CVE-2018-4840 in EN100 Ethernet Moduleinfo

Summary

A vulnerability has been identified in Siemens DIGSI 4 (All versions < V4.92), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 104 variant (All versions). The device engineering mechanism allows an unauthenticated remote user to upload a modified device configuration overwriting access authorization passwords.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

01/02/2018

Disclosure

03/08/2018

Moderation

VulDB entry created

Entries

VDB-114229 (1)

CPE

ready

CWE

CWE-284 (Confirmed)

CVSS

7.4

EPSS

0.00240

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-4840
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-4840
CVE Details	https://www.cvedetails.com/cve/CVE-2018-4840/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!