cvelistv5 - CVE-2018-4838

CVE-2018-4838 (GCVE-0-2018-4838)

Vulnerability from cvelistv5 – Published: 2018-03-08 17:00 – Updated: 2024-08-05 05:18

Summary

Severity ?

No CVSS data available.

CWE

Other

Assigner

siemens

References

URL

Tags

	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://www.securityfocus.com/bid/103379	vdb-entryx_refsource_BID

Impacted products

Vendor

Product

Version

Siemens AG

EN100 Ethernet module IEC 61850 variant

Affected: All versions < V4.30

Siemens AG	EN100 Ethernet module DNP3 variant	Affected: All versions < V1.04
Siemens AG	EN100 Ethernet module PROFINET IO variant	Affected: All versions
Siemens AG	EN100 Ethernet module Modbus TCP variant	Affected: All versions
Siemens AG	EN100 Ethernet module IEC 104 variant	Affected: All versions < V1.22

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:18:26.631Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
          },
          {
            "name": "103379",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "https://www.securityfocus.com/bid/103379"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "EN100 Ethernet module IEC 61850 variant",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.30"
            }
          ]
        },
        {
          "product": "EN100 Ethernet module DNP3 variant",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.04"
            }
          ]
        },
        {
          "product": "EN100 Ethernet module PROFINET IO variant",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "EN100 Ethernet module Modbus TCP variant",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "EN100 Ethernet module IEC 104 variant",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.22"
            }
          ]
        }
      ],
      "datePublic": "2018-03-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-22T16:56:34",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
        },
        {
          "name": "103379",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "https://www.securityfocus.com/bid/103379"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2018-4838",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "EN100 Ethernet module IEC 61850 variant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.30"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "EN100 Ethernet module DNP3 variant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V1.04"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "EN100 Ethernet module PROFINET IO variant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "EN100 Ethernet module Modbus TCP variant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "EN100 Ethernet module IEC 104 variant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V1.22"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
            },
            {
              "name": "103379",
              "refsource": "BID",
              "url": "https://www.securityfocus.com/bid/103379"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-4838",
    "datePublished": "2018-03-08T17:00:00",
    "dateReserved": "2018-01-02T00:00:00",
    "dateUpdated": "2024-08-05T05:18:26.631Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:en100_ethernet_module_iec_104_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"300FAA93-3BBB-4848-AFA5-97DE57053E5E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:en100_ethernet_module_iec_104:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75FDB347-4ED5-4A36-A9CA-B2A461A92572\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:en100_ethernet_module_dnp3_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15E8060A-2897-4E2E-9441-5687D923C642\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:en100_ethernet_module_dnp3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E733162-1D6E-4CF7-9CB2-007C8CA8B6B4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:en100_ethernet_module_modbus_tcp_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71DCD4E3-9BA4-44CE-BFCC-6659258FCE31\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:en100_ethernet_module_modbus_tcp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48118739-31B9-4600-8856-D7E9870479E7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:en100_ethernet_module_profinet_io_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C2FA062-EBFE-457F-988E-60A9317212A4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:en100_ethernet_module_profinet_io:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11199473-60BF-42AB-B6F0-BEF9663C67B7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:en100_ethernet_module_iec_61850_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.30\", \"matchCriteriaId\": \"42ABCFB1-0D86-47DB-8257-370B70E1C969\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:en100_ethernet_module_iec_61850:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C5EC8F7-6CD2-461B-9D06-2D9F4D083A98\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities.