TLS Session Data Manipulation Vulnerability in Siemens SINUMERIK Integrate Operate Clients

TLS Session Data Manipulation Vulnerability in Siemens SINUMERIK Integrate Operate Clients

CVE-2017-2685 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 (including) and 2.0.6 (excluding) and between 3.0.4.00.032 (including) and 3.0.6 (excluding) contain a vulnerability that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack.

Learn more about our Web Application Penetration Testing UK.