Siemens SIPROTEC Information Disclosure (CVE-2016-4784)

A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions V1.03; Firmware variant IEC 104...

Siemens SWT3000

CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SWT3000 Vulnerabilities: Improper Authentication, Authentication Bypass, Improper Input Validation. AFFECTED PRODUCTS Siemens reports that the vulnerabilities affect the following SWT 3000...

CVE-2016-4784

CVE-2016-4784 affects Siemens SIPROTEC SIPROTEC 4/Compact devices with EN100 Ethernet module and SIPROTEC Merging Unit 6MU80. The vulnerability is information disclosure via the integrated web server (port 80) when network access is possible, allowing remote attackers to obtain sensitive device i...

Siemens SIPROTEC Information Disclosure Vulnerabilities (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : SIPROTEC 4 and SIPROTEC Compact Vulnerabilities : Information Exposure 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-16-140-02...