\"}, {\"lang\": \"es\", \"value\": \"Se ha identificado una vulnerabilidad en la variante del m\\u00f3dulo de Ethernet EN100 IEC 61850 (todas las versiones anteriores a la V4.30), la variante del m\\u00f3dulo de Ethernet EN100 DNP3 (todas las versiones anteriores a la V1.04), la variante del m\\u00f3dulo de Ethernet EN100 PROFINET IO (todas las versiones), la variante del m\\u00f3dulo de Ethernet EN100 Modbus TCP (todas las versiones) y la variante del m\\u00f3dulo de Ethernet EN100 IEC 104 (todas las versiones anteriores a la V1.22). La interfaz web (TCP/80) de los dispositivos afectados permite que un usuario no autenticado actualice o degrade el firmware del dispositivo, incluyendo versiones m\\u00e1s antiguas con vulnerabilidades conocidas.\"}]",
      "id": "CVE-2018-4838",
      "lastModified": "2024-11-21T04:07:33.400",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-03-08T17:29:00.210",
      "references": "[{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.securityfocus.com/bid/103379\", \"source\": \"productcert@siemens.com\"}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01\", \"source\": \"nvd@nist.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.securityfocus.com/bid/103379\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "productcert@siemens.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-4838\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2018-03-08T17:29:00.210\",\"lastModified\":\"2024-11-21T04:07:33.400\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en la variante del m\u00f3dulo de Ethernet EN100 IEC 61850 (todas las versiones anteriores a la V4.30), la variante del m\u00f3dulo de Ethernet EN100 DNP3 (todas las versiones anteriores a la V1.04), la variante del m\u00f3dulo de Ethernet EN100 PROFINET IO (todas las versiones), la variante del m\u00f3dulo de Ethernet EN100 Modbus TCP (todas las versiones) y la variante del m\u00f3dulo de Ethernet EN100 IEC 104 (todas las versiones anteriores a la V1.22). La interfaz web (TCP/80) de los dispositivos afectados permite que un usuario no autenticado actualice o degrade el firmware del dispositivo, incluyendo versiones m\u00e1s antiguas con vulnerabilidades conocidas.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:en100_ethernet_module_iec_104_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"300FAA93-3BBB-4848-AFA5-97DE57053E5E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:en100_ethernet_module_iec_104:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75FDB347-4ED5-4A36-A9CA-B2A461A92572\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:en100_ethernet_module_dnp3_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15E8060A-2897-4E2E-9441-5687D923C642\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:en100_ethernet_module_dnp3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E733162-1D6E-4CF7-9CB2-007C8CA8B6B4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:en100_ethernet_module_modbus_tcp_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71DCD4E3-9BA4-44CE-BFCC-6659258FCE31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:en100_ethernet_module_modbus_tcp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48118739-31B9-4600-8856-D7E9870479E7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:en100_ethernet_module_profinet_io_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C2FA062-EBFE-457F-988E-60A9317212A4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:en100_ethernet_module_profinet_io:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11199473-60BF-42AB-B6F0-BEF9663C67B7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:en100_ethernet_module_iec_61850_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.30\",\"matchCriteriaId\":\"42ABCFB1-0D86-47DB-8257-370B70E1C969\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:en100_ethernet_module_iec_61850:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C5EC8F7-6CD2-461B-9D06-2D9F4D083A98\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.securityfocus.com/bid/103379\",\"source\":\"productcert@siemens.com\"},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01\",\"source\":\"nvd@nist.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.securityfocus.com/bid/103379\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTFR-2018-AVI-117

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans SCADA les produits Siemens . Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIPROTEC Compact 7SJ80 versions antérieures à V4.77
Siemens	N/A	EN100 Ethernet module IEC 61850 variant versions antérieures à V4.30
Siemens	N/A	SIPROTEC Compact 7SK80 versions antérieures à V4.77
Siemens	N/A	DIGSI 4 versions antérieures à V4.92
Siemens	N/A	SIPROTEC 4 7SJ66 versions antérieures à V4.30

