Authentication bypass in TIM 1531 IRC - CVE-2018-13816
Published: December 17, 2018
Vulnerability identifier: #VU16563
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2018-13816
CWE-ID: CWE-592
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Siemens
Affected software:
TIM 1531 IRC
TIM 1531 IRC
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass authentication on the target system.
The weakness exists due to missing of proper authentication on port 102/tcp, although configured. A remote attacker can send packets to port 102/tcp, bypass authentication and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists due to missing of proper authentication on port 102/tcp, although configured. A remote attacker can send packets to port 102/tcp, bypass authentication and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
How to mitigate CVE-2018-13816
Update to version 2.0.