cbcvebase.
CVE-2018-4841
published 2018-03-29

CVE-2018-4841: A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1). A remote attacker with network access to port 80/tcp or port 443/tcp could perform…

PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
4.93%
91.0th percentile
A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1). A remote attacker with network access to port 80/tcp or port 443/tcp could perform administrative operations on the device without prior authentication. Successful exploitation could allow to cause a denial-of-service, or read and manipulate data as well as configuration settings of the affected device. At the stage of publishing this security advisory no public exploitation is known. Siemens provides mitigations to resolve it.

Affected

2 ranges
VendorProductVersion rangeFixed in
siemenstim_1531_irc_firmware< 1.11.1
siemens_agtim_1531_irc

Detection & IOCsextracted from sources · hover to see the quote

port80/tcp
port443/tcp
  • Detect unauthenticated administrative HTTP/HTTPS requests to TIM 1531 IRC devices on port 80/TCP and 443/TCP — no authentication headers or session tokens will be present in exploit traffic.
  • Monitor for administrative operations (configuration reads/writes, data manipulation) originating from unexpected or external source IPs targeting TIM 1531 IRC devices on ports 80 and 443.
  • Flag any TIM 1531 IRC device running firmware versions prior to V1.1 as unpatched and at risk; version identification via banner grabbing on ports 80/443 can confirm exposure.
  • ·The vulnerability is classified as CWE-303 (Incorrect Implementation of Authentication Algorithm), meaning the device exposes administrative functions without enforcing authentication — network-level access controls are the primary compensating control until patching.
  • ·No public exploits were known at time of advisory publication, reducing (but not eliminating) immediate exploitation risk.
  • ·CVSS v3 base score is 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating network-reachable, zero-interaction, no-privilege exploitation with full CIA impact — treat any internet-exposed TIM 1531 IRC as critically at risk.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.