All the vulnerabilites related to Siemens - SINUMERIK 808D
var-201812-0456
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). A local attacker with user privileges could use the service command application for privilege escalation to an elevated user but not root. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. A Permission Access Control Vulnerability exists in the Siemens SINUMERIK CNC Controller. Siemens SINUMERIK Controllers is prone to the following security vulnerabilities: 1. A heap based buffer-overflow vulnerability. 2. An integer overflow vulnerability. 3. A security bypass vulnerability. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0456",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 840d sl v4.8",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d v4.7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 828d v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d v4.7",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 8",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 8",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6df-463f-11e9-b66b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25418"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013316"
},
{
"db": "NVD",
"id": "CVE-2018-11461"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-602"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11461"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11461",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-11461",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-25418",
"impactScore": 8.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "7d81e6df-463f-11e9-b66b-000c29342cb1",
"impactScore": 8.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:C/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-121323",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"impactScore": 4.7,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-11461",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11461",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-25418",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-602",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d81e6df-463f-11e9-b66b-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-121323",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6df-463f-11e9-b66b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25418"
},
{
"db": "VULHUB",
"id": "VHN-121323"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013316"
},
{
"db": "NVD",
"id": "CVE-2018-11461"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-602"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). A local attacker with user privileges could use the service command application for privilege escalation to an elevated user but not root. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. A Permission Access Control Vulnerability exists in the Siemens SINUMERIK CNC Controller. Siemens SINUMERIK Controllers is prone to the following security vulnerabilities:\n1. A heap based buffer-overflow vulnerability. \n2. An integer overflow vulnerability. \n3. A security bypass vulnerability. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11461"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013316"
},
{
"db": "CNVD",
"id": "CNVD-2018-25418"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d81e6df-463f-11e9-b66b-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121323"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11461",
"trust": 3.6
},
{
"db": "BID",
"id": "106185",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201812-602",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25418",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013316",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D81E6DF-463F-11E9-B66B-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121323",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6df-463f-11e9-b66b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25418"
},
{
"db": "VULHUB",
"id": "VHN-121323"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013316"
},
{
"db": "NVD",
"id": "CVE-2018-11461"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-602"
}
]
},
"id": "VAR-201812-0456",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d81e6df-463f-11e9-b66b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25418"
},
{
"db": "VULHUB",
"id": "VHN-121323"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6df-463f-11e9-b66b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25418"
}
]
},
"last_update_date": "2023-12-18T12:00:50.932000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patches for multiple Siemens product access control vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147319"
},
{
"title": "Multiple Siemens Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87846"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25418"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013316"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-602"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013316"
},
{
"db": "NVD",
"id": "CVE-2018-11461"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11461"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11461"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25418"
},
{
"db": "VULHUB",
"id": "VHN-121323"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013316"
},
{
"db": "NVD",
"id": "CVE-2018-11461"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-602"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d81e6df-463f-11e9-b66b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25418"
},
{
"db": "VULHUB",
"id": "VHN-121323"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013316"
},
{
"db": "NVD",
"id": "CVE-2018-11461"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-602"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d81e6df-463f-11e9-b66b-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25418"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121323"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013316"
},
{
"date": "2018-12-12T16:29:00.450000",
"db": "NVD",
"id": "CVE-2018-11461"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-602"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25418"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121323"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013316"
},
{
"date": "2019-10-09T23:33:33.370000",
"db": "NVD",
"id": "CVE-2018-11461"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-602"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-602"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural SINUMERIK Vulnerabilities related to authorization, authority, and access control in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013316"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-602"
}
],
"trust": 0.6
}
}
var-201812-0457
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). By sending a specially crafted authentication request to the affected systems a remote attacker could escalate his privileges to an elevated user account but not to root. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. Permission access control vulnerabilities exist in several Siemens products. Siemens SINUMERIK Controllers is prone to the following security vulnerabilities: 1. A heap based buffer-overflow vulnerability. 2. An integer overflow vulnerability. 3. A security bypass vulnerability. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0457",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 840d sl v4.8",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d v4.7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 828d v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d v4.7",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 8",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 8",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6de-463f-11e9-a7e2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25419"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013317"
},
{
"db": "NVD",
"id": "CVE-2018-11462"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-603"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11462"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11462",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-11462",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-25419",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d81e6de-463f-11e9-a7e2-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-121324",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-11462",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11462",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-25419",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-603",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d81e6de-463f-11e9-a7e2-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-121324",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-11462",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6de-463f-11e9-a7e2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25419"
},
{
"db": "VULHUB",
"id": "VHN-121324"
},
{
"db": "VULMON",
"id": "CVE-2018-11462"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013317"
},
{
"db": "NVD",
