CVE-2018-4852

Summary

A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could potentially circumvent the authentication mechanism if he/she is able to obtain certain knowledge specific to the attacked device.

Affected Software

VendorProductVersion RangeStatus
Siemens AGSICLOCK TC100, SICLOCK TC400SICLOCK TC100 : All versionsaffected
Siemens AGSICLOCK TC100, SICLOCK TC400SICLOCK TC400 : All versionsaffected

Weaknesses

  • CWE-288: CWE-288: Authentication Bypass Using an Alternate Path or Channel

ADP Enrichment

CVE Program Container

Additional References

References