References

Title

Publication Time

Tags

Bulletin de sécurité SCADA Siemens ssa-845879 du 08 mars 2018	None	vendor-advisory
Bulletin de sécurité SCADA Siemens ssa-203306 du 08 mars 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIPROTEC Compact 7SJ80 versions ant\u00e9rieures \u00e0 V4.77",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "EN100 Ethernet module IEC 61850 variant versions ant\u00e9rieures \u00e0 V4.30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPROTEC Compact 7SK80 versions ant\u00e9rieures \u00e0 V4.77",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "DIGSI 4 versions ant\u00e9rieures \u00e0 V4.92",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPROTEC 4 7SJ66 versions ant\u00e9rieures \u00e0 V4.30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-4838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4838"
    },
    {
      "name": "CVE-2018-4839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4839"
    },
    {
      "name": "CVE-2018-4840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4840"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-117",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-03-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans SCADA les produits\nSiemens . Elles permettent \u00e0 un attaquant de provoquer un contournement\nde la politique de s\u00e9curit\u00e9, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans SCADA les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-845879 du 08 mars 2018",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-203306 du 08 mars 2018",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
    }
  ]
}

CERTFR-2018-AVI-117

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIPROTEC Compact 7SJ80 versions antérieures à V4.77
Siemens	N/A	EN100 Ethernet module IEC 61850 variant versions antérieures à V4.30
Siemens	N/A	SIPROTEC Compact 7SK80 versions antérieures à V4.77
Siemens	N/A	DIGSI 4 versions antérieures à V4.92
Siemens	N/A	SIPROTEC 4 7SJ66 versions antérieures à V4.30

References

Title

Publication Time

Tags

Bulletin de sécurité SCADA Siemens ssa-845879 du 08 mars 2018	None	vendor-advisory
Bulletin de sécurité SCADA Siemens ssa-203306 du 08 mars 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIPROTEC Compact 7SJ80 versions ant\u00e9rieures \u00e0 V4.77",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "EN100 Ethernet module IEC 61850 variant versions ant\u00e9rieures \u00e0 V4.30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPROTEC Compact 7SK80 versions ant\u00e9rieures \u00e0 V4.77",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "DIGSI 4 versions ant\u00e9rieures \u00e0 V4.92",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPROTEC 4 7SJ66 versions ant\u00e9rieures \u00e0 V4.30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-4838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4838"
    },
    {
      "name": "CVE-2018-4839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4839"
    },
    {
      "name": "CVE-2018-4840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4840"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-117",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-03-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans SCADA les produits\nSiemens . Elles permettent \u00e0 un attaquant de provoquer un contournement\nde la politique de s\u00e9curit\u00e9, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans SCADA les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-845879 du 08 mars 2018",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-203306 du 08 mars 2018",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
    }
  ]
}

CNVD-2018-04834

Vulnerability from cnvd - Published: 2018-03-09

Title

Siemens多个产品存在未授权操作漏洞

Description

SIPROTEC 4，SIPROTEC Compact和Reyrolle设备可对变电所及其他应用提供广泛的集中防护、控制及自动化功能。使用EN100以太网通信模块扩展的SIPROTEC 4，SIPROTEC Compact和Reyrolle设备存在未授权操作漏洞，允许攻击者升级或降级设备的固件，包括降级到具有已知漏洞的旧版本。

Severity

高

Patch Name

Siemens多个产品存在未授权操作漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://support.industry.siemens.com/cs/us/en/view/109745821

