22 matches found
EUVD-2018-16640
Malware in sbrugna...
EUVD-2018-16639
Malware in sbrugna...
CVE-2018-4851
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...
Code injection
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device,...
CVE-2018-4856
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users...
Design/Logic Flaw
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the firmware of the device...
Authentication flaw
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could potentially circumvent the authentication mechanism if he/she is able to obtain certain knowledge specific to the attacked device...
Design/Logic Flaw
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords...
CVE-2018-4854
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device,...
CVE-2018-4855
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords...
Design/Logic Flaw
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users...
CVE-2018-4856
The CVE-2018-4856 issue affects Siemens SICLOCK TC100 and TC400 (All versions). Concretely, an attacker with administrative access to the device management interface can lock out legitimate users, requiring manual interaction to restore access. Some connected sources describe an authentication by...
CVE-2018-4855
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords...
CVE-2018-4854
The CVE-2018-4854 issue affects Siemens SICLOCK TC100/TC400 (all versions). A network-accessible UDP port 69/service allows an attacker to modify the device’s administrative client stored on the unit; if a legitimate user runs the modified client, the attacker could achieve code execution on the ...
CVE-2018-4856
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users...
CVE-2018-4853
CVE-2018-4853 affects Siemens SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). A network-accessible issue on UDP port 69 allows an attacker to modify the device firmware. Severity is rated as CRITICAL (CVSSv3 base score 9.8). Other details (root cause, specific vulnerable components...
CVE-2018-4855
CVE-2018-4855 affects Siemens SICLOCK TC100/TC400 (All versions). Root cause is unencrypted storage of passwords in client configuration files and during network transmission, enabling an attacker in a privileged position to obtain device access passwords. Public details describe an information d...
CVE-2018-4851
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...
CVE-2018-4852
CVE-2018-4852 affects Siemens SICLOCK TC100 and TC400 (all versions). A network attacker could bypass authentication by exploiting device-specific knowledge, potentially gaining read/modify access to configuration. NVD reports CVSSv3 base score 9.8 (CRITICAL) and CVSSv2 7.5 (HIGH); attack vector ...
CVE-2018-4853
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the firmware of the device...