35 matches found
EUVD-2018-16638
Malware in sbrugna...
EUVD-2018-16641
Malware in sbrugna...
EUVD-2018-16642
Malware in sbrugna...
EUVD-2018-16639
Malware in sbrugna...
EUVD-2018-16640
Malware in sbrugna...
EUVD-2018-16637
Malware in sbrugna...
Siemens SICLOCK TC Product Bypass Certification Vulnerability (CNVD-2018-12506)
The SICROCK product line offers components for synchronizing plant and system time. An authentication bypass vulnerability exists in Siemens SICLOCK TC products. An attacker with administrative access to the device management interface could lock out legitimate users...
Siemens SICLOCK TC Product Unauthorized Operation Vulnerability
The SICROCK product line offers components for synchronizing plant and system time. An unauthorized operation vulnerability exists in Siemens SICLOCK TC products. An attacker on network access port 69/UDP could modify the firmware of the device...
Siemens SICLOCK TC Product Denial of Service Vulnerability
The SICROCK product line offers components for synchronizing plant and system time. A denial of service vulnerability exists in Siemens SICLOCK TC products. An attacker with network access privileges could cause a denial of service condition by sending certain packets to the device, which could...
Siemens SICLOCK TC Product Bypass Certification Vulnerability
The SICROCK product line offers components for synchronizing plant and system time. An authentication bypass vulnerability exists in Siemens SICLOCK TC products. An attacker is allowed to perform reads and modify the device configuration...
Siemens SICLOCK TC Product Unauthorized Operation Vulnerability (CNVD-2018-12504)
The SICROCK product line offers components for synchronizing plant and system time. An unauthorized operation vulnerability exists in the Siemens SICLOCK TC product. An attacker could modify the management client stored on the device...
CVE-2018-4854
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device,...
Code injection
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device,...
Design/Logic Flaw
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...
CVE-2018-4855
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords...
CVE-2018-4851
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...
CVE-2018-4856
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users...
CVE-2018-4853
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the firmware of the device...
CVE-2018-4852
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could potentially circumvent the authentication mechanism if he/she is able to obtain certain knowledge specific to the attacked device...
Design/Logic Flaw
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users...