Reference

https://ics-cert.us-cert.gov/advisories/ICSA-18-067-02

Impacted products

Name
['Siemens IEC 61850 <V4.30', 'Siemens PROFINET IO', 'Siemens Modbus TCP', 'Siemens DNP3', 'Siemens IEC 104']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-4838"
    }
  },
  "description": "SIPROTEC 4\uff0cSIPROTEC Compact\u548cReyrolle\u8bbe\u5907\u53ef\u5bf9\u53d8\u7535\u6240\u53ca\u5176\u4ed6\u5e94\u7528\u63d0\u4f9b\u5e7f\u6cdb\u7684\u96c6\u4e2d\u9632\u62a4\u3001\u63a7\u5236\u53ca\u81ea\u52a8\u5316\u529f\u80fd\u3002\r\n\r\n\u4f7f\u7528EN100\u4ee5\u592a\u7f51\u901a\u4fe1\u6a21\u5757\u6269\u5c55\u7684SIPROTEC 4\uff0cSIPROTEC Compact\u548cReyrolle\u8bbe\u5907\u5b58\u5728\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5347\u7ea7\u6216\u964d\u7ea7\u8bbe\u5907\u7684\u56fa\u4ef6\uff0c\u5305\u62ec\u964d\u7ea7\u5230\u5177\u6709\u5df2\u77e5\u6f0f\u6d1e\u7684\u65e7\u7248\u672c\u3002",
  "discovererName": "Ilya Karpov\u548cDmitry Sklyarov",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a \r\nhttps://support.industry.siemens.com/cs/us/en/view/109745821",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-04834",
  "openTime": "2018-03-09",
  "patchDescription": "SIPROTEC 4\uff0cSIPROTEC Compact\u548cReyrolle\u8bbe\u5907\u53ef\u5bf9\u53d8\u7535\u6240\u53ca\u5176\u4ed6\u5e94\u7528\u63d0\u4f9b\u5e7f\u6cdb\u7684\u96c6\u4e2d\u9632\u62a4\u3001\u63a7\u5236\u53ca\u81ea\u52a8\u5316\u529f\u80fd\u3002\r\n\r\n\u4f7f\u7528EN100\u4ee5\u592a\u7f51\u901a\u4fe1\u6a21\u5757\u6269\u5c55\u7684SIPROTEC 4\uff0cSIPROTEC Compact\u548cReyrolle\u8bbe\u5907\u5b58\u5728\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5347\u7ea7\u6216\u964d\u7ea7\u8bbe\u5907\u7684\u56fa\u4ef6\uff0c\u5305\u62ec\u964d\u7ea7\u5230\u5177\u6709\u5df2\u77e5\u6f0f\u6d1e\u7684\u65e7\u7248\u672c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens\u591a\u4e2a\u4ea7\u54c1\u5b58\u5728\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens IEC 61850 \u003cV4.30",
      "Siemens PROFINET IO",
      "Siemens Modbus TCP",
      "Siemens DNP3",
      "Siemens IEC 104"
    ]
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-18-067-02",
  "serverity": "\u9ad8",
  "submitTime": "2018-03-09",
  "title": "Siemens\u591a\u4e2a\u4ea7\u54c1\u5b58\u5728\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e"
}

FKIE_CVE-2018-4838

Vulnerability from fkie_nvd - Published: 2018-03-08 17:29 - Updated: 2024-11-21 04:07

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf	Patch, Vendor Advisory
productcert@siemens.com	https://www.securityfocus.com/bid/103379
nvd@nist.gov	https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.securityfocus.com/bid/103379

