CVE-2017-9944
published 2017-12-27CVE-2017-9944: A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the…
PriorityP267critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.98%
85.6th percentile
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | 7kt_pac1200_data_manager_firmware | < 2.03 | 2.03 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated HTTP requests to administrative endpoints on port 80/tcp of Siemens 7KT PAC1200 data manager (7KT1260) devices, which may indicate exploitation of the authentication bypass. ↗
- →Flag any remote administrative operations performed over the network without prior authentication against the 7KT PAC1200 web interface (port 80/tcp), consistent with CWE-288 Authentication Bypass Using an Alternate Path or Channel. ↗
- ·All versions of the 7KT PAC1200 data manager (7KT1260) prior to V2.03 are vulnerable; the authentication bypass is present in the integrated web server on port 80/tcp. ↗
- ·No known public exploits specifically target this vulnerability at the time of advisory publication. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3rg5-wjqj-4q4g: A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2
ghsa_unreviewed·2022-05-13
CVE-2017-9944 [CRITICAL] CWE-269 GHSA-3rg5-wjqj-4q4g: A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network.
CISA ICS
Siemens 7KT PAC1200 Data Manager
cisa_ics·2017-10-05
Siemens 7KT PAC1200 Data Manager
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens 7KT PAC1200 Data Manager
Last RevisedOctober 05, 2017
Alert CodeICSA-17-278-02
## CVSS v3 9.8
ATTENTION: Remotely exploitable/low skill level to exploit.
Vendor: Siemens
Equipment: 7KT PAC1200 data manager
Vulnerability: Authentication Bypass Using an Alternate Path or Channel
## AFFECTED PRODUCTS
Siemens reports that the vulnerability affects the following versions of the 7KT PAC1200 data manager (7KT1260) from the SENTRON portfolio:
- 7KT PAC1200 data manager: All versions prior to V2.03
## IMPACT
Successful exploitation of this vulnerability could allow an att
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-12-27
Published