CVE-2018-4839 in EN100 Ethernet Moduleinfo

Summary

A vulnerability has been identified in Siemens DIGSI 4 (All versions < V4.92), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), SIPROTEC Compact 7SJ80 (All versions < V4.77), SIPROTEC Compact 7SK80 (All versions < V4.77), SIPROTEC Compact 7SJ66 (All versions < V4.30), Other SIPROTEC Compact relays (All versions), Other SIPROTEC 4 relays (All versions). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

01/02/2018

Disclosure

03/08/2018

Moderation

VulDB entry created

Entries

1: VDB-114228

CPE

ready

CWE

CWE-285 (Confirmed)

CVSS

5.1

EPSS

0.00128

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-4839
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-4839
CVE Details	https://www.cvedetails.com/cve/CVE-2018-4839/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!