cbcvebase.
CVE-2017-9944
published 2017-12-27

CVE-2017-9944: A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the…

PriorityP267critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.98%
85.6th percentile
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network.

Affected

1 ranges
VendorProductVersion rangeFixed in
siemens7kt_pac1200_data_manager_firmware< 2.032.03

Detection & IOCsextracted from sources · hover to see the quote

port80/tcp
  • Monitor for unauthenticated HTTP requests to administrative endpoints on port 80/tcp of Siemens 7KT PAC1200 data manager (7KT1260) devices, which may indicate exploitation of the authentication bypass.
  • Flag any remote administrative operations performed over the network without prior authentication against the 7KT PAC1200 web interface (port 80/tcp), consistent with CWE-288 Authentication Bypass Using an Alternate Path or Channel.
  • ·All versions of the 7KT PAC1200 data manager (7KT1260) prior to V2.03 are vulnerable; the authentication bypass is present in the integrated web server on port 80/tcp.
  • ·No known public exploits specifically target this vulnerability at the time of advisory publication.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.