Impacted products

Vendor	Product	Version
siemens	en100_ethernet_module_iec_104_firmware	-
siemens	en100_ethernet_module_iec_104	-
siemens	en100_ethernet_module_dnp3_firmware	-
siemens	en100_ethernet_module_dnp3	-
siemens	en100_ethernet_module_modbus_tcp_firmware	-
siemens	en100_ethernet_module_modbus_tcp	-
siemens	en100_ethernet_module_profinet_io_firmware	-
siemens	en100_ethernet_module_profinet_io	-
siemens	en100_ethernet_module_iec_61850_firmware	*
siemens	en100_ethernet_module_iec_61850	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:en100_ethernet_module_iec_104_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "300FAA93-3BBB-4848-AFA5-97DE57053E5E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:en100_ethernet_module_iec_104:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75FDB347-4ED5-4A36-A9CA-B2A461A92572",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:en100_ethernet_module_dnp3_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E8060A-2897-4E2E-9441-5687D923C642",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:en100_ethernet_module_dnp3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E733162-1D6E-4CF7-9CB2-007C8CA8B6B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:en100_ethernet_module_modbus_tcp_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCD4E3-9BA4-44CE-BFCC-6659258FCE31",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:en100_ethernet_module_modbus_tcp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48118739-31B9-4600-8856-D7E9870479E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:en100_ethernet_module_profinet_io_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C2FA062-EBFE-457F-988E-60A9317212A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:en100_ethernet_module_profinet_io:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11199473-60BF-42AB-B6F0-BEF9663C67B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:en100_ethernet_module_iec_61850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42ABCFB1-0D86-47DB-8257-370B70E1C969",
              "versionEndExcluding": "4.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:en100_ethernet_module_iec_61850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5EC8F7-6CD2-461B-9D06-2D9F4D083A98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en la variante del m\u00f3dulo de Ethernet EN100 IEC 61850 (todas las versiones anteriores a la V4.30), la variante del m\u00f3dulo de Ethernet EN100 DNP3 (todas las versiones anteriores a la V1.04), la variante del m\u00f3dulo de Ethernet EN100 PROFINET IO (todas las versiones), la variante del m\u00f3dulo de Ethernet EN100 Modbus TCP (todas las versiones) y la variante del m\u00f3dulo de Ethernet EN100 IEC 104 (todas las versiones anteriores a la V1.22). La interfaz web (TCP/80) de los dispositivos afectados permite que un usuario no autenticado actualice o degrade el firmware del dispositivo, incluyendo versiones m\u00e1s antiguas con vulnerabilidades conocidas."
    }
  ],
  "id": "CVE-2018-4838",
  "lastModified": "2024-11-21T04:07:33.400",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-08T17:29:00.210",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://www.securityfocus.com/bid/103379"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.securityfocus.com/bid/103379"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-R849-HJQV-324F

Vulnerability from github – Published: 2022-05-13 01:52 – Updated: 2022-05-13 01:52

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-4838"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-08T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities.",
  "id": "GHSA-r849-hjqv-324f",
  "modified": "2022-05-13T01:52:41Z",
  "published": "2022-05-13T01:52:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4838"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01"
    },
    {
      "type": "WEB",
      "url": "https://www.securityfocus.com/bid/103379"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

ICSA-18-067-02

Vulnerability from csaf_cisa - Published: 2018-03-08 00:00 - Updated: 2019-02-12 00:00

Summary

ICSA-18-067-02_Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle Devices using the EN100 Ethernet Communication Module Extension (Update B)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Summary

Ilya Karpov and Dmitry Sklyarov from Positive Technologies reported this vulnerability to Siemens.

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Ilya Karpov",
          "Dmitry Sklyarov"
        ],
        "organization": "Positive Technologies",
        "summary": "reporting this vulnerability to Siemens"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "summary",
        "text": "Ilya Karpov and Dmitry Sklyarov from Positive Technologies reported this vulnerability to Siemens.",
        "title": "Summary"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "CISAservicedesk@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-067-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-067-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-067-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-067-02"
      }
    ],
    "title": "ICSA-18-067-02_Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle Devices using the EN100 Ethernet Communication Module Extension (Update B)",
    "tracking": {
      "current_release_date": "2019-02-12T00:00:00.000000Z",
      "generator": {
        "date": "2023-01-12T22:19:38.656Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.0.0"
        }
      },
      "id": "ICSA-18-067-02",
      "initial_release_date": "2018-03-08T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-03-08T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-067-02 Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle Devices using the EN100 Ethernet Communication Module Extension"
        },
        {
          "date": "2018-04-19T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-18-067-02 Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices using the EN100 Ethernet communication module extension (Update A)"
        },
        {
          "date": "2019-02-12T00:00:00.000000Z",
          "legacy_version": "B",
          "number": "3",
          "summary": "ICSA-18-067-02 Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices using the EN100 Ethernet communication module extension (Update B)"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 1.04",
                "product": {
                  "name": "EN100 Ethernet module DNP3 variant: All versions prior to v1.04",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "EN100 Ethernet module DNP3 variant"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 4.30",
                "product": {
                  "name": "EN100 Ethernet module IEC 61850 variant: All versions prior to V4.30",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "EN100 Ethernet module IEC 61850 variant"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "EN100 Ethernet module Modbus TCP variant: All versions",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "EN100 Ethernet module Modbus TCP variant"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "EN100 Ethernet module PROFINET IO variant: All versions",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "EN100 Ethernet module PROFINET IO variant"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 1.22",
                "product": {
                  "name": "EN100 Ethernet module IEC 104 variant: All versions prior to v1.22",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "EN100 Ethernet module IEC 104 variant"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-4838",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Successful exploitation of this vulnerability could allow an attacker to either upgrade or downgrade the firmware of the device, including downgrading to older versions with known vulnerabilities.CVE-2018-4838 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "For all other affected products, Siemens has identified the following specific workarounds and mitigations that users can apply to reduce the risk. As a general security measure Siemens strongly recommends to protect network access with appropriate mechanisms (e.g., firewalls, segmentation, VPN). It is advised to configure the environment according to Siemens \u0027 operational guidelines in order to run the devices in a protected IT environment.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "EN100 Ethernet module DNP3 variant (All versions prior to v1.04): Update to v1.04 and configure maintenance password, which can be located here: https://support.industry.siemens.com/cs/us/en/ view/109745821",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/%20view/109745821"
        },
        {
          "category": "mitigation",
          "details": "EN100 Ethernet module IEC 61850 variant (All versions prior to v4.30): Update to v4.30, which can be located here: https://support.industry.siemens.com/cs/us/en/view/109745821",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109745821"
        },
        {
          "category": "mitigation",
          "details": "EN100 Ethernet module IEC 104 variant: Update to v1.22, which can be located here: https://support.industry.siemens.com/cs/document/109745821",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/document/109745821"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-4838"
    }
  ]
}

