Tim 4r Ie Firmware

tim_4r-ie_firmware

Vendor: Siemens • 9 CVEs

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-10939 1Siemens 5Tim 3v Ie Advanced Firmware Tim 3v Ie Dnp3 FirmwareTim 3v Ie Firmware+2 more Nov 21, 2024 Apr 14, 2020 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 A vulnerability has been identified in TIM 3V-IE (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All ve...Show more A vulnerability has been identified in TIM 3V-IE (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.3), TIM 4R-IE (incl. SIPLUS NET variants) (All versions < V2.8), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.3). The affected versions contain an open debug port that is available under certain specific conditions. The vulnerability is only available if the IP address is configured to 192.168.1.2. If available, the debug port could be exploited by an attacker with network access to the device. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known.Show less
CVE-2015-7855 4Debian NetappNtp+1 more 9Clustered Data Ontap Data OntapDebian Linux+6 more May 13, 2026 Aug 7, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
CVE-2015-7705 4Citrix NetappNtp+1 more 8Clustered Data Ontap Data OntapNtp+5 more May 13, 2026 Aug 7, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
CVE-2015-5219 10Canonical DebianFedoraproject+7 more 18Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+15 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a craft...Show more The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.Show less
CVE-2015-7977 8Canonical DebianFedoraproject+5 more 10Clustered Data Ontap Debian LinuxFedora+7 more May 13, 2026 Jan 30, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
CVE-2015-7973 5Canonical FreebsdNetapp+2 more 7Clustered Data Ontap FreebsdNtp+4 more May 13, 2026 Jan 30, 2017 N/A· v4 6.5 MEDIUM· v3 5.8 MEDIUM· v2 NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
CVE-2016-4954 5Ntp OpensuseOracle+2 more 12Leap Linux Enterprise DesktopLinux Enterprise Server+9 more May 6, 2026 Jul 5, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a...Show more The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.Show less
CVE-2016-4953 5Ntp OpensuseOracle+2 more 12Leap Linux Enterprise DesktopLinux Enterprise Server+9 more May 6, 2026 Jul 5, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.
CVE-2015-7974 4Debian NetappNtp+1 more 6Clustered Data Ontap Debian LinuxNtp+3 more May 6, 2026 Jan 26, 2016 N/A· v4 7.7 HIGH· v3 4.0 MEDIUM· v2 NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted k...Show more NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."Show less