CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
93.2%
The remote host has a version of Siemens Automation License Manager installed that is affected by the following vulnerabilities :
There are multiple buffer overflows that can be exploited to execute arbitrary code by sending a message to the Automation License Manager TCP service listening on port 4410 containing a long serialid field in a
_licensekey command. (CVE-2011-4329)
The Siemens Automation License Manager TCP service listening on TCP port 4410 does not properly copy fields obtained from clients and can be exploited by sending a message containing long fields to cause a denial of service. (CVE-2011-4530)
By sending a specially crafted ‘get_target_ocx_param’ or ‘send_target_ocx_param’ command message to the Automation License Manager service listening on port 4410, an attacker can trigger a NULL pointer dereference and denial of service. (CVE-2011-4531)
Binary data scada_siemens_alm_ssa_319258.nbin