"id": "CVE-2018-11462"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-603"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). By sending a specially crafted authentication request to the affected systems a remote attacker could escalate his privileges to an elevated user account but not to root. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. Permission access control vulnerabilities exist in several Siemens products. Siemens SINUMERIK Controllers is prone to the following security vulnerabilities:\n1. A heap based buffer-overflow vulnerability. \n2. An integer overflow vulnerability. \n3. A security bypass vulnerability. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11462"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013317"
},
{
"db": "CNVD",
"id": "CNVD-2018-25419"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d81e6de-463f-11e9-a7e2-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121324"
},
{
"db": "VULMON",
"id": "CVE-2018-11462"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11462",
"trust": 3.7
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.7
},
{
"db": "BID",
"id": "106185",
"trust": 2.1
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201812-603",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25419",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013317",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D81E6DE-463F-11E9-A7E2-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121324",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-11462",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6de-463f-11e9-a7e2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25419"
},
{
"db": "VULHUB",
"id": "VHN-121324"
},
{
"db": "VULMON",
"id": "CVE-2018-11462"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013317"
},
{
"db": "NVD",
"id": "CVE-2018-11462"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-603"
}
]
},
"id": "VAR-201812-0457",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d81e6de-463f-11e9-a7e2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25419"
},
{
"db": "VULHUB",
"id": "VHN-121324"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6de-463f-11e9-a7e2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25419"
}
]
},
"last_update_date": "2023-12-18T12:00:51.119000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patch for multiple Siemens Product Permission Access Control Vulnerabilities (CNVD-2018-25419)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147325"
},
{
"title": "Multiple Siemens Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87847"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=f0c2b52e2cee7c2c16aa1cae6ed75a3b"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25419"
},
{
"db": "VULMON",
"id": "CVE-2018-11462"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013317"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-603"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013317"
},
{
"db": "NVD",
"id": "CVE-2018-11462"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11462"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11462"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25419"
},
{
"db": "VULHUB",
"id": "VHN-121324"
},
{
"db": "VULMON",
"id": "CVE-2018-11462"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013317"
},
{
"db": "NVD",
"id": "CVE-2018-11462"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-603"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d81e6de-463f-11e9-a7e2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25419"
},
{
"db": "VULHUB",
"id": "VHN-121324"
},
{
"db": "VULMON",
"id": "CVE-2018-11462"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013317"
},
{
"db": "NVD",
"id": "CVE-2018-11462"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-603"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d81e6de-463f-11e9-a7e2-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25419"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121324"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULMON",
"id": "CVE-2018-11462"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013317"
},
{
"date": "2018-12-12T16:29:00.497000",
"db": "NVD",
"id": "CVE-2018-11462"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-603"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25419"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121324"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-11462"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013317"
},
{
"date": "2019-10-09T23:33:33.557000",
"db": "NVD",
"id": "CVE-2018-11462"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-603"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-603"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural SINUMERIK Vulnerabilities related to authorization, authority, and access control in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013317"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-603"
}
],
"trust": 0.6
}
}
var-201812-0455
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). A local attacker with elevated user privileges (manufact) could modify a CRAMFS archive so that after reboot the system loads the modified CRAMFS file and attacker-controlled code is executed with root privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires elevated user privileges (manufact) but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. A security hole exists in the Siemens SINUMERIK CNC Controller. A heap based buffer-overflow vulnerability. 2. An integer overflow vulnerability. 3. A security bypass vulnerability. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0455",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 840d sl v4.8",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d v4.7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 828d v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d v4.7",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 8",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 8",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d823500-463f-11e9-b618-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25417"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013315"
},
{
"db": "NVD",
"id": "CVE-2018-11460"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-601"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11460"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11460",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-11460",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-25417",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "7d823500-463f-11e9-b618-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-121322",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-11460",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11460",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-25417",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-601",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d823500-463f-11e9-b618-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121322",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d823500-463f-11e9-b618-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25417"
},
{
"db": "VULHUB",
"id": "VHN-121322"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013315"
},
{
"db": "NVD",
"id": "CVE-2018-11460"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-601"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). A local attacker with elevated user privileges (manufact) could modify a CRAMFS archive so that after reboot the system loads the modified CRAMFS file and attacker-controlled code is executed with root privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires elevated user privileges (manufact) but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. A security hole exists in the Siemens SINUMERIK CNC Controller. A heap based buffer-overflow vulnerability. \n2. An integer overflow vulnerability. \n3. A security bypass vulnerability. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11460"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013315"
},
{
"db": "CNVD",
"id": "CNVD-2018-25417"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d823500-463f-11e9-b618-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121322"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11460",
"trust": 3.6
},
{
"db": "BID",
"id": "106185",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201812-601",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25417",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013315",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D823500-463F-11E9-B618-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121322",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d823500-463f-11e9-b618-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25417"
},
{
"db": "VULHUB",
"id": "VHN-121322"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013315"
},
{
"db": "NVD",
"id": "CVE-2018-11460"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-601"
}
]
},
"id": "VAR-201812-0455",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d823500-463f-11e9-b618-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25417"
},
{
"db": "VULHUB",
"id": "VHN-121322"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d823500-463f-11e9-b618-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25417"
