12 matches found
Siemens TIM 4R-IE Devices Concurrent Execution Using Shared Resource with Improper Synchronization (CVE-2016-4954)
The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer- variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication...
Siemens TIM 4R-IE Devices Improper Authentication (CVE-2016-4953)
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time. This plugin only works with Tenable.ot. Please visit...
Siemens SIMATIC Communication Processor Vulnerability (Update C)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Communication Processor Vulnerability: Authentication Bypass Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-15-335-03...
Siemens TIM 4R-IE Devices
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: TIM 4R-IE Vulnerabilities: Incorrect Type Conversion or Cast, Improper Input Validation, Improper Authentication, Security Features, Null Pointer Dereference, Data Processing Errors,...
Design/Logic Flaw
A vulnerability has been identified in TIM 3V-IE incl. SIPLUS NET variants All versions V2.8, TIM 3V-IE Advanced incl. SIPLUS NET variants All versions V2.8, TIM 3V-IE DNP3 incl. SIPLUS NET variants All versions V3.3, TIM 4R-IE incl. SIPLUS NET variants All versions V2.8, TIM 4R-IE DNP3 incl...
CVE-2019-10939
A vulnerability has been identified in TIM 3V-IE incl. SIPLUS NET variants All versions V2.8, TIM 3V-IE Advanced incl. SIPLUS NET variants All versions V2.8, TIM 3V-IE DNP3 incl. SIPLUS NET variants All versions V3.3, TIM 4R-IE incl. SIPLUS NET variants All versions V2.8, TIM 4R-IE DNP3 incl...
CVE-2019-10939
The CVE-2019-10939 issue affects Siemens TIM 3V-IE, TIM 3V-IE Advanced, TIM 3V-IE DNP3, TIM 4R-IE, and TIM 4R-IE DNP3 (SIPLUS NET variants) with open debug port exposure under the condition that the device IP is 192.168.1.2. The root cause is an open debug port that can be accessed by a network-a...
Siemens TIM 3V-IE and 4R-IE Family Devices
1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: TIM 3V-IE and 4R-IE Family Devices Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker with network access to gain full...
Siemens SIPLUS ST7 TIM 4R-IE Communications Adapter Detection
Binary data 750272.prm...
Code injection
A vulnerability has been identified in SIMATIC NET CP 342-5 incl. SIPLUS variants All versions, SIMATIC NET CP 343-1 Advanced incl. SIPLUS variants All versions V3.0.44, SIMATIC NET CP 343-1 Lean incl. SIPLUS variants All versions V3.1.1, SIMATIC NET CP 343-1 Standard incl. SIPLUS variants All...
CVE-2015-8214
CVE-2015-8214 affects Siemens SIMATIC CP modules (CP 342-5, CP 343-1 variants, CP 443-1 variants, TIM 3V-IE/4R-IE, including SIPLUS) across many versions. Root cause: the access protection layer could allow unauthenticated users to perform administrative operations if network access to port 102/T...
Siemens SIMATIC Communication Processor Vulnerability (Update C)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Communication Processor Vulnerability: Authentication Bypass Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-15-335-03...