CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-3610

The Siemens HomeControl for Room Automation application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information or modify data via a crafted certificate.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.9%

CVSS Severity

CVSS v2 Score 5.4

References

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-311412.pdf
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-311412.pdf

Products affected by CVE-2015-3610

Siemens » Homecontrol For Room Automation » Version: 2.0.0

cpe:2.3:a:siemens:homecontrol_for_room_automation:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-3610

Products

Pricing

Contact Us