cbcvebase.
CVE-2016-7112
published 2016-09-06

CVE-2016-7112: A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100…

PriorityP266critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.86%
85.0th percentile
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. Attackers with network access to the device's web interface (port 80/tcp) could possibly circumvent authentication and perform certain administrative operations.

Affected

1 ranges
VendorProductVersion rangeFixed in
siemensen100_ethernet_module_firmware<= 4.28

Detection & IOCsextracted from sources · hover to see the quote

port80/tcp
  • Monitor for unauthenticated or anomalous HTTP requests to port 80/TCP on Siemens EN100 Ethernet module web interfaces; authentication bypass may allow administrative operations without valid credentials.
  • Low-skill remote exploitation is confirmed; any external or lateral network access to port 80/TCP on affected EN100 modules should be treated as high-risk and alerted upon.
  • ·Vulnerability affects multiple EN100 firmware variants with different version thresholds; ensure version checks cover all variants (PROFINET IO < V1.04.01, Modbus TCP < V1.11.00, DNP3 TCP < V1.03, IEC 104 < V1.21, SIPROTEC Merging Unit 6MU80 < 1.02.02).
  • ·No known public exploits specifically target this vulnerability at time of advisory publication.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.