Martem: >> Telem-Gw6 Firmware >> 2018.04.18-linux_4-01-601cb47 Security Vulnerabilities
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process.
CVSS Score
9.8
EPSS Score
0.031
Published
2018-07-31
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel.
CVSS Score
7.5
EPSS Score
0.017
Published
2018-07-31
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges.
CVSS Score
6.1
EPSS Score
0.005
Published
2018-07-31