CVE-2015-3971

Janitza UMG - Remote Code Execution

Title source: llm
STIX 2.1

Description

The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require authentication, which allows remote attackers to read or write to files, or execute arbitrary JASIC code, via a session on TCP port 1239.

References (1)

Core 1
Core References
Patch, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03

Scores

EPSS 0.0162
EPSS Percentile 73.2%

Details

CWE
CWE-284
Status published
Products (5)
janitza/umg_508
janitza/umg_509
janitza/umg_511
janitza/umg_604
janitza/umg_605
Published Oct 28, 2015
Tracked Since Feb 18, 2026