CVE-2017-6868
N/A
N/A
Summary
An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA's CPU.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Siemens SIMATIC CP 44x-1 Redundant Network Access Modules | Siemens SIMATIC CP 44x-1 Redundant Network Access Modules | affected |
Weaknesses
- CWE-287: CWE-287
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/99234
- http://www.securitytracker.com/id/1038788
- https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01
- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf
References
- http://www.securityfocus.com/bid/99234
- http://www.securitytracker.com/id/1038788
- https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01
- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.