Tim 4r-ie Firmware@* Security Vulnerabilities and Issues — Tim 4r-ie Firmware@* CVE List

Lucene search

SiemensTim 4r-ie Firmware*

9 matches found

CVE•added 2017/08/07 8:29 p.m.•207 views

CVE-2015-7705

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.

9.8CVSS9.4AI score0.29576EPSS

CVE•added 2017/07/21 2:29 p.m.•169 views

CVE-2015-5219

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

7.5CVSS7.1AI score0.0364EPSS

CVE•added 2017/01/30 9:59 p.m.•169 views

CVE-2015-7977

ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.

5.9CVSS6.3AI score0.09711EPSS

CVE•added 2017/08/07 8:29 p.m.•152 views

CVE-2015-7855

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.

6.5CVSS7.4AI score0.60881EPSS

CVE•added 2017/01/30 9:59 p.m.•150 views

CVE-2015-7973

NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.

6.5CVSS6.7AI score0.04588EPSS

CVE•added 2016/01/26 7:59 p.m.•141 views

CVE-2015-7974

NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

7.7CVSS7.6AI score0.03667EPSS

CVE•added 2016/07/05 1:59 a.m.•120 views

CVE-2016-4953

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

7.5CVSS7.3AI score0.16604EPSS

CVE•added 2016/07/05 1:59 a.m.•120 views

CVE-2016-4954

The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.

7.5CVSS6.9AI score0.07999EPSS

CVE•added 2020/04/14 8:15 p.m.•53 views

CVE-2019-10939

A vulnerability has been identified in TIM 3V-IE (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.3), TIM 4R-IE (incl. SIPLUS NET variants) (All versions &l...

9.8CVSS8.9AI score0.00444EPSS