Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sprecon\-E\-P_dq6\-1_firmware
(Sprecher\-Automation)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-08-12 | CVE-2024-6758 | Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments. | Sprecon\-E\-C_firmware, Sprecon\-E\-P_dd6\-2_firmware, Sprecon\-E\-P_dl6\-1_firmware, Sprecon\-E\-P_dq6\-1_firmware, Sprecon\-E\-P_ds6\-0_firmware, Sprecon\-E\-T3_ax\-3110_firmware, Sprecon\-E\-T3_firmware, Sprecon\-E_ap\-2200_firmware, Sprecon\-E_cp\-2131_firmware, Sprecon\-E_cp\-2330_firmware, Sprecon\-E_cp\-2500_firmware, Sprecon\-Edir_firmware | 6.5 | ||
| 2023-06-01 | CVE-2022-4333 | Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines. | Sprecon\-E\-C_firmware, Sprecon\-E\-P_dl6\-1_firmware, Sprecon\-E\-P_dq6\-1_firmware, Sprecon\-E\-P_ds6\-0_firmware, Sprecon\-E\-T3_firmware, Sprecon\-E\-Tc_ax\-3110_firmware, Sprecon\-E_ap\-2200_firmware, Sprecon\-E_cp\-2131_firmware, Sprecon\-E_cp\-2330_firmware | 9.8 | ||
| 2023-06-01 | CVE-2022-4332 | In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inject and execute arbitrary code and gain full access of the device. | Sprecon\-E\-C_firmware, Sprecon\-E\-P_dl6\-1_firmware, Sprecon\-E\-P_dq6\-1_firmware, Sprecon\-E\-P_ds6\-0_firmware, Sprecon\-E\-T3_firmware, Sprecon\-E\-Tc_ax\-3110_firmware | 6.8 |