}
]
},
"last_update_date": "2023-12-18T12:00:51.007000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patches for multiple Siemens Product Protection Mechanism Vulnerabilities (CNVD-2018-25417)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147321"
},
{
"title": "Multiple Siemens Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87845"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25417"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013315"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-601"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013315"
},
{
"db": "NVD",
"id": "CVE-2018-11460"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11460"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11460"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25417"
},
{
"db": "VULHUB",
"id": "VHN-121322"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013315"
},
{
"db": "NVD",
"id": "CVE-2018-11460"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-601"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d823500-463f-11e9-b618-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25417"
},
{
"db": "VULHUB",
"id": "VHN-121322"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013315"
},
{
"db": "NVD",
"id": "CVE-2018-11460"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-601"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d823500-463f-11e9-b618-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25417"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121322"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013315"
},
{
"date": "2018-12-12T16:29:00.403000",
"db": "NVD",
"id": "CVE-2018-11460"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-601"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25417"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121322"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013315"
},
{
"date": "2019-10-09T23:33:33.183000",
"db": "NVD",
"id": "CVE-2018-11460"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-601"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-601"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural SINUMERIK Access control vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013315"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-601"
}
],
"trust": 0.6
}
}
var-201812-0458
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). A buffer overflow in the service command application could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \302\240The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. A stack-based buffer overflow vulnerability exists in several Siemens products. Siemens SINUMERIK Controllers is prone to the following security vulnerabilities: 1. A heap based buffer-overflow vulnerability. 2. An integer overflow vulnerability. 3. A security bypass vulnerability. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0458",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 840d sl v4.8",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d v4.7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 828d v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d v4.7",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 8",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 8",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d812390-463f-11e9-9a73-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25420"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013318"
},
{
"db": "NVD",
"id": "CVE-2018-11463"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-604"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11463"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11463",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-11463",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-25420",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "7d812390-463f-11e9-9a73-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-121325",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-11463",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11463",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-25420",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-604",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d812390-463f-11e9-9a73-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121325",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d812390-463f-11e9-9a73-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25420"
},
{
"db": "VULHUB",
"id": "VHN-121325"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013318"
},
{
"db": "NVD",
"id": "CVE-2018-11463"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-604"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). A buffer overflow in the service command application could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \\302\\240The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. A stack-based buffer overflow vulnerability exists in several Siemens products. Siemens SINUMERIK Controllers is prone to the following security vulnerabilities:\n1. A heap based buffer-overflow vulnerability. \n2. An integer overflow vulnerability. \n3. A security bypass vulnerability. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11463"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013318"
},
{
"db": "CNVD",
"id": "CNVD-2018-25420"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d812390-463f-11e9-9a73-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121325"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11463",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.6
},
{
"db": "BID",
"id": "106185",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201812-604",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25420",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013318",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D812390-463F-11E9-9A73-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121325",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d812390-463f-11e9-9a73-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25420"
},
{
"db": "VULHUB",
"id": "VHN-121325"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013318"
},
{
"db": "NVD",
"id": "CVE-2018-11463"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-604"
}
]
},
"id": "VAR-201812-0458",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d812390-463f-11e9-9a73-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25420"
},
{
"db": "VULHUB",
"id": "VHN-121325"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d812390-463f-11e9-9a73-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25420"
}
]
},
"last_update_date": "2023-12-18T12:00:50.818000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patches for multiple Siemens product buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147351"
},
{
"title": "Multiple Siemens Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87848"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25420"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013318"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-604"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121325"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013318"
},
{
"db": "NVD",
"id": "CVE-2018-11463"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11463"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11463"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25420"
},
{
"db": "VULHUB",
"id": "VHN-121325"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013318"
},
{
"db": "NVD",
"id": "CVE-2018-11463"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-604"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d812390-463f-11e9-9a73-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25420"
},
{
"db": "VULHUB",
"id": "VHN-121325"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013318"
},
{
"db": "NVD",
"id": "CVE-2018-11463"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-604"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d812390-463f-11e9-9a73-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25420"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121325"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013318"
},
{
"date": "2018-12-12T16:29:00.543000",
"db": "NVD",
"id": "CVE-2018-11463"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-604"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25420"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121325"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013318"
},
{
"date": "2019-10-09T23:33:33.743000",
"db": "NVD",
"id": "CVE-2018-11463"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-604"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-604"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural SINUMERIK Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013318"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "7d812390-463f-11e9-9a73-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-604"
}
],
"trust": 0.8
}
}
var-202110-0563
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 808D (All versions), SINUMERIK 828D (All versions < V4.95). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device. SINUMERIK 808D and SINUMERIK 828D Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-0563",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 828d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.95"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "sinumerik 808d",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-013658"
