Search
Total
256 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32251 | 1 Siemens | 1 Sinema Remote Connect Server | 2022-06-22 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the permissions of any user and gain the privileges of an administrative user. | |||||
| CVE-2022-30230 | 1 Siemens | 1 Sicam Gridedge Essential | 2022-06-22 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to create a new user with administrative permissions. | |||||
| CVE-2019-9201 | 1 Phoenixcontact | 16 Axc 1050, Axc 1050 Firmware, Ilc 131 Eth and 13 more | 2022-06-21 | 9.0 HIGH | 9.8 CRITICAL |
| Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories. | |||||
| CVE-2022-29226 | 1 Envoyproxy | 1 Envoy | 2022-06-16 | 6.4 MEDIUM | 9.1 CRITICAL |
| Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter implementation does not include a mechanism for validating access tokens, so by design when the HMAC signed cookie is missing a full authentication flow should be triggered. However, the current implementation assumes that access tokens are always validated thus allowing access in the presence of any access token attached to the request. Users are advised to upgrade. There is no known workaround for this issue. | |||||
| CVE-2022-1388 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2022-05-12 | 7.5 HIGH | 9.8 CRITICAL |
| On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
| CVE-2022-1300 | 1 Trumpf | 3 Trutops Boost, Trutops Fab, Trutops Monitor | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of the whole service. | |||||
| CVE-2022-28719 | 1 Hammock | 1 Assetview | 2022-05-09 | 9.3 HIGH | 9.8 CRITICAL |
| Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code with the administrative privilege. | |||||
| CVE-2021-36124 | 1 Echobh | 1 Sharecare | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or authorization checks when accessing a subset of sensitive resources, leading to the ability for unauthenticated users to access pages that are vulnerable to attacks such as SQL injection. | |||||
| CVE-2021-30190 | 1 Codesys | 1 V2 Web Server | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. | |||||
| CVE-2020-12500 | 1 Pepperl-fuchs | 26 Es7506, Es7506 Firmware, Es7510 and 23 more | 2022-04-29 | 7.5 HIGH | 9.8 CRITICAL |
| Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration. | |||||
| CVE-2020-6287 | 1 Sap | 1 Netweaver Application Server Java | 2022-04-28 | 10.0 HIGH | 10.0 CRITICAL |
| SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check. | |||||
| CVE-2020-12720 | 1 Vbulletin | 1 Vbulletin | 2022-04-27 | 7.5 HIGH | 9.8 CRITICAL |
| vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control. | |||||
| CVE-2020-13382 | 1 Os4ed | 1 Opensis | 2022-04-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| openSIS through 7.4 has Incorrect Access Control. | |||||
| CVE-2020-9480 | 2 Apache, Oracle | 2 Spark, Business Intelligence | 2022-04-26 | 9.3 HIGH | 9.8 CRITICAL |
| In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even without the shared key. This can be leveraged to execute shell commands on the host machine. This does not affect Spark clusters using other resource managers (YARN, Mesos, etc). | |||||
| CVE-2020-29551 | 1 Urve | 1 Urve | 2022-04-26 | 8.5 HIGH | 9.1 CRITICAL |
| An issue was discovered in URVE Build 24.03.2020. Using the _internal/pc/shutdown.php path, it is possible to shutdown the system. Among others, the following files and scripts are also accessible: _internal/pc/abort.php, _internal/pc/restart.php, _internal/pc/vpro.php, _internal/pc/wake.php, _internal/error_u201409.txt, _internal/runcmd.php, _internal/getConfiguration.php, ews/autoload.php, ews/del.php, ews/mod.php, ews/sync.php, utils/backup/backup_server.php, utils/backup/restore_server.php, MyScreens/timeline.config, kreator.html5/test.php, and addedlogs.txt. | |||||
| CVE-2019-18284 | 1 Siemens | 1 Sppa-t3000 Application Server | 2022-02-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other users and to change user passwords. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||
| CVE-2021-22823 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Collector | 2022-02-18 | 5.0 MEDIUM | 9.1 CRITICAL |
| A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior) | |||||
| CVE-2021-22805 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Collector | 2022-02-18 | 5.0 MEDIUM | 9.1 CRITICAL |
| A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) | |||||
| CVE-2019-6808 | 1 Schneider-electric | 8 Modicon M340, Modicon M340 Firmware, Modicon M580 and 5 more | 2022-02-03 | 7.5 HIGH | 9.8 CRITICAL |
| A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus. | |||||
| CVE-2022-23944 | 1 Apache | 1 Shenyu | 2022-02-01 | 6.4 MEDIUM | 9.1 CRITICAL |
