2 matches found
Siemens Climatix POL909 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION: Exploitable remotely Vendor: Siemens --------- Begin Update A Part 1 of 3 --------- Equipment: Climatix POL909 AWM and AWB modules --------- End Update A Part 1 of 3 --------- Vulnerability: Missing Encryption of Sensitive Data 2. RISK EVALUATION...
CVE-2021-40366
CVE-2021-40366 affects Siemens Climatix POL909 (AWB module) and POL909 (AWM module). The underlying issue is missing TLS encryption in the devices’ web server, enabling an unauthenticated remote attacker in a MITM position to read sensitive data (e.g., administrator credentials) or modify data in...