Lucene search
K

16 matches found

CNVD
CNVD
added 2018/10/16 12:0 a.m.2 views

Martem TELEM GW6/GWM Privilege Vulnerability

Martem TELEM GW6/GWM are both data processor products of Martem Estonia. A security vulnerability exists in previous versions of Martem TELEM GW6/GWM 2.0.87-4018403-k4. An attacker can exploit the vulnerability by connecting to the RTU using default credentials to modify/upload new system...

9CVSS8.8AI score0.01484EPSS
Exploits0References1
Prion
Prion
added 2018/10/01 4:29 p.m.17 views

Default credentials

Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU...

9CVSS8.9AI score0.01484EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2018/10/01 4:0 p.m.22 views

CVE-2018-10605

Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU...

8.6AI score0.01484EPSS
Exploits0References2
CVE
CVE
added 2018/10/01 4:0 p.m.40 views

CVE-2018-10605

CVE-2018-10605 affects Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4. The vulnerability stems from Incorrect Default Permissions (CWE-276): an attacker can connect to the RTU using default credentials to modify/upload a new system configuration or take full control of the RTU, due to m...

9CVSS8.5AI score0.01484EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/07/31 5:29 p.m.6 views

CVE-2018-10607

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...

7.5CVSS5.8AI score0.03199EPSS
Exploits0References3
Prion
Prion
added 2018/07/31 5:29 p.m.14 views

Code injection

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...

5CVSS7.8AI score0.03199EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2018/07/31 5:29 p.m.19 views

CVE-2018-10609

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges...

6.1CVSS7AI score0.02304EPSS
Exploits0References3
NVD
NVD
added 2018/07/31 5:29 p.m.16 views

CVE-2018-10607

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...

7.5CVSS7.9AI score0.03199EPSS
Exploits0References3
NVD
NVD
added 2018/07/31 5:29 p.m.16 views

CVE-2018-10603

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process...

9.8CVSS9.8AI score0.03413EPSS
Exploits0References2
Prion
Prion
added 2018/07/31 5:29 p.m.16 views

Authentication flaw

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process...

7.5CVSS9.6AI score0.03413EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2018/07/31 5:0 p.m.22 views

CVE-2018-10603

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process...

9.7AI score0.03413EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/07/31 5:0 p.m.22 views

CVE-2018-10607

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...

7.5AI score0.03199EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/07/31 5:0 p.m.20 views

CVE-2018-10609

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges...

6.5AI score0.02304EPSS
Exploits0References3
CNVD
CNVD
added 2018/05/28 12:0 a.m.2 views

Martem TELEM-GW6/GWM Cross-Site Scripting Vulnerability

Martem specializes in providing remote control systems for monitoring and controlling distribution networks, and its customers include distribution companies as well as industrial and transportation companies that own their own power grids. A cross-site scripting vulnerability exists in Martem...

6.1CVSS6.8AI score0.02304EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/28 12:0 a.m.5 views

Martem TELEM-GW6/GWM Critical Function Missing Authentication Vulnerability

Martem specializes in providing remote control systems for monitoring and controlling distribution networks, and its customers include distribution companies as well as industrial and transportation companies that own their own power grids. A critical function missing authentication vulnerability...

9.8CVSS7.5AI score0.03413EPSS
Exploits0References1
ICS
ICS
added 2018/05/22 12:0 a.m.61 views

Martem TELEM-GW6/GWM (Update B)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Martem Equipment : TELEM-GW6/GWM --------- Begin Update B Part 1 of 5 -------- Vulnerabilities : Missing Authentication for Critical Function, Incorrect Default Permissions, Resource Exhaustion,...

9.8CVSS8.9AI score0.03413EPSS
Exploits0References5
Rows per page
Query Builder