Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02; SIPROTEC 7SJ686 : All versions < V 4.87; SIPROTEC 7UT686 : All versions < V 4.02; SIPROTEC 7SD686 : All versions < V 4.05; SIPROTEC 7SJ66 : All versions < V 4.30. Attackers with network access to the device's web interface (port 80/tcp) could possibly circumvent authentication and perform certain administrative operations. A legitimate user must be logged into the web interface for the attack to be successful.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Siemens SIPROTEC 4和SIPROTEC Compact EN100 Ethernet模块安全漏洞
Vulnerability Description
Siemens SIPROTEC 4和SIPROTEC Compact都是德国西门子(Siemens)公司的产品。Siemens SIPROTEC 4是一款具有友好人机界面的多功能继电器系列产品。SIPROTEC Compact是一款微机保护装置。EN100 Ethernet是其中的一个多格式编码器模块。 Siemens SIPROTEC 4和SIPROTEC Compact设备的EN100 Ethernet模块4.29之前的版本存在安全漏洞。远程攻击者可利用该漏洞绕过身份验证,获取管理员访问权限。
CVSS Information
N/A
Vulnerability Type
N/A