VDB
NCSC-2024-0282
NCSC-2024-0282
PUBLISHED
CVSS 7.5 HIGH
Siemens heeft kwetsbaarheden verholpen in diverse producten als Mendix, RUGGEDOM, SIMATIC, SINEMA, SIPROTEC en de Engineering Platforms voor diverse systemen.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ruggedcom_i800 | ||
| ps_iges_parasolid_translator_component | ||
| jt_open | ||
| ruggedcom_i800nc | ||
| plm_xml_sdk | ||
| mendix_encryption | ||
| ruggedcom |
Exploit Intelligence
- Fast, parallel SSH discovery and security auditing across hosts and CIDR ranges: identifies SSH on any port in real time, then flags auth methods, weak crypto, Terrapin (CVE-2023-48795), and reused host keys. (github-poc-repo)
- Fast, parallel SSH discovery and security auditing across hosts and CIDR ranges: identifies SSH on any port in real time, then flags auth methods, weak crypto, Terrapin (CVE-2023-48795), and reused host keys. (github-poc)
- Mr-Whiskerss/SSH-Terrapin-Prefix-Truncation-Weakness-CVE-2023-48795-Checker (github-poc-repo)
- Mr-Whiskerss/SSH-Terrapin-Prefix-Truncation-Weakness-CVE-2023-48795-Checker (github-poc)
- Scanner para identificação de servidores com softwares SSH possivelmente vulnerável às CVEs CVE-2024-6387 e CVE-2023-48795. (github-poc)
- Scanner para identificação de servidores com softwares SSH possivelmente vulnerável às CVEs CVE-2024-6387 e CVE-2023-48795. (github-poc-repo)
- A Python-based tool to check for vulnerabilities in OpenSSH installations on local or remote systems by scanning specific IPs. It checks if the OpenSSH version is affected by CVE-2023-48795 (github-poc-repo)
- Python tool to identify SSH servers potentially vulnerable to CVE-2023-48795 (Terrapin) by analyzing OpenSSH version banners via netcat. Useful for internal audits, penetration testing, and vulnerability assessments. (github-poc-repo)
- SSH Terrapin Attack Vulnerability Scanner (CVE-2023-48795) (github-poc-repo)
- alperenugurlu/CVE-2024-3596-Detector (github-poc)
…and 37 more exploits
Timeline
- Jul 9, 2024 CVE Published
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-064222.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-088132.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-170375.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-313039.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-364175.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-381581.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-698820.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-722010.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-723487.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-750499.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-779936.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-824889.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-868282.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-883918.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-928781.pdf url
- https://cert-portal.siemens.com/productcert/pdf/ssa-998949.pdf url