22 matches found
EUVD-2018-16639
Malware in sbrugna...
EUVD-2018-16640
Malware in sbrugna...
CVE-2018-4854
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device,...
Authentication flaw
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could potentially circumvent the authentication mechanism if he/she is able to obtain certain knowledge specific to the attacked device...
Code injection
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device,...
Design/Logic Flaw
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords...
Design/Logic Flaw
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the firmware of the device...
CVE-2018-4855
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords...
CVE-2018-4851
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...
CVE-2018-4856
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users...
Design/Logic Flaw
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users...
CVE-2018-4851
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...
CVE-2018-4851
The CVE-2018-4851 issue affects Siemens SICLOCK TC100 and TC400 (all versions). An attacker with network access can trigger a Denial-of-Service by sending specific packets, potentially rebooting the device and impacting core functionality. Time-serving resumes after time synchronization with GPS ...
CVE-2018-4855
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords...
CVE-2018-4853
CVE-2018-4853 affects Siemens SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). A network-accessible issue on UDP port 69 allows an attacker to modify the device firmware. Severity is rated as CRITICAL (CVSSv3 base score 9.8). Other details (root cause, specific vulnerable components...
CVE-2018-4852
CVE-2018-4852 affects Siemens SICLOCK TC100 and TC400 (all versions). A network attacker could bypass authentication by exploiting device-specific knowledge, potentially gaining read/modify access to configuration. NVD reports CVSSv3 base score 9.8 (CRITICAL) and CVSSv2 7.5 (HIGH); attack vector ...
CVE-2018-4854
The CVE-2018-4854 issue affects Siemens SICLOCK TC100/TC400 (all versions). A network-accessible UDP port 69/service allows an attacker to modify the device’s administrative client stored on the unit; if a legitimate user runs the modified client, the attacker could achieve code execution on the ...
CVE-2018-4855
CVE-2018-4855 affects Siemens SICLOCK TC100/TC400 (All versions). Root cause is unencrypted storage of passwords in client configuration files and during network transmission, enabling an attacker in a privileged position to obtain device access passwords. Public details describe an information d...
CVE-2018-4852
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could potentially circumvent the authentication mechanism if he/she is able to obtain certain knowledge specific to the attacked device...
CVE-2018-4856
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users...