},
{
"db": "NVD",
"id": "CVE-2021-37199"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.95",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-37199"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "reported this vulnerability to Siemens.,Industrial Control Security Laboratory of Qi An Xin Group Inc.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-887"
}
],
"trust": 0.6
},
"cve": "CVE-2021-37199",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-37199",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-37199",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-37199",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-887",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-37199",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-37199"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013658"
},
{
"db": "NVD",
"id": "CVE-2021-37199"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-887"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 808D (All versions), SINUMERIK 828D (All versions \u003c V4.95). Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device. SINUMERIK 808D and SINUMERIK 828D Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-37199"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013658"
},
{
"db": "VULMON",
"id": "CVE-2021-37199"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-37199",
"trust": 3.3
},
{
"db": "SIEMENS",
"id": "SSA-178380",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-21-287-04",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU95938083",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013658",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2021.3439",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021101316",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202110-887",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-37199",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-37199"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013658"
},
{
"db": "NVD",
"id": "CVE-2021-37199"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-887"
}
]
},
"id": "VAR-202110-0563",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6060606
},
"last_update_date": "2023-12-18T10:49:02.291000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-178380",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-178380.pdf"
},
{
"title": "Siemens Sinumerik 808D Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=166557"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=164d067f0b6630b0f3c173f7fdaf4dc8"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-37199"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013658"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-887"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-013658"
},
{
"db": "NVD",
"id": "CVE-2021-37199"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-178380.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37199"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95938083/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-287-04"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021101316"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-287-04"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3439"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-178380.txt"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-37199"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013658"
},
{
"db": "NVD",
"id": "CVE-2021-37199"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-887"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-37199"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013658"
},
{
"db": "NVD",
"id": "CVE-2021-37199"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-887"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-12T00:00:00",
"db": "VULMON",
"id": "CVE-2021-37199"
},
{
"date": "2022-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-013658"
},
{
"date": "2021-10-12T10:15:12.600000",
"db": "NVD",
"id": "CVE-2021-37199"
},
{
"date": "2021-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-887"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2021-37199"
},
{
"date": "2022-09-21T02:56:00",
"db": "JVNDB",
"id": "JVNDB-2021-013658"
},
{
"date": "2021-10-19T11:55:23.290000",
"db": "NVD",
"id": "CVE-2021-37199"
},
{
"date": "2021-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-887"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-887"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SINUMERIK\u00a0808D\u00a0 and \u00a0SINUMERIK\u00a0828D\u00a0 Out-of-bounds write vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-013658"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-887"
}
],
"trust": 0.6
}
}
var-201812-0461
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). Specially crafted network packets sent to port 102/tcp (ISO-TSAP) could allow a remote attacker to either cause a Denial-of-Service condition of the integrated software firewall or allow to execute code in the context of the software firewall. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 102/tcp. Successful exploitation requires no user privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. Security vulnerabilities exist in several Siemens products. And integrity. A heap based buffer-overflow vulnerability. 2. An integer overflow vulnerability. 3. A security bypass vulnerability. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0461",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 840d sl v4.8",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d v4.7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 828d v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d v4.7",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 8",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 8",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d v4 7",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d847ef2-463f-11e9-b6c1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25423"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013320"
},
{
"db": "NVD",
"id": "CVE-2018-11466"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-607"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11466"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11466",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-11466",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-25423",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d847ef2-463f-11e9-b6c1-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-121328",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-11466",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11466",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-25423",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-607",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d847ef2-463f-11e9-b6c1-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-121328",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d847ef2-463f-11e9-b6c1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25423"
},
{
"db": "VULHUB",
"id": "VHN-121328"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013320"
},
{
"db": "NVD",
"id": "CVE-2018-11466"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-607"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). Specially crafted network packets sent to port 102/tcp (ISO-TSAP) could allow a remote attacker to either cause a Denial-of-Service condition of the integrated software firewall or allow to execute code in the context of the software firewall. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 102/tcp. Successful exploitation requires no user privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. Security vulnerabilities exist in several Siemens products. And integrity. A heap based buffer-overflow vulnerability. \n2. An integer overflow vulnerability. \n3. A security bypass vulnerability. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11466"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013320"
},
{
"db": "CNVD",
"id": "CNVD-2018-25423"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d847ef2-463f-11e9-b6c1-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121328"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11466",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.6
},
{
"db": "BID",
"id": "106185",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201812-607",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25423",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013320",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D847EF2-463F-11E9-B6C1-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121328",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d847ef2-463f-11e9-b6c1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25423"
},
{
"db": "VULHUB",
"id": "VHN-121328"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013320"
},
{
"db": "NVD",
"id": "CVE-2018-11466"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-607"
}
]
},
"id": "VAR-201812-0461",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d847ef2-463f-11e9-b6c1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25423"
