Volerion logoVolerion
Volerion logoVolerion

Siemens TeleControl Server Basic Information Disclosure Vulnerability

Vulnerability

An information disclosure vulnerability has been identified in Siemens TeleControl Server Basic version 3.1, specifically in all versions from 3.1.2.2 up to but not including 3.1.2.3. This vulnerability allows an unauthenticated remote attacker to access password hashes of users, potentially leading to unauthorized login and execution of authenticated operations within the database service.

Impact

Exploitation of this vulnerability could result in unauthorized access to user accounts, allowing attackers to log in and perform authenticated actions on the database service.

Remediation

Users are advised to update to version 3.1.2.3 or a later version. For more information, visit the Siemens support page for TeleControl Server Basic. Additionally, restrict access to port 8000 on affected systems to trusted IP addresses only.

Added: Oct 14, 2025, 10:22 AM
Updated: Oct 14, 2025, 10:22 AM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
3.1
exploitability
7.0
remediation
7.9
relevance
0.7
threat
0.0
urgency
2.9
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.