QwikSec

Security Database

CVE

CWE

Training

CVE-2017-6868

Published: Jul 7, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA's CPU.

Vendor	Product	Versions
n/a	Siemens SIMATIC CP 44x-1 Redundant Network Access Modules	affected `Siemens SIMATIC CP 44x-1 Redundant Network Access Modules`

Weaknesses (CWE)

References

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_SECTRACK

https://ics-cert.us-cert.gov/advisories/ICSA-17-173-01

x_refsource_MISC

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.