CVE-2018-11449
HIGHSCALANCE M875 Firmware - Unprotected Administrative Password Exposure via Local File System Access
Title source: llmDescription
A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the local file system. A successful attack could allow an attacker to obtain administrative passwords. At the time of advisory publication no public exploitation of this security vulnerability was known.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-977428.pdf
Scores
CVSS v3
7.8
EPSS
0.0010
EPSS Percentile
26.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-79
Status
published
Products (1)
siemens/scalance_m875_firmware
Published
Jun 26, 2018
Tracked Since
Feb 18, 2026