Lucene search
HistoryDec 07, 2013 - 12:55 a.m.
CVE-2013-6920
siemens
sinamics
s/g controllers
firmware
authentication bypass
ftp
telnet
remote access
access restrictions
tcp traffic
cve-2013-6920
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.2%
Siemens SINAMICS S/G controllers with firmware before 4.6.11 do not require authentication for FTP and TELNET sessions, which allows remote attackers to bypass intended access restrictions via TCP traffic to port (1) 21 or (2) 23.
Affected configurations
Node
siemenssinamics_s\/g_family_firmwareRange≤4.6
siemenssinamics_g110Match-
ORsiemenssinamics_g110dMatch-
ORsiemenssinamics_g120Match-
ORsiemenssinamics_g120cMatch-
ORsiemenssinamics_g120dMatch-
ORsiemenssinamics_g120pMatch-
ORsiemenssinamics_g130Match-
ORsiemenssinamics_g150Match-
ORsiemenssinamics_g180Match-
ORsiemenssinamics_s110Match-
ORsiemenssinamics_s120Match-
ORsiemenssinamics_s120cmMatch-
ORsiemenssinamics_s150Match-
Related
cvelist
cvelist
CVE-2013-6920
2013-12-07 00:00:00
nvd
nvd
CVE-2013-6920
2013-12-07 00:55:04
prion
prion
Authentication flaw
2013-12-07 00:55:00
ics
ics
Siemens SINAMICS S/G Authentication Bypass Vulnerability
2018-09-05 12:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.2%
Related for CVE-2013-6920