TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2016-8367

MEDIUM
5.3

Beschreibung

An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker can open multiple connections to a targeted web server and keep connections open preventing new connections from being made, rendering the web server unavailable during an attack.

CVE Details

CVSS v3.1 Bewertung5.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht2/13/2017
Zuletzt geandert4/20/2025
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

schneider-electric:magelis_gto_advanced_optimum_panelschneider-electric:magelis_gto_advanced_optimum_panel_firmwareschneider-electric:magelis_gtu_universal_panelschneider-electric:magelis_gtu_universal_panel_firmwareschneider-electric:magelis_sto5_small_panelschneider-electric:magelis_sto5_small_panel_firmwareschneider-electric:magelis_stu_small_panelschneider-electric:magelis_stu_small_panel_firmwareschneider-electric:magelis_xbt_gh_advanced_hand-held_panelschneider-electric:magelis_xbt_gh_advanced_hand-held_panel_firmwareschneider-electric:magelis_xbt_gk_advanced_touchscreen_panel_with_keyboardschneider-electric:magelis_xbt_gk_advanced_touchscreen_panel_with_keyboard_firmwareschneider-electric:magelis_xbt_gt_advanced_touchscreen_panelschneider-electric:magelis_xbt_gt_advanced_touchscreen_panel_firmwareschneider-electric:magelis_xbt_gtw_advanced_open_touchscreen_panelschneider-electric:magelis_xbt_gtw_advanced_open_touchscreen_panel_firmware

Schwachen (CWE)

CWE-400

Referenzen

http://www.securityfocus.com/bid/94093(ics-cert@hq.dhs.gov)
https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02(ics-cert@hq.dhs.gov)
http://www.securityfocus.com/bid/94093(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.