GSD-2018-4838

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-4838

Aliases

CVE-2018-4838

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-4838",
    "description": "A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities.",
    "id": "GSD-2018-4838"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-4838"
      ],
      "details": "A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities.",
      "id": "GSD-2018-4838",
      "modified": "2023-12-13T01:22:28.491621Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2018-4838",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "EN100 Ethernet module IEC 61850 variant",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V4.30"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens AG"
            },
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "EN100 Ethernet module DNP3 variant",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V1.04"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens AG"
            },
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "EN100 Ethernet module PROFINET IO variant",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens AG"
            },
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "EN100 Ethernet module Modbus TCP variant",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens AG"
            },
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "EN100 Ethernet module IEC 104 variant",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V1.22"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens AG"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Other"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
          },
          {
            "name": "103379",
            "refsource": "BID",
            "url": "https://www.securityfocus.com/bid/103379"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_iec_104_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_iec_104:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_dnp3_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_dnp3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_modbus_tcp_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_modbus_tcp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_profinet_io_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_profinet_io:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_iec_61850_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.30",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_iec_61850:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2018-4838"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-306"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01"
            },
            {
              "name": "103379",
              "refsource": "BID",
              "tags": [],
              "url": "https://www.securityfocus.com/bid/103379"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2018-03-08T17:29Z"
    }
  }
}

VAR-201803-2155

Vulnerability from variot - Updated: 2023-12-18 13:28

A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module DNP3 variant (All versions < V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions < V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities. plural Siemens The product contains an access control vulnerability.Information may be tampered with. SIPROTEC 4, SIPROTEC Compact and Reyrolle equipment offer a wide range of centralized protection, control and automation functions for substations and other applications. Multiple Siemens EN100 Ethernet Modules are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. A security vulnerability exists in the web interface (TCP/80) in several Siemens products

