CVE-2024-21483

A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC 7KM3120-0BA01-1DA0 All versions = V3.2.3 = V3.2.3 = V3.2.3 = V3.2.3 V3.2.4 only when manufactured between LQN231003... and LQN231215... with LQNYYMMDD.... The read out protection of the internal flash of affected devices was not...

CVE-2024-21483

Siemens CVE-2024-21483 affects SENTRON 7KM PAC3x20 devices (PAC3120/3220, AC/DC and DC variants) with firmware versions around V3.2.3–before V3.3.0. The root cause is improper read-out protection of internal flash at end of manufacturing, enabling a physically proximate attacker to read data from...

CVE-2024-21483

A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC 7KM3120-0BA01-1DA0 All versions = V3.2.3 = V3.2.3 = V3.2.3 = V3.2.3 V3.2.4 only when manufactured between LQN231003... and LQN231215... with LQNYYMMDD.... The read out protection of the internal flash of affected devices was not...

PT-2024-2276 · Siemens · Sentron 7Km Pac3220 Ac/Dc +1

Name of the Vulnerable Software and Affected Versions: SENTRON 7KM PAC3120 AC/DC versions V3.2.3 through V3.2.4 SENTRON 7KM PAC3120 DC versions V3.2.3 through V3.2.4 SENTRON 7KM PAC3220 AC/DC versions V3.2.3 through V3.2.4 SENTRON 7KM PAC3220 DC versions V3.2.3 through V3.2.4 Description: A...

Siemens SENTRON 3KC ATC6 Expansion Module Ethernet 安全漏洞

The Siemens SENTRON 3KC ATC6 Expansion Module is a power distribution protection device from Siemens, Germany, for monitoring and protecting power systems. A hidden function vulnerability exists in the Siemens SENTRON 3KC ATC6 Ethernet Module due to affected devices exposing unused and unstable...

Siemens SENTRON 7KM PAC3x20

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SENTRON

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens Sentron Powermanager Local Code Execution Vulnerability

Siemens Sentron Powermanager is a power management software from Siemens, a German company. A local code execution vulnerability exists in Siemens Sentron Powermanager, which stems from an affected application assigning incorrect access rights to a specific folder containing configuration files. ...

CVE-2021-37207

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

CVE-2021-37207

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

Improper access control

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

CVE-2021-37207

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

CVE-2021-37207

CVE-2021-37207 affects Siemens SENTRON powermanager V3 (All versions). The vulnerability arises from improper access rights on a folder containing configuration files, enabling an authenticated local attacker to inject arbitrary code and escalate privileges. Siemens released a patch for powermana...

Siemens Sentron Powermanager 安全漏洞

Siemens Sentron Powermanager is a power management software from Siemens, a German company. A local code execution vulnerability exists in Siemens Sentron Powermanager, which stems from an affected application assigning incorrect access rights to a specific folder containing configuration files. ...

Siemens SENTRON powermanager

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SENTRON powermanager Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated local attacker to...

HCC Embedded InterNiche 安全特征问题漏洞

The SENTRON 3WA COM190 is an accessory module for 3WA circuit breakers providing connectivity via PROFINET IO and Modbus TCP.The SENTRON 3WL COM35 is an accessory module for 3WL circuit breakers providing connectivity via PROFINET IO and Modbus TCP.The SENTRON 7KM PAC The Switched Ethernet PROFIN...

Siemens TCP/IP Stack Vulnerabilities-AMNESIA:33 in SENTRON PAC / 3VA Devices (Update C)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SENTRON 3VA COM100/800, SENTRON 3VA DSP800, SENTRON PAC2200, SENTRON PAC3200T, SENTRON PAC3200, SENTRON PAC3220, SENTRON PAC4200 Vulnerabilities: Out-of-bounds Read, Out-of-bounds...

Multiple Siemens Products Input Validation Error Vulnerability (CNVD-2020-70922)

Siemens SENTRON PAC3200 is a multifunctional power meter for industrial environments.Siemens SENTRON PAC4200 is a multifunctional power meter for industrial environments.Siemens SENTRON PAC4200 is a multifunctional power meter for industrial environments.Siemens SIRIUS 3RW5 is a soft start device...

Siemens Embedded TCP/IP Stack Vulnerabilities-AMNESIA:33 (Update C)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: ENTRON 3VA COM100/800, SENTRON 3VA DSP800, SENTRON PAC2200, SENTRON PAC3200T, SENTRON PAC3200, SENTRON PAC4200, SIRIUS 3RW5 Vulnerability: Integer Overflow 2. UPDATE INFORMATION This...

Siemens 7KT PAC1200 Data Manager Authentication Bypass Vulnerability

The 7KT PAC1200 data manager 7KT1260 from the SENTRON portfolio is a fully integrated smart meter with a Web interface. An authentication bypass vulnerability exists in the 7KT PAC1200 data manager from the SENTRON portfolio, which could allow a remote attacker to bypass the authentication...