Data Access Vulnerability in Siemens OZW672 and OZW772 Products
CVE-2017-6872

6.5MEDIUM

Key Information:

Vendor: Siemens
Status: Ozw672, Ozw772
Vendor: CVE Published:; 8 August 2017

What is CVE-2017-6872?

A vulnerability has been identified in Siemens OZW672 and OZW772 products, allowing an attacker with access to TCP port 21 to potentially access or modify historical measurement data stored on the device. This exposure could lead to unauthorized data manipulation and compromise the integrity of the measurement system.

Affected Version(s)

OZW672, OZW772 OZW672, OZW772

References

http://www.securityfocus.com/bid/99473

vdb-entryx_refsource_BID

https://www.siemens.com/cert/pool/cert/siemens_security_a...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 8, 2017
Vulnerability Reserved
Mar 13, 2017