cbcvebase.
CVE-2018-13816
published 2018-12-12

CVE-2018-13816: A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authentication on port 102/tcp, although configured…

PriorityP264critical10CVSS 3.0
AVNACLPRNUINSCCHIHAH
EPSS
2.80%
84.7th percentile
A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authentication on port 102/tcp, although configured. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. At the time of advisory publication no public exploitation of this vulnerability was known.

Affected

2 ranges
VendorProductVersion rangeFixed in
siemenstim_1531_irc_firmware< 2.02.0
siemens_agtim_1531_irc

Detection & IOCsextracted from sources · hover to see the quote

port102/tcp
  • Monitor for unauthenticated S7comm/ISO-TSAP connections on port 102/TCP to TIM 1531 IRC devices; any administrative operations performed without prior authentication handshake are indicative of exploitation.
  • Alert on inbound TCP connections to port 102 on TIM 1531 IRC devices originating from untrusted or unexpected IP addresses, as the vulnerability requires only network reachability with no credentials.
  • ·The missing authentication bypass only applies when the device has been configured (authentication is expected to be enforced); devices running firmware prior to v2.0 are affected regardless of their authentication configuration.
  • ·All TIM 1531 IRC firmware versions prior to 2.0 are vulnerable; upgrading to v2.0 and reloading the TIM station from engineering is required to remediate.

CVSS provenance

nvdv3.010.0CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.