| User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1. | |||||
| CVE-2022-23227 | 1 Nuuo | 2 Nvrmini2, Nvrmini2 Firmware | 2022-01-21 | 10.0 HIGH | 9.8 CRITICAL |
| NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root. | |||||
| CVE-2021-43832 | 1 Linuxfoundation | 1 Spinnaker | 2022-01-14 | 7.5 HIGH | 9.8 CRITICAL |
| Spinnaker is an open source, multi-cloud continuous delivery platform. Spinnaker has improper permissions allowing pipeline creation & execution. This lets an arbitrary user with access to the gate endpoint to create a pipeline and execute it without authentication. If users haven't setup Role-based access control (RBAC) with-in spinnaker, this enables remote execution and access to deploy almost any resources on any account. Patches are available on the latest releases of the supported branches and users are advised to upgrade as soon as possible. Users unable to upgrade should enable RBAC on ALL accounts and applications. This mitigates the ability of a pipeline to affect any accounts. Block application access unless permission are enabled. Users should make sure ALL application creation is restricted via appropriate wildcards. | |||||
| CVE-2021-45232 | 1 Apache | 1 Apisix Dashboard | 2022-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication. | |||||
| CVE-2019-10919 | 1 Siemens | 2 Logo\!8 Bm, Logo\!8 Bm Firmware | 2022-01-04 | 7.5 HIGH | 9.4 CRITICAL |
| A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||
| CVE-2020-6170 | 1 Genexis | 2 Platinum-4410, Platinum-4410 Firmware | 2022-01-01 | 5.0 MEDIUM | 9.8 CRITICAL |
| An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials from the HTML source code of the cgi-bin/index2.asp URI. | |||||
| CVE-2020-24217 | 3 Jtechdigital, Provideoinstruments, Szuray | 105 H.264 Iptv Encoder 1080p\@60hz, H.264 Iptv Encoder 1080p\@60hz Firmware, Vecaster-4k-hevc and 102 more | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpoint does not enforce authentication. Attackers can send an unauthenticated HTTP request to upload a custom firmware component, possibly in conjunction with command injection, to achieve arbitrary code execution. | |||||
| CVE-2021-22279 | 1 Abb | 2 Omnicore C30, Omnicore C30 Firmware | 2021-12-17 | 9.3 HIGH | 9.8 CRITICAL |
| A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port. | |||||
| CVE-2021-42783 | 1 Dlink | 2 Dwr-932c, Dwr-932c E1 Firmware | 2021-11-29 | 10.0 HIGH | 9.8 CRITICAL |
| Missing Authentication for Critical Function vulnerability in debug_post_set.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions. | |||||
| CVE-2021-41266 | 1 Min | 1 Minio Console | 2021-11-19 | 6.8 MEDIUM | 9.8 CRITICAL |
| Minio console is a graphical user interface for the for MinIO operator. Minio itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. All users on release v0.12.2 and before are affected and are advised to update to 0.12.3 or newer. Users unable to upgrade should add automountServiceAccountToken: false to the operator-console deployment in Kubernetes so no service account token will get mounted inside the pod, then disable the external identity provider authentication by unset the CONSOLE_IDP_URL, CONSOLE_IDP_CLIENT_ID, CONSOLE_IDP_SECRET and CONSOLE_IDP_CALLBACK environment variable and instead use the Kubernetes service account token. | |||||
| CVE-2020-16098 | 1 Gallagher | 1 Command Centre | 2021-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166(MR3), versions of 8.10 prior to v8.10.1211(MR5), versions of 8.00 prior to v8.00.1228(MR6), all versions of 7.90 and earlier. These credentials can then be used to encode low security cards to be used by the system where insecure card technologies are supported. | |||||
| CVE-2020-15243 | 1 Smartstore | 1 Smartstore | 2021-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| Affected versions of Smartstore have a missing WebApi Authentication attribute. This vulnerability affects Smartstore shops in version 4.0.0 & 4.0.1 which have installed and activated the Web API plugin. Users of Smartstore 4.0.0 and 4.0.1 must merge their repository with 4.0.x or overwrite the file SmartStore.Web.Framework in the */bin* directory of the deployed shop with this file. As a workaround without updating uninstall the Web API plugin to close this vulnerability. | |||||
| CVE-2020-12506 | 1 Wago | 14 750-362, 750-362 Firmware, 750-363 and 11 more | 2021-11-17 | 6.4 MEDIUM | 9.1 CRITICAL |
| Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO 750-832/xxx-xxx, WAGO 750-862, WAGO 750-891, WAGO 750-890/xxx-xxx in versions FW03 and prior versions. | |||||
| CVE-2020-12505 | 1 Wago | 14 750-831, 750-831 Firmware, 750-852 and 11 more | 2021-11-17 | 6.4 MEDIUM | 9.1 CRITICAL |
| Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below. | |||||
| CVE-2019-19104 | 2 Abb, Busch-jaeger | 4 Tg\/s3.2, Tg\/s3.2 Firmware, 6186\/11 and 1 more | 2021-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. This issue allows obtaining sensitive information that may aid in further attacks and privilege escalation. | |||||
| CVE-2019-17146 | 1 Dlink | 4 Dcs-935l, Dcs-935l Firmware, Dcs-960l and 1 more | 2021-10-29 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the SOAPAction request header, the process does not properly validate the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8458. | |||||
| CVE-2021-38540 | 1 Apache | 1 Airflow | 2021-09-21 | 7.5 HIGH | 9.8 CRITICAL |
| The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. This allowed unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information disclosure or remote code execution. This issue affects Apache Airflow >=2.0.0, <2.1.3. | |||||
| CVE-2021-28913 | 1 Bab-technologie | 2 Eibport, Eibport Firmware | 2021-09-20 | 10.0 HIGH | 9.8 CRITICAL |
| BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. This is usable and part of an attack chain to gain SSH root access. | |||||
| CVE-2019-5617 | 1 Gatech | 1 Computing For Good\'s Basic Laboratory Information System | 2021-09-14 | 7.5 HIGH | 9.8 CRITICAL |
| Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.4 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may change the password of any administrator-level user. | |||||
| CVE-2019-5644 | 1 Gatech | 1 Computing For Good\'s Basic Laboratory Information System | 2021-09-14 | 7.5 HIGH | 9.8 CRITICAL |
| Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator. | |||||
| CVE-2019-12288 | 2 Vstarcam, Vstracm | 4 C7824iwp, C7824iwp Firmware, C38s and 1 more | 2021-09-13 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V (C38S) KR203.18.1.20 devices. The web service, network, and account files can be manipulated through a web UI firmware update without any authentication. The attacker can achieve access to the device through a manipulated web UI firmware update. | |||||
| CVE-2015-2888 | 1 Summerinfant | 2 Baby Zoom Wifi Monitor, Baby Zoom Wifi Monitor Firmware | 2021-09-13 | 7.5 HIGH | 9.8 CRITICAL |
| Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service. | |||||
| CVE-2020-25563 | 1 Sapphireims | 1 Sapphireims | 2021-08-16 | 7.5 HIGH | 9.8 CRITICAL |
| In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature and not having a JSESSIONID. | |||||
| CVE-2021-37843 | 1 Atlassian | 1 Saml Single Sign On | 2021-08-11 | 7.5 HIGH | 9.8 CRITICAL |
| The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user account when only the username is known (i.e., no other authentication is provided). The fixed versions are for Jira: 3.6.6.1, 4.0.12, 5.0.5; for Confluence 3.6.6, 4.0.12, 5.0.5; for Bitbucket 2.5.9, 3.6.6, 4.0.12, 5.0.5; for Bamboo 2.5.9, 3.6.6, 4.0.12, 5.0.5; and for Fisheye 2.5.9. | |||||
| CVE-2020-15798 | 1 Siemens | 4 Simatic Hmi Comfort Panels, Simatic Hmi Comfort Panels Firmware, Simatic Hmi Ktp Mobile Panels and 1 more | 2021-08-10 | 9.3 HIGH | 9.8 CRITICAL |
| A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet service do not require authentication for this service. This could allow a remote attacker to gain full access to the device. (ZDI-CAN-12046) | |||||
| CVE-2017-2637 | 1 Redhat | 1 Openstack | 2021-08-04 | 10.0 HIGH | 10.0 CRITICAL |
| A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. | |||||
| CVE-2020-15851 | 1 Nakivo | 1 Backup \& Replication Transporter | 2021-07-30 | 7.5 HIGH | 9.8 CRITICAL |
| Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete backup repositories. | |||||
| CVE-2021-22772 | 1 Schneider-electric | 6 T200e, T200e Firmware, T200i and 3 more | 2021-07-28 | 7.5 HIGH | 9.8 CRITICAL |
| A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 ((Modbus) SC2-04MOD-07000100 and earlier), Easergy T200 ((IEC104) SC2-04IEC-07000100 and earlier), and Easergy T200 ((DNP3) SC2-04DNP-07000102 and earlier) that could cause unauthorized operation when authentication is bypassed. | |||||
| CVE-2021-33221 | 1 Commscope | 1 Ruckus Iot Controller | 2021-07-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints. | |||||
| CVE-2020-35184 | 1 Docker | 1 Composer Docker Image | 2021-07-08 | 10.0 HIGH | 9.8 CRITICAL |
| The official composer docker images before 1.8.3 contain a blank password for a root user. System using the composer docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | |||||
| CVE-2021-31337 | 1 Siemens | 6 Sinamics Sl150, Sinamics Sl150 Firmware, Sinamics Sm150 and 3 more | 2021-07-02 | 6.8 MEDIUM | 9.8 CRITICAL |
| The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions). | |||||