CVE-2016-8561

6.6MEDIUM

Key Information:

Vendor
Siemens
Status
Simatic Cp 1543-1 Firmware
Vendor
CVE Published:
18 November 2016

Summary

A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Users with elevated privileges to TIA-Portal and project data on the engineering station could possibly get privileged access on affected devices.

References

http://www.securityfocus.com/bid/94436
vdb-entryx_refsource_BID
https://ics-cert.us-cert.gov/advisories/ICSA-16-327-01
x_refsource_MISC
http://www.siemens.com/cert/pool/cert/siemens_security_ad...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.