Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500119.NASL
HistoryNov 08, 2019 - 12:00 a.m.

Siemens Siprotec Missing Authentication for Critical Function

2019-11-0800:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23

0.001 Low

EPSS

Percentile

49.8%

JSON

A vulnerability has been identified in Siemens DIGSI 4 (All versions < V4.92), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 104 variant (All versions). The device engineering mechanism allows an unauthenticated remote user to upload a modified device configuration overwriting access authorization passwords.

File data ot_500119.nasl
VendorProductVersionCPE
siemenssiprotec_compact_7sj80_firmware*cpe:2.3:o:siemens:siprotec_compact_7sj80_firmware:*:*:*:*:*:*:*:*
siemenssiprotec_compact_7sj80-cpe:2.3:h:siemens:siprotec_compact_7sj80:-:*:*:*:*:*:*:*
siemenssiprotec_compact_7sk80_firmware*cpe:2.3:o:siemens:siprotec_compact_7sk80_firmware:*:*:*:*:*:*:*:*
siemenssiprotec_compact_7sk80-cpe:2.3:h:siemens:siprotec_compact_7sk80:-:*:*:*:*:*:*:*
siemenssiprotec_4_7sj66_firmware*cpe:2.3:o:siemens:siprotec_4_7sj66_firmware:*:*:*:*:*:*:*:*
siemenssiprotec_4_7sj66-cpe:2.3:h:siemens:siprotec_4_7sj66:-:*:*:*:*:*:*:*
siemensdigsi_4*cpe:2.3:o:siemens:digsi_4:*:*:*:*:*:*:*:*
siemensen100_ethernet_module_iec_104_firmware-cpe:2.3:o:siemens:en100_ethernet_module_iec_104_firmware:-:*:*:*:*:*:*:*
siemensen100_ethernet_module_iec_104-cpe:2.3:h:siemens:en100_ethernet_module_iec_104:-:*:*:*:*:*:*:*
siemensen100_ethernet_module_dnp3_firmware-cpe:2.3:o:siemens:en100_ethernet_module_dnp3_firmware:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 171

Related

ptsecurity 1
nessus 1
prion 1
cvelist 1
nvd 1
cve 1
ics 1
ptsecurity
ptsecurity
PT-2018-03: Control Takeover in Siemens DIGSI 4 and EN100 Ethernet modules
2015-12-17 00:00:00
nessus
nessus
Siemens SIPROTEC 4, SIPROTEC Compact, DIGSI 4, and EN100 Ethernet Module Missing Authentication For Critical Function (CVE-2018-4840)
2022-02-07 00:00:00
prion
prion
Authorization
2018-03-08 17:29:00
cvelist
cvelist
CVE-2018-4840
2018-03-08 17:00:00
nvd
nvd
CVE-2018-4840
2018-03-08 17:29:00
cve
cve
CVE-2018-4840
2018-03-08 17:29:00
ics
ics
Siemens SIPROTEC 4, SIPROTEC Compact, DIGSI 4, and EN100 Ethernet Module (Update D)
2021-07-13 12:00:00

0.001 Low

EPSS

Percentile

49.8%

JSON
Related for OT_500119.NASL
ptsecurity1nessus1prion1cvelist1nvd1cve1ics1