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201803-2155",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "en100 ethernet module modbus tcp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "en100 ethernet module iec 104",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "en100 ethernet module profinet io",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "en100 ethernet module dnp3",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "en100 ethernet module iec 61850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.30"
      },
      {
        "model": "en100 ethernet module dnp3",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "en100 ethernet module iec 104",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "en100 ethernet module iec 61850",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "en100 ethernet module modbus tcp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "en100 ethernet module profinet io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "iec",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "61850\u003cv4.30"
      },
      {
        "model": "profinet io",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "modbus tcp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "dnp3",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "iec",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "104"
      },
      {
        "model": "siprotec compact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "siprotec",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "40"
      },
      {
        "model": "reyrolle",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "en100 ethernet module profinet io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "en100 ethernet module modbus tcp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "en100 ethernet module iec",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "618500"
      },
      {
        "model": "en100 ethernet module iec",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1040"
      },
      {
        "model": "en100 ethernet module dnp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "en100 ethernet module iec",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "618504.30"
      },
      {
        "model": "iec siemens profinet io *siemens modbus tcp *siemens dnp3 *siemens iec",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "61850104"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      },
      {
        "db": "BID",
        "id": "103379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4838"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-230"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_iec_104_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_iec_104:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_dnp3_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_dnp3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_modbus_tcp_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_modbus_tcp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_profinet_io_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_profinet_io:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_iec_61850_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.30",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_iec_61850:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-4838"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ilya Karpov and Alexey Stennikov from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "103379"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-4838",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-4838",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-04834",
            "impactScore": 6.9,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1",
            "impactScore": 6.9,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-134869",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-4838",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-4838",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-04834",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201803-230",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-134869",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134869"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4838"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-230"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities. plural Siemens The product contains an access control vulnerability.Information may be tampered with. SIPROTEC 4, SIPROTEC Compact and Reyrolle equipment offer a wide range of centralized protection, control and automation functions for substations and other applications. Multiple Siemens EN100 Ethernet Modules are prone to an authentication-bypass vulnerability. \nAn attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. A security vulnerability exists in the web interface (TCP/80) in several Siemens products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-4838"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      },
      {
        "db": "BID",
        "id": "103379"
      },
      {
        "db": "IVD",
        "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134869"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-4838",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "103379",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-845879",
        "trust": 2.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-067-02",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-067-01",
        "trust": 1.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-230",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-04834",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002719",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E2E52650-39AB-11E9-AD8D-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-134869",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134869"
      },
      {
        "db": "BID",
        "id": "103379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4838"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-230"
      }
    ]
  },
  "id": "VAR-201803-2155",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134869"
      }
    ],
    "trust": 1.6314814666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:28:58.709000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-845879",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
      },
      {
        "title": "Patches for unauthorized operating vulnerabilities in multiple Siemens products",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/120859"
      },
      {
        "title": "Multiple Siemens Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78966"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-230"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-306",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-284",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-134869"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4838"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-067-02"
      },
      {
        "trust": 1.7,
        "url": "https://www.securityfocus.com/bid/103379"
      },
      {
        "trust": 1.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-067-01"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4838"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4838"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134869"
      },
      {
        "db": "BID",
        "id": "103379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4838"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-230"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134869"
      },
      {
        "db": "BID",
        "id": "103379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4838"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-230"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-03-09T00:00:00",
        "db": "IVD",
        "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
      },
      {
        "date": "2018-03-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      },
      {
        "date": "2018-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-134869"
      },
      {
        "date": "2018-03-08T00:00:00",
        "db": "BID",
        "id": "103379"
      },
      {
        "date": "2018-04-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      },
      {
        "date": "2018-03-08T17:29:00.210000",
        "db": "NVD",
        "id": "CVE-2018-4838"
      },
      {
        "date": "2018-03-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201803-230"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-03-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-04834"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-134869"
      },
      {
        "date": "2018-03-08T00:00:00",
        "db": "BID",
        "id": "103379"
      },
      {
        "date": "2018-04-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      },
      {
        "date": "2019-10-03T00:03:26.223000",
        "db": "NVD",
        "id": "CVE-2018-4838"
      },
      {
        "date": "2019-10-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201803-230"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-230"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Access control vulnerabilities in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002719"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Access control error",
    "sources": [
      {
        "db": "IVD",
        "id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-230"
      }
    ],
    "trust": 0.8
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-4838 (GCVE-0-2018-4838)

Solution

Solution

Tags

Sightings

Nomenclature