},
{
"db": "VULHUB",
"id": "VHN-121328"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d847ef2-463f-11e9-b6c1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25423"
}
]
},
"last_update_date": "2023-12-18T12:00:50.969000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patches for multiple Siemens product remote code execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147347"
},
{
"title": "Multiple Siemens Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87852"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25423"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013320"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-607"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013320"
},
{
"db": "NVD",
"id": "CVE-2018-11466"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11466"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11466"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25423"
},
{
"db": "VULHUB",
"id": "VHN-121328"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013320"
},
{
"db": "NVD",
"id": "CVE-2018-11466"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-607"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d847ef2-463f-11e9-b6c1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25423"
},
{
"db": "VULHUB",
"id": "VHN-121328"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013320"
},
{
"db": "NVD",
"id": "CVE-2018-11466"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-607"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d847ef2-463f-11e9-b6c1-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25423"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121328"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013320"
},
{
"date": "2018-12-12T16:29:00.700000",
"db": "NVD",
"id": "CVE-2018-11466"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-607"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25423"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121328"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013320"
},
{
"date": "2019-10-09T23:33:34.290000",
"db": "NVD",
"id": "CVE-2018-11466"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-607"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-607"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural SINUMERIK Access control vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013320"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-607"
}
],
"trust": 0.6
}
}
var-201812-0452
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). The integrated web server on port 4842/tcp of the affected products could allow a remote attacker to execute code with privileged permissions on the system by sending specially crafted network requests to port 4842/tcp. Please note that this vulnerability is only exploitable if port 4842/tcp is manually opened in the firewall configuration of network port X130. The security vulnerability could be exploited by an attacker with network access to the affected devices on port 4842/tcp. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the web server. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 828D and SINUMERIK 840D Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. A heap buffer overflow vulnerability exists in the Siemens SINUMERIK CNC Controller. Siemens SINUMERIK Controllers is prone to the following security vulnerabilities: 1. A heap based buffer-overflow vulnerability. 2. An integer overflow vulnerability. 3. A security bypass vulnerability. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0452",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 828d v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 828d v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 8",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d823502-463f-11e9-8a07-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25413"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013321"
},
{
"db": "NVD",
"id": "CVE-2018-11457"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-598"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11457"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11457",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-11457",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-25413",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d823502-463f-11e9-8a07-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-121318",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-11457",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11457",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-25413",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-598",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d823502-463f-11e9-8a07-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121318",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d823502-463f-11e9-8a07-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25413"
},
{
"db": "VULHUB",
"id": "VHN-121318"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013321"
},
{
"db": "NVD",
"id": "CVE-2018-11457"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-598"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). The integrated web server on port 4842/tcp of the affected products could allow a remote attacker to execute code with privileged permissions on the system by sending specially crafted network requests to port 4842/tcp. Please note that this vulnerability is only exploitable if port 4842/tcp is manually opened in the firewall configuration of network port X130. The security vulnerability could be exploited by an attacker with network access to the affected devices on port 4842/tcp. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the web server. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 828D and SINUMERIK 840D Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. A heap buffer overflow vulnerability exists in the Siemens SINUMERIK CNC Controller. Siemens SINUMERIK Controllers is prone to the following security vulnerabilities:\n1. A heap based buffer-overflow vulnerability. \n2. An integer overflow vulnerability. \n3. A security bypass vulnerability. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11457"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013321"
},
{
"db": "CNVD",
"id": "CNVD-2018-25413"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d823502-463f-11e9-8a07-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121318"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11457",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.6
},
{
"db": "BID",
"id": "106185",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201812-598",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25413",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013321",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D823502-463F-11E9-8A07-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121318",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d823502-463f-11e9-8a07-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25413"
},
{
"db": "VULHUB",
"id": "VHN-121318"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013321"
},
{
"db": "NVD",
"id": "CVE-2018-11457"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-598"
}
]
},
"id": "VAR-201812-0452",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d823502-463f-11e9-8a07-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25413"
},
{
"db": "VULHUB",
"id": "VHN-121318"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d823502-463f-11e9-8a07-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25413"
}
]
},
"last_update_date": "2023-12-18T12:00:51.044000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patches for multiple Siemens product heap buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147309"
},
{
"title": "Multiple Siemens Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87842"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25413"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013321"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-598"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013321"
},
{
"db": "NVD",
"id": "CVE-2018-11457"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11457"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11457"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25413"
},
{
"db": "VULHUB",
"id": "VHN-121318"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013321"
},
{
"db": "NVD",
"id": "CVE-2018-11457"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-598"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d823502-463f-11e9-8a07-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25413"
},
{
"db": "VULHUB",
"id": "VHN-121318"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013321"
},
{
"db": "NVD",
"id": "CVE-2018-11457"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-598"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d823502-463f-11e9-8a07-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25413"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121318"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013321"
},
{
"date": "2018-12-12T16:29:00.247000",
"db": "NVD",
