Siemens SINAMICS S/G Controllers Firmware Authentication Bypass

Siemens SINAMICS S/G Controllers Firmware Authentication Bypass

CVE-2013-6920 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Siemens SINAMICS S/G controllers with firmware before 4.6.11 do not require authentication for FTP and TELNET sessions, which allows remote attackers to bypass intended access restrictions via TCP traffic to port (1) 21 or (2) 23.

Learn more about our Web Application Penetration Testing UK.