Multiple Siemens Desigo Automation Controllers CVE-2018-4834 Authentication Bypass Vulnerability

Bugtraq ID: 102850
Class: Design Error
CVE: CVE-2018-4834
Remote: Yes
Local: No
Published: Jan 25 2018 12:00AM
Updated: Jan 25 2018 12:00AM
Credit: Can Demirel and Melih Berk Eksioglu from Biznet Bilisim
Vulnerable: Siemens Desigo Operator Unit PXM20-E 6.0
Siemens Desigo Automation Controllers PXC00/64/128-U with Web module 6.0
Siemens Desigo Automation Controllers Modular PXC00/50/100/200-E.D 6.0
Siemens Desigo Automation Controllers for Integration PXC001-E.D 6.0
Siemens Desigo Automation Controllers Compact PXC12/22/36-E.D 6.0
Not Vulnerable: Siemens Desigo Operator Unit PXM20-E 6.0.204
Siemens Desigo Automation Controllers PXC00/64/128-U with Web module 6.0.204
Siemens Desigo Automation Controllers Modular PXC00/50/100/200-E.D 6.0.204
Siemens Desigo Automation Controllers for Integration PXC001-E.D 6.0.204
Siemens Desigo Automation Controllers Compact PXC12/22/36-E.D 6.0.204


 

Privacy Statement
Copyright 2010, SecurityFocus