"id": "CVE-2018-11457"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-598"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25413"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121318"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013321"
},
{
"date": "2019-10-09T23:33:32.667000",
"db": "NVD",
"id": "CVE-2018-11457"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-598"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-598"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SINUMERIK 828D and SINUMERIK 840D Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013321"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-598"
}
],
"trust": 0.6
}
}
var-201812-0454
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). A local attacker could modify a user-writeable configuration file so that after reboot or manual initiation the system reloads the modified configuration file and attacker-controlled code is executed with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. A security hole exists in the Siemens SINUMERIK CNC Controller. A heap based buffer-overflow vulnerability. 2. An integer overflow vulnerability. 3. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0454",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 840d sl v4.8",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d v4.7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 828d v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d v4.7",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 8",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 8",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d823501-463f-11e9-82ca-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25416"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013323"
},
{
"db": "NVD",
"id": "CVE-2018-11459"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-600"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11459"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11459",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-11459",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-25416",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "7d823501-463f-11e9-82ca-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-121320",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-11459",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11459",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-25416",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-600",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d823501-463f-11e9-82ca-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121320",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d823501-463f-11e9-82ca-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25416"
},
{
"db": "VULHUB",
"id": "VHN-121320"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013323"
},
{
"db": "NVD",
"id": "CVE-2018-11459"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-600"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). A local attacker could modify a user-writeable configuration file so that after reboot or manual initiation the system reloads the modified configuration file and attacker-controlled code is executed with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. A security hole exists in the Siemens SINUMERIK CNC Controller. A heap based buffer-overflow vulnerability. \n2. An integer overflow vulnerability. \n3. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013323"
},
{
"db": "CNVD",
"id": "CNVD-2018-25416"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d823501-463f-11e9-82ca-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121320"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11459",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.6
},
{
"db": "BID",
"id": "106185",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201812-600",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25416",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013323",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D823501-463F-11E9-82CA-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121320",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d823501-463f-11e9-82ca-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25416"
},
{
"db": "VULHUB",
"id": "VHN-121320"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013323"
},
{
"db": "NVD",
"id": "CVE-2018-11459"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-600"
}
]
},
"id": "VAR-201812-0454",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d823501-463f-11e9-82ca-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25416"
},
{
"db": "VULHUB",
"id": "VHN-121320"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d823501-463f-11e9-82ca-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25416"
}
]
},
"last_update_date": "2023-12-18T12:00:50.856000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patches for multiple Siemens product protection mechanism failure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147311"
},
{
"title": "Multiple Siemens Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87844"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25416"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013323"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-600"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013323"
},
{
"db": "NVD",
"id": "CVE-2018-11459"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11459"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11459"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25416"
},
{
"db": "VULHUB",
"id": "VHN-121320"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013323"
},
{
"db": "NVD",
"id": "CVE-2018-11459"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-600"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d823501-463f-11e9-82ca-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25416"
},
{
"db": "VULHUB",
"id": "VHN-121320"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013323"
},
{
"db": "NVD",
"id": "CVE-2018-11459"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-600"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d823501-463f-11e9-82ca-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25416"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121320"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013323"
},
{
"date": "2018-12-12T16:29:00.357000",
"db": "NVD",
"id": "CVE-2018-11459"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-600"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25416"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121320"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013323"
},
{
"date": "2019-10-09T23:33:33.010000",
"db": "NVD",
"id": "CVE-2018-11459"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-600"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-600"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural SINUMERIK Vulnerabilities related to authorization, authority, and access control in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013323"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-600"
}
],
"trust": 0.6
}
}
var-201812-0460
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). A local attacker could use ioctl calls to do out of bounds reads, arbitrary writes, or execute code in kernel mode. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. Security vulnerabilities exist in several Siemens products. A heap based buffer-overflow vulnerability. 2. An integer overflow vulnerability. 3. A security bypass vulnerability. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0460",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 840d sl v4.8",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d v4.7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 828d v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d v4.8",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d v4.7",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 828d v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 808d v4 8",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 8",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b1-463f-11e9-8168-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25422"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013319"
},
{
"db": "NVD",
"id": "CVE-2018-11465"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-606"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_808d_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_808d_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11465"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11465",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-11465",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-25422",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "7d8171b1-463f-11e9-8168-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-121327",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-11465",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11465",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-25422",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-606",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d8171b1-463f-11e9-8168-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121327",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b1-463f-11e9-8168-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25422"
},
{
"db": "VULHUB",
"id": "VHN-121327"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013319"
},
{
"db": "NVD",
"id": "CVE-2018-11465"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-606"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). A local attacker could use ioctl calls to do out of bounds reads, arbitrary writes, or execute code in kernel mode. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 808D , SINUMERIK 828D , SINUMERIK 840D sl Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. Security vulnerabilities exist in several Siemens products. A heap based buffer-overflow vulnerability. \n2. An integer overflow vulnerability. \n3. A security bypass vulnerability. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11465"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013319"
},
{
"db": "CNVD",
"id": "CNVD-2018-25422"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d8171b1-463f-11e9-8168-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121327"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11465",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.6
},
{
"db": "BID",
"id": "106185",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201812-606",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25422",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013319",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D8171B1-463F-11E9-8168-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121327",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b1-463f-11e9-8168-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25422"
},
{
"db": "VULHUB",
"id": "VHN-121327"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013319"
},
{
"db": "NVD",
"id": "CVE-2018-11465"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-606"
}
]
},
"id": "VAR-201812-0460",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d8171b1-463f-11e9-8168-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25422"
},
{
"db": "VULHUB",
"id": "VHN-121327"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b1-463f-11e9-8168-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25422"
}
]
},
"last_update_date": "2023-12-18T12:00:50.780000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patches for multiple Siemens product local access vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147329"
},
{
"title": "Multiple Siemens Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87850"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25422"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013319"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-606"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121327"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013319"
},
{
"db": "NVD",
"id": "CVE-2018-11465"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11465"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11465"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25422"
},
{
"db": "VULHUB",
"id": "VHN-121327"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013319"
},
{
"db": "NVD",
"id": "CVE-2018-11465"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-606"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d8171b1-463f-11e9-8168-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25422"
},
{
"db": "VULHUB",
"id": "VHN-121327"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013319"
},
{
"db": "NVD",
"id": "CVE-2018-11465"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-606"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d8171b1-463f-11e9-8168-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25422"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121327"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013319"
},
{
"date": "2018-12-12T16:29:00.653000",
"db": "NVD",
"id": "CVE-2018-11465"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-606"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25422"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121327"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013319"
},
{
"date": "2019-10-09T23:33:34.120000",
"db": "NVD",
"id": "CVE-2018-11465"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-606"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-606"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural SINUMERIK Product out-of-bounds vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013319"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "7d8171b1-463f-11e9-8168-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-606"
}
],
"trust": 0.8
}
}
var-201812-0459
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). The integrated VNC server on port 5900/tcp of the affected products could allow a remote attacker to cause a Denial-of-Service condition of the VNC server. Please note that this vulnerability is only exploitable if port 5900/tcp is manually opened in the firewall configuration of network port X130. The security vulnerability could be exploited by an attacker with network access to the affected devices and port. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise availability of the VNC server. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 828D and SINUMERIK 840D sl Contains vulnerabilities related to authorization, permissions, and access control.Service operation interruption (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. Security vulnerabilities exist in several Siemens products. A heap based buffer-overflow vulnerability. 2. An integer overflow vulnerability. 3. A security bypass vulnerability. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0459",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 840d sl",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 828d",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "sinumerik 840d sl",
"version": "*"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11464"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11464",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-11464",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-25421",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-121326",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 3.7,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-11464",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11464",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2018-25421",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-605",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-121326",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "VULHUB",
"id": "VHN-121326"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). The integrated VNC server on port 5900/tcp of the affected products could allow a remote attacker to cause a Denial-of-Service condition of the VNC server. Please note that this vulnerability is only exploitable if port 5900/tcp is manually opened in the firewall configuration of network port X130. The security vulnerability could be exploited by an attacker with network access to the affected devices and port. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise availability of the VNC server. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 828D and SINUMERIK 840D sl Contains vulnerabilities related to authorization, permissions, and access control.Service operation interruption (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. Security vulnerabilities exist in several Siemens products. A heap based buffer-overflow vulnerability. \n2. An integer overflow vulnerability. \n3. A security bypass vulnerability. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121326"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11464",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.6
},
{
"db": "BID",
"id": "106185",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25421",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D8171B0-463F-11E9-8D83-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121326",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "VULHUB",
"id": "VHN-121326"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"id": "VAR-201812-0459",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "VULHUB",
"id": "VHN-121326"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
}
]
},
"last_update_date": "2023-12-18T12:00:50.895000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patches for multiple Siemens product denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147349"
},
{
"title": "Multiple Siemens Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87849"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11464"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11464"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "VULHUB",
"id": "VHN-121326"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "VULHUB",
"id": "VHN-121326"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121326"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"date": "2018-12-12T16:29:00.590000",
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121326"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"date": "2019-10-09T23:33:33.947000",
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SINUMERIK 828D and SINUMERIK 840D sl Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
],
"trust": 0.6
