cvelistv5 - CVE-2018-4850

CVE-2018-4850

Vulnerability from cvelistv5

Published

2018-05-16 17:00

Modified

2024-09-16 22:46

Severity ?

Summary

References

URL	Tags
productcert@siemens.com	http://www.securityfocus.com/bid/104217	Third Party Advisory, VDB Entry
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf	Vendor Advisory
productcert@siemens.com	https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104217	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

Siemens AG

SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below, SIMATIC S7-400 (incl. F) CPU hardware version 5.0, SIMATIC S7-400H CPU hardware version 4.5 and below

Version: SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below : All versions
Version: SIMATIC S7-400 (incl. F) CPU hardware version 5.0 : All firmware versions < V5.2
Version: SIMATIC S7-400H CPU hardware version 4.5 and below : All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:18:26.561Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
          },
          {
            "name": "104217",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104217"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below, SIMATIC S7-400 (incl. F) CPU hardware version 5.0, SIMATIC S7-400H CPU hardware version 4.5 and below",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below : All versions"
            },
            {
              "status": "affected",
              "version": "SIMATIC S7-400 (incl. F) CPU hardware version 5.0 : All firmware versions \u003c V5.2"
            },
            {
              "status": "affected",
              "version": "SIMATIC S7-400H CPU hardware version 4.5 and below : All versions"
            }
          ]
        }
      ],
      "datePublic": "2018-05-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-22T09:57:01",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
        },
        {
          "name": "104217",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104217"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "DATE_PUBLIC": "2018-05-15T00:00:00",
          "ID": "CVE-2018-4850",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below, SIMATIC S7-400 (incl. F) CPU hardware version 5.0, SIMATIC S7-400H CPU hardware version 4.5 and below",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below : All versions"
                          },
                          {
                            "version_value": "SIMATIC S7-400 (incl. F) CPU hardware version 5.0 : All firmware versions \u003c V5.2"
                          },
                          {
                            "version_value": "SIMATIC S7-400H CPU hardware version 4.5 and below : All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20: Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
            },
            {
              "name": "104217",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104217"
            },
            {
              "name": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications",
              "refsource": "CONFIRM",
              "url": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-4850",
    "datePublished": "2018-05-16T17:00:00Z",
    "dateReserved": "2018-01-02T00:00:00",
    "dateUpdated": "2024-09-16T22:46:02.128Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.0\", \"matchCriteriaId\": \"3F8B29A7-5912-4815-B1DA-595A980ED365\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F97B67B-4516-4AD9-B33C-7F480EE0DB4D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.2\", \"matchCriteriaId\": \"A4C0C1ED-74B7-4E4B-B982-062176B7DA2D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F97B67B-4516-4AD9-B33C-7F480EE0DB4D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_s7-400h_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.5\", \"matchCriteriaId\": \"F150F79A-3843-4A31-8343-75DAF186030F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_s7-400h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D1CCAFD-1D34-4893-9B3E-76CAD323179A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.\"}, {\"lang\": \"es\", \"value\": \"Se ha identificado una vulnerabilidad en SIMATIC S7-400 (incl. F) CPU en versiones de hardware 4.0 y anteriores (todas las versiones), SIMATIC S7-400 (incl. F) CPU en versiones de hardware 5.0 (todas las versiones anteriores a la V5.2), SIMATIC S7-400H CPU en versiones de hardware 4.5 y anteriores (todas las versiones). Las CPU afectadas validan incorrectamente los paquetes de comunicaci\\u00f3n S7 que podr\\u00edan provocar una condici\\u00f3n de denegaci\\u00f3n de servicio (DoS) en la CPU. La CPU continuar\\u00e1 en modo DEFECT hasta que se reinicie manualmente.\"}]",
      "id": "CVE-2018-4850",
      "lastModified": "2024-11-21T04:07:35.003",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-05-16T17:29:00.387",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/104217\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/104217\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "productcert@siemens.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"productcert@siemens.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-4850\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2018-05-16T17:29:00.387\",\"lastModified\":\"2024-11-21T04:07:35.003\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en SIMATIC S7-400 (incl. F) CPU en versiones de hardware 4.0 y anteriores (todas las versiones), SIMATIC S7-400 (incl. F) CPU en versiones de hardware 5.0 (todas las versiones anteriores a la V5.2), SIMATIC S7-400H CPU en versiones de hardware 4.5 y anteriores (todas las versiones). Las CPU afectadas validan incorrectamente los paquetes de comunicaci\u00f3n S7 que podr\u00edan provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en la CPU. La CPU continuar\u00e1 en modo DEFECT hasta que se reinicie manualmente.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.0\",\"matchCriteriaId\":\"3F8B29A7-5912-4815-B1DA-595A980ED365\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F97B67B-4516-4AD9-B33C-7F480EE0DB4D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.2\",\"matchCriteriaId\":\"A4C0C1ED-74B7-4E4B-B982-062176B7DA2D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F97B67B-4516-4AD9-B33C-7F480EE0DB4D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-400h_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.5\",\"matchCriteriaId\":\"F150F79A-3843-4A31-8343-75DAF186030F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-400h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D1CCAFD-1D34-4893-9B3E-76CAD323179A\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/104217\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

