25 matches found
EUVD-2018-16626
Malware in sbrugna...
EUVD-2020-17935
Malware in sbrugna...
CVE-2020-25245
A vulnerability has been identified in DIGSI 4 All versions V4.94 SP1 HF 1. Several folders in the %PATH% are writeable by normal users. As these folders are included in the search for dlls, an attacker could place dlls there with code executed by SYSTEM...
Siemens SIPROTEC 4, SIPROTEC Compact, DIGSI 4, and EN100 Ethernet Module Missing Authentication For Critical Function (CVE-2018-4840)
A vulnerability has been identified in DIGSI 4 All versions V4.92, EN100 Ethernet module DNP3 variant All versions V1.05.00, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.30, EN100 Ethernet module Modbus TCP variant All versions, EN100...
Siemens SIPROTEC 4, SIPROTEC Compact, DIGSI 4, and EN100 Ethernet Module Inadequate Encryption Strength (CVE-2018-4839)
A vulnerability has been identified in DIGSI 4 All versions V4.92, EN100 Ethernet module DNP3 variant All versions V1.05.00, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.30, EN100 Ethernet module Modbus TCP variant All versions, EN100...
SIEMENS DIGSI 4 Privilege License and Access Control Issues Vulnerability
SIEMENS DIGSI 4 is a driver from SIEMENS USA. Provides device driver functionality. A privilege license and access control issue vulnerability exists in SIEMENS DIGSI 4. The vulnerability stems from the fact that several folders in \%PATH\% can be written to by a normal user, and can be exploited...
Siemens DIGSI 4 Elevation of Privilege Vulnerability
DIGSI 4 is the operating and configuration software for the SIPROTEC 4 and SIPROTEC Compact Protection Unit. An elevation of privilege vulnerability exists in Siemens DIGSI 4. An attacker could exploit the vulnerability by placing a DLL with system-executed code...
CVE-2020-25245
A vulnerability has been identified in DIGSI 4 All versions V4.94 SP1 HF 1. Several folders in the %PATH% are writeable by normal users. As these folders are included in the search for dlls, an attacker could place dlls there with code executed by SYSTEM...
Design/Logic Flaw
A vulnerability has been identified in DIGSI 4 All versions V4.94 SP1 HF 1. Several folders in the %PATH% are writeable by normal users. As these folders are included in the search for dlls, an attacker could place dlls there with code executed by SYSTEM...
CVE-2020-25245
A vulnerability has been identified in DIGSI 4 All versions V4.94 SP1 HF 1. Several folders in the %PATH% are writeable by normal users. As these folders are included in the search for dlls, an attacker could place dlls there with code executed by SYSTEM...
CVE-2020-25245
CVE-2020-25245 affects Siemens DIGSI 4 (all versions before v4.94 SP1 HF 1). The root cause is that several folders in %PATH% are writable by normal users and are included in DLL search paths, enabling a local attacker to place DLLs that execute code with SYSTEM privileges. Impact described acros...
Siemens DIGSI 4
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: DIGSI 4 Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low privileged attacker to execute arbitrary code with SYSTEM...
Siemens Siprotec Unspecified Vulnerability
A vulnerability has been identified in Siemens DIGSI 4 All versions V4.92, EN100 Ethernet module IEC 61850 variant All versions V4.30, EN100 Ethernet module PROFINET IO variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module DNP3 variant All versions,...
CVE-2018-4858
A vulnerability has been identified in IEC 61850 system configurator All versions V5.80, DIGSI 5 affected as IEC 61850 system configurator is incorporated All versions V7.80, DIGSI 4 All versions V4.93, SICAM PAS/PQS All versions V8.11, SICAM PQ Analyzer All versions V3.11, SICAM SCC All versions...
CVE-2018-4858
Siemens CVE-2018-4858 affects IEC 61850 system configurator family (IEC 61850 system configurator < v5.80; DIGSI 5 < v7.80; DIGSI 4 < v4.93; SICAM PAS/PQS < v8.11; SICAM PQ Analyzer < v3.11; SICAM SCC
ICSA-18-317-01 Siemens IEC 61850 System Configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC
1. EXECUTIVE SUMMARY CVSS v3 4.2 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: IEC 61850 system configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability...
Authorization
A vulnerability has been identified in DIGSI 4 All versions V4.92, EN100 Ethernet module DNP3 variant All versions V1.05.00, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.30, EN100 Ethernet module Modbus TCP variant All versions, EN100...
Authorization
A vulnerability has been identified in DIGSI 4 All versions V4.92, EN100 Ethernet module DNP3 variant All versions V1.05.00, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.30, EN100 Ethernet module Modbus TCP variant All versions, EN100...
CVE-2018-4840
A vulnerability has been identified in DIGSI 4 All versions V4.92, EN100 Ethernet module DNP3 variant All versions V1.05.00, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.30, EN100 Ethernet module Modbus TCP variant All versions, EN100...
CVE-2018-4839
A vulnerability has been identified in DIGSI 4 All versions V4.92, EN100 Ethernet module DNP3 variant All versions V1.05.00, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.30, EN100 Ethernet module Modbus TCP variant All versions, EN100...