Siemens CP 1616 and CP 1604 Access Security Bypass Vulnerability

Bugtraq ID:	58696
Class:	Access Validation Error
CVE:	CVE-2013-0659
Remote:	Yes
Local:	No
Published:	Mar 25 2013 12:00AM
Updated:	Mar 25 2013 12:00AM
Credit:	Christopher Scheuring and Jürgen Bilberger from Daimler TSS GmbH
Vulnerable:	Siemens CP 1616 6GK1 161-6AA02 Siemens CP 1616 6GK1 161-6AA01 Siemens CP 1616 6GK1 161-6AA00 Siemens CP 1616 6GK1 160-4AU01 Siemens CP 1604 6GK1 160-4AU00 Siemens CP 1604 6GK1 160-4AA01 Siemens CP 1604 6GK1 160-4AA00
Not Vulnerable:

Siemens CP 1616 and CP 1604 Access Security Bypass Vulnerability

Siemens CP 1616 and CP 1604 modules are prone to a security-bypass vulnerability.

Attackers can exploit this issue to execute arbitrary code, obtain sensitive information, or cause denial-of-service conditions; this may aid in launching further attacks.

Siemens CP 1616 and CP 1604 Access Security Bypass Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].