gsd-2018-4850

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2018-4850

Aliases

CVE-2018-4850

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-4850",
    "description": "A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.",
    "id": "GSD-2018-4850"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-4850"
      ],
      "details": "A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.",
      "id": "GSD-2018-4850",
      "modified": "2023-12-13T01:22:28.527056Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "DATE_PUBLIC": "2018-05-15T00:00:00",
        "ID": "CVE-2018-4850",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below, SIMATIC S7-400 (incl. F) CPU hardware version 5.0, SIMATIC S7-400H CPU hardware version 4.5 and below",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below : All versions"
                        },
                        {
                          "version_value": "SIMATIC S7-400 (incl. F) CPU hardware version 5.0 : All firmware versions \u003c V5.2"
                        },
                        {
                          "version_value": "SIMATIC S7-400H CPU hardware version 4.5 and below : All versions"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens AG"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20: Improper Input Validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
          },
          {
            "name": "104217",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/104217"
          },
          {
            "name": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications",
            "refsource": "CONFIRM",
            "url": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "4.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "5.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-400h_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "4.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-400h:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2018-4850"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
            },
            {
              "name": "104217",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/104217"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-09T23:41Z",
      "publishedDate": "2018-05-16T17:29Z"
    }
  }
}

CVE-2018-4850

Vulnerability from fkie_nvd

Published

2018-05-16 17:29

Modified

2024-11-21 04:07

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
productcert@siemens.com	http://www.securityfocus.com/bid/104217	Third Party Advisory, VDB Entry
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf	Vendor Advisory
productcert@siemens.com	https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104217	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	simatic_s7-400_firmware	*
siemens	simatic_s7-400	-
siemens	simatic_s7-400_firmware	*
siemens	simatic_s7-400	-
siemens	simatic_s7-400h_firmware	*
siemens	simatic_s7-400h	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F8B29A7-5912-4815-B1DA-595A980ED365",
              "versionEndIncluding": "4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F97B67B-4516-4AD9-B33C-7F480EE0DB4D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4C0C1ED-74B7-4E4B-B982-062176B7DA2D",
              "versionEndExcluding": "5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F97B67B-4516-4AD9-B33C-7F480EE0DB4D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-400h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F150F79A-3843-4A31-8343-75DAF186030F",
              "versionEndIncluding": "4.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-400h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D1CCAFD-1D34-4893-9B3E-76CAD323179A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC S7-400 (incl. F) CPU en versiones de hardware 4.0 y anteriores (todas las versiones), SIMATIC S7-400 (incl. F) CPU en versiones de hardware 5.0 (todas las versiones anteriores a la V5.2), SIMATIC S7-400H CPU en versiones de hardware 4.5 y anteriores (todas las versiones). Las CPU afectadas validan incorrectamente los paquetes de comunicaci\u00f3n S7 que podr\u00edan provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en la CPU. La CPU continuar\u00e1 en modo DEFECT hasta que se reinicie manualmente."
    }
  ],
  "id": "CVE-2018-4850",
  "lastModified": "2024-11-21T04:07:35.003",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-16T17:29:00.387",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104217"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

icsa-18-137-03

Vulnerability from csaf_cisa

Published

2018-05-17 00:00

Modified

2018-09-11 00:00

Summary

Siemens SIMATIC S7-400 CPU (Update A)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of this vulnerability could cause a denial-of-service condition of the CPU. The CPU will remain in DEFECT mode until a manual restart is performed.

