CVE-2018-13808

A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Service condition. Successful exploitation requires network access to a vulnerable device. At the time of advisory publication no public exploitation of this vulnerability was known.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
siemensCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
VendorProductVersion
siemenscp_1604_firmware
𝑥
≤ 2.8
siemenscp_1616_firmware
𝑥
≤ 2.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf