOCK TC400 (All versions)

Description A vulnerability has been identified that could allow an attacker with network access to the device to potentially circumvent the authentication mechanism if they are able to obtain certain knowledge specific to the attacked device.

Recommendations For SICLOCK TC100 (All versions), at the moment, there is no information about a newer version that contains a fix for this vulnerability. For SICLOCK TC400 (All versions), at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Authentication Bypass Using an Alternate Path or Channel

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287CWE-288

Related Identifiers

CVE-2018-4852

Affected Products

Siclock Tc100

Siclock Tc400

PT-2018-16570 · Siemens · Siclock Tc400+1

CVE-2018-4852

Weakness Enumeration

Related Identifiers

Affected Products

References · 3