Vulnerabilities > CVE-2018-4836 - Unspecified vulnerability in Siemens Telecontrol Server Basic 3.0

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

siemens

NVD

Published: 2018-01-25

Updated: 2019-10-09

Summary

A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations.

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens Telecontrol Server Basic 3.0	1

References

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf
http://www.securityfocus.com/bid/102904
http://www.securityfocus.com/bid/102897