Vulnerability in Siemens SIMATIC NET Communication Processors
CVE-2015-8214

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic Cp 443-1 Firmware
Vendor: CVE Published:; 27 November 2015

Summary

A security vulnerability has been identified in several Siemens SIMATIC NET communication processors. This issue may allow unauthenticated users to execute administrative actions due to inadequate enforcement of access protection levels. If network access to port 102/TCP is available and the processors' configuration is stored on their corresponding CPUs, malicious entities could exploit this flaw to gain unauthorized access and control over the communication processors.

References

http://www.securityfocus.com/bid/78345

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1034279

vdb-entryx_refsource_SECTRACK

http://www.siemens.com/cert/pool/cert/siemens_security_ad...

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 27, 2015
Vulnerability Reserved
Nov 16, 2015