CVE-2018-13816

Published: Dec 12, 2018Modified: Nov 21, 2024

10.0

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 6.0

Source: NVD

Description

A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authentication on port 102/tcp, although configured. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. At the time of advisory publication no public exploitation of this vulnerability was known.

Affected (1)

Products: Siemens: Tim 1531 Irc Firmware

1 product

Tim 1531 Irc Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Tim 1531 Irc Firmware	Before 2.0

Running on/with	Platform Versions
Siemens Tim 1531 Irc	All versions

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (4)

http://www.securityfocus.com/bid/106194

Source: productcert@siemens.com

Third Party AdvisoryVDB Entry

https://cert-portal.siemens.com/productcert/pdf/ssa-982399.pdf

Source: productcert@siemens.com

Vendor Advisory

http://www.securityfocus.com/bid/106194

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://cert-portal.siemens.com/productcert/pdf/ssa-982399.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.