}
}
var-201812-0453
Vulnerability from variot
A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). The integrated VNC server on port 5900/tcp of the affected products could allow a remote attacker to execute code with privileged permissions on the system by sending specially crafted network requests to port 5900/tcp. Please note that this vulnerability is only exploitable if port 5900/tcp is manually opened in the firewall configuration of network port X130. The security vulnerability could be exploited by an attacker with network access to the affected devices and port. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the VNC server. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 828D and SINUMERIK 840D Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. An integer overflow vulnerability exists in the Siemens SINUMERIK CNC Controller. Siemens SINUMERIK Controllers is prone to the following security vulnerabilities: 1. A heap based buffer-overflow vulnerability. 2. 3. A security bypass vulnerability. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0453",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 828d v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 828d v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl v4.8",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl v4.7",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 7",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 840d sl v4 8",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6e0-463f-11e9-a90d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25415"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013322"
},
{
"db": "NVD",
"id": "CVE-2018-11458"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-599"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_v4.8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl_v4.8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11458"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11458",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-11458",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-25415",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d81e6e0-463f-11e9-a90d-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-121319",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-11458",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11458",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-25415",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-599",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d81e6e0-463f-11e9-a90d-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121319",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6e0-463f-11e9-a90d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25415"
},
{
"db": "VULHUB",
"id": "VHN-121319"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013322"
},
{
"db": "NVD",
"id": "CVE-2018-11458"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-599"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). The integrated VNC server on port 5900/tcp of the affected products could allow a remote attacker to execute code with privileged permissions on the system by sending specially crafted network requests to port 5900/tcp. Please note that this vulnerability is only exploitable if port 5900/tcp is manually opened in the firewall configuration of network port X130. The security vulnerability could be exploited by an attacker with network access to the affected devices and port. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the VNC server. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 828D and SINUMERIK 840D Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. An integer overflow vulnerability exists in the Siemens SINUMERIK CNC Controller. Siemens SINUMERIK Controllers is prone to the following security vulnerabilities:\n1. A heap based buffer-overflow vulnerability. \n2. \n3. A security bypass vulnerability. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11458"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013322"
},
{
"db": "CNVD",
"id": "CNVD-2018-25415"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d81e6e0-463f-11e9-a90d-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121319"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11458",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.6
},
{
"db": "BID",
"id": "106185",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201812-599",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25415",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013322",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D81E6E0-463F-11E9-A90D-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121319",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6e0-463f-11e9-a90d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25415"
},
{
"db": "VULHUB",
"id": "VHN-121319"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013322"
},
{
"db": "NVD",
"id": "CVE-2018-11458"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-599"
}
]
},
"id": "VAR-201812-0453",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d81e6e0-463f-11e9-a90d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25415"
},
{
"db": "VULHUB",
"id": "VHN-121319"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d81e6e0-463f-11e9-a90d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25415"
}
]
},
"last_update_date": "2023-12-18T12:00:51.081000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patches for multiple Siemens product integer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147315"
},
{
"title": "Multiple Siemens Product digital error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87843"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25415"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013322"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-599"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013322"
},
{
"db": "NVD",
"id": "CVE-2018-11458"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11458"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11458"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25415"
},
{
"db": "VULHUB",
"id": "VHN-121319"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013322"
},
{
"db": "NVD",
"id": "CVE-2018-11458"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-599"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d81e6e0-463f-11e9-a90d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25415"
},
{
"db": "VULHUB",
"id": "VHN-121319"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013322"
},
{
"db": "NVD",
"id": "CVE-2018-11458"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-599"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d81e6e0-463f-11e9-a90d-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25415"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121319"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013322"
},
{
"date": "2018-12-12T16:29:00.310000",
"db": "NVD",
"id": "CVE-2018-11458"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-599"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25415"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121319"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013322"
},
{
"date": "2019-10-09T23:33:32.853000",
"db": "NVD",
"id": "CVE-2018-11458"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-599"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-599"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SINUMERIK 828D and SINUMERIK 840D Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013322"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-599"
}
],
"trust": 0.6
}
}
cve-2021-37199
Vulnerability from cvelistv5
Published
2021-10-12 09:49
Modified
2024-08-04 01:16
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SINUMERIK 808D (All versions), SINUMERIK 828D (All versions < V4.95). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-178380.pdf | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Siemens | SINUMERIK 808D | |
| Siemens | SINUMERIK 828D |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-178380.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SINUMERIK 808D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SINUMERIK 828D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.95"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINUMERIK 808D (All versions), SINUMERIK 828D (All versions \u003c V4.95). Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-12T09:49:37",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-178380.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-37199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SINUMERIK 808D",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SINUMERIK 828D",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.95"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SINUMERIK 808D (All versions), SINUMERIK 828D (All versions \u003c V4.95). Affected devices don\u0027t process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-178380.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-178380.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-37199",
"datePublished": "2021-10-12T09:49:37",
"dateReserved": "2021-07-21T00:00:00",
"dateUpdated": "2024-08-04T01:16:03.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}