Severity
High
Analysis Summary
CVE-2021-40366
Siemens Climatix POL909 (AWM module) could allow a remote attacker to obtain sensitive information, caused by transmitting data without TLS encryption. By using a man-in-the-middle technique, an attacker could exploit this vulnerability to obtain sensitive information.
Impact
- Information Disclosure
Affected Vendors
- Siemens
Affected Products
- Siemens Climatix POL909 (AWM module)
Remediation
Refer to Siemens Security Advisory for patch, upgrade, or suggested workaround information.