Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-13816

A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authentication on port 102/tcp, although configured. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. At the time of advisory publication no public exploitation of this vulnerability was known.

Published

2018-12-12T16:29:00.747

Last Modified

2024-11-21T03:48:07.913

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 10.0 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Secondary
CWE-284
Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	tim_1531_irc_firmware	< 2.0	Yes
Hardware	siemens	tim_1531_irc	-	No

References

http://www.securityfocus.com/bid/106194 Third Party Advisory, VDB Entry ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-982399.pdf Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/106194 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-982399.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)