VYPR

Simatic Logon

by Siemens Foundation

CVEs (2)

  • CVE-2017-2684CriFeb 22, 2017
    risk 0.59cvss 9.0epss 0.02

    Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.

  • CVE-2017-9938HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.03

    A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically.