Vulnerability identifier: #VU23599
Vulnerability risk: Medium
CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID:
CWE-ID:
CWE-306
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
SiNVR 3 Video Server
Server applications /
SCADA systems
Vendor: Siemens
Description
The vulnerability allows a remote attacker to gain access to sensitive information on the target system.
The vulnerability exists due to the HTTP service (default port 5401/tcp) contains an authentication bypass vulnerability. A remote attacker can read the SiNVR users database, including the passwords of all users in obfuscated cleartext.
Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versions
SiNVR 3 Video Server: All versions
External links
http://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.