CVE-2018-4841
Last modified
CVE-2018-4841 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1). A remote attacker with network access to port 80/tcp or port 443/tcp could perform administrative operations on the device without prior authentication. EPSS estimates a 4.93% chance of exploitation in the next 30 days.
Description
A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1). A remote attacker with network access to port 80/tcp or port 443/tcp could perform administrative operations on the device without prior authentication. Successful exploitation could allow to cause a denial-of-service, or read and manipulate data as well as configuration settings of the affected device. At the stage of publishing this security advisory no public exploitation is known. Siemens provides mitigations to resolve it.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Tim 1531 Irc Firmware | < 1.1 |
References
- http://www.securityfocus.com/bid/103576Broken Link, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/103576Broken Link, Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-4841?
How severe is CVE-2018-4841?
How do I fix CVE-2018-4841?
Are you affected by CVE-2018-4841?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST