28 matches found
EUVD-2018-2677
Malware in sbrugna...
EUVD-2018-2675
Malware in sbrugna...
EUVD-2018-2679
Malware in sbrugna...
Martem TELEM GW6/GWM Privilege Vulnerability
Martem TELEM GW6/GWM are both data processor products of Martem Estonia. A security vulnerability exists in previous versions of Martem TELEM GW6/GWM 2.0.87-4018403-k4. An attacker can exploit the vulnerability by connecting to the RTU using default credentials to modify/upload new system...
Default credentials
Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU...
CVE-2018-10605
Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU...
CVE-2018-10605
Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU...
CVE-2018-10605
CVE-2018-10605 affects Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4. The vulnerability stems from Incorrect Default Permissions (CWE-276): an attacker can connect to the RTU using default credentials to modify/upload a new system configuration or take full control of the RTU, due to m...
CVE-2018-10605
Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU...
CVE-2018-10603
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process...
Cross site scripting
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges...
CVE-2018-10603
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process...
Code injection
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...
CVE-2018-10607
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...
CVE-2018-10609
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges...
CVE-2018-10607
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...
CVE-2018-10609
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges...
Authentication flaw
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process...
CVE-2018-10603
CVE-2018-10603 affects Martem TELEM-GW6 and GWM devices running firmware 2018.04.18-linux_4-01-601cb47 and prior. The root cause is missing authentication for IEC-104 control commands (CWE-306), enabling a rogue node to remotely control the industrial process. Public documents confirm a high/seve...
CVE-2018-10603
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process...