Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18322. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Siemens SPPA-T3000 授权问题漏洞
Vulnerability Description
Siemens SPPA-T3000是德国西门子(Siemens)公司的一套主要用于发电厂的分布式控制系统。 Siemens SPPA-T3000 MS3000 Migration Server(全部版本)中存在授权问题漏洞,该漏洞源于不正确的身份验证。远程攻击者可通过发送特制数据包到5010 tcp端口利用该漏洞在本地文件系统上读写任意文件。
CVSS Information
N/A
Vulnerability Type
N/A