Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2018-4841 |
CWE-ID | CWE-303 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
TIM 1531 IRC Hardware solutions / Firmware |
Vendor | Siemens |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU11443
Risk: Low
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-4841
CWE-ID:
CWE-303 - Incorrect Implementation of Authentication Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions.
The weakness exists due to incorrect implementation of authentication algorithm. A remote attacker with network access to Port 80/TCP or Port 443/TCP can bypass security restrictions and perform administrative operations on the device, cause DoS condition, gain read or write access to arbitrary data on the target system.
Update to version 1.1.
Vulnerable software versionsTIM 1531 IRC: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.