Critical infrastructure sectors

Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting this vulnerability to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability could cause a denial-of-service condition of the CPU. The CPU will remain in DEFECT mode until a manual restart is performed.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and  solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-137-03 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-137-03.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-137-03 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-137-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-137-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "SSA-496604: SSA-914382: Denial-of-Service Vulnerability in SIMATIC S7-400 CPU Family - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/SSA-914382.txt"
      }
    ],
    "title": "Siemens SIMATIC S7-400 CPU (Update A)",
    "tracking": {
      "current_release_date": "2018-09-11T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-137-03",
      "initial_release_date": "2018-05-17T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-05-17T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-137-03 Siemens SIMATIC S7-400 CPU"
        },
        {
          "date": "2018-09-11T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-18-137-03 Siemens SIMATIC S7-400 CPU (Update A)"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions",
                "product": {
                  "name": "SIMATIC S7-400 CPU hardware version 4.0 and below (incl. SIPLUS: All versions",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-400 CPU hardware version 4.0 and below (incl. SIPLUS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All firmware versions \u003c V5.2",
                "product": {
                  "name": "SIMATIC S7-400 CPU hardware version 5.0 (incl. SIPLUS variants): All firmware versions \u003c V5.2",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-400 CPU hardware version 5.0 (incl. SIPLUS variants)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions",
                "product": {
                  "name": "SIMATIC S7-400 H CPU hardware version 4.5 and below (incl. SIPLUS: All versions",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-400 H CPU hardware version 4.5 and below (incl. SIPLUS"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-4850",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "Successful exploitation requires an attacker to be able to send a specially crafted S7 communication packet to a communication interface of the CPU. This includes Ethernet, PROFIBUS, and Multi Point Interfaces (MPI). No user interaction or privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the core functionality of the CPU, compromising the availability of the system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens confirms the security vulnerability and provides mitigations to resolve the security issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/ww/en/view/75407031",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/75407031"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4850"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Apply cell protection concept:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-security.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Use VPN for protecting network communication between cells.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply Defense-in-Depth:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-security.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workarounds and Mitigations or upgrade to hardware version 5.0 or newer - Download: https://support.industry.siemens.com/cs/ww/en/view/109483507 ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109483507"
        },
        {
          "category": "vendor_fix",
          "details": "Update to firmware version 5.2 or newer - Download: https://support.industry.siemens.com/cs/ww/en/view/109474827 ",
          "product_ids": [
            "CSAFPID-0002"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109474827"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workarounds and Mitigations or upgrade to hardware version 6.0 or newer - Download: https://support.industry.siemens.com/cs/ww/en/view/75407031 ",
          "product_ids": [
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/75407031"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    }
  ]
}

ICSA-18-137-03

Vulnerability from csaf_cisa

Published

2018-05-17 00:00

Modified

2018-09-11 00:00

Summary

Siemens SIMATIC S7-400 CPU (Update A)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

Risk evaluation

Successful exploitation of this vulnerability could cause a denial-of-service condition of the CPU. The CPU will remain in DEFECT mode until a manual restart is performed.

Critical infrastructure sectors

Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Recommended Practices

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting this vulnerability to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability could cause a denial-of-service condition of the CPU. The CPU will remain in DEFECT mode until a manual restart is performed.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and  solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-137-03 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-137-03.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-137-03 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-137-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-137-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "SSA-496604: SSA-914382: Denial-of-Service Vulnerability in SIMATIC S7-400 CPU Family - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/SSA-914382.txt"
      }
    ],
    "title": "Siemens SIMATIC S7-400 CPU (Update A)",
    "tracking": {
      "current_release_date": "2018-09-11T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-137-03",
      "initial_release_date": "2018-05-17T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-05-17T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-137-03 Siemens SIMATIC S7-400 CPU"
        },
        {
          "date": "2018-09-11T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-18-137-03 Siemens SIMATIC S7-400 CPU (Update A)"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions",
                "product": {
                  "name": "SIMATIC S7-400 CPU hardware version 4.0 and below (incl. SIPLUS: All versions",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-400 CPU hardware version 4.0 and below (incl. SIPLUS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All firmware versions \u003c V5.2",
                "product": {
                  "name": "SIMATIC S7-400 CPU hardware version 5.0 (incl. SIPLUS variants): All firmware versions \u003c V5.2",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-400 CPU hardware version 5.0 (incl. SIPLUS variants)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions",
                "product": {
                  "name": "SIMATIC S7-400 H CPU hardware version 4.5 and below (incl. SIPLUS: All versions",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-400 H CPU hardware version 4.5 and below (incl. SIPLUS"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-4850",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "Successful exploitation requires an attacker to be able to send a specially crafted S7 communication packet to a communication interface of the CPU. This includes Ethernet, PROFIBUS, and Multi Point Interfaces (MPI). No user interaction or privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the core functionality of the CPU, compromising the availability of the system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens confirms the security vulnerability and provides mitigations to resolve the security issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/ww/en/view/75407031",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/75407031"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4850"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Apply cell protection concept:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-security.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Use VPN for protecting network communication between cells.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply Defense-in-Depth:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-security.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workarounds and Mitigations or upgrade to hardware version 5.0 or newer - Download: https://support.industry.siemens.com/cs/ww/en/view/109483507 ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109483507"
        },
        {
          "category": "vendor_fix",
          "details": "Update to firmware version 5.2 or newer - Download: https://support.industry.siemens.com/cs/ww/en/view/109474827 ",
          "product_ids": [
            "CSAFPID-0002"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109474827"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workarounds and Mitigations or upgrade to hardware version 6.0 or newer - Download: https://support.industry.siemens.com/cs/ww/en/view/75407031 ",
          "product_ids": [
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/75407031"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    }
  ]
}

var-201805-1131

Vulnerability from variot

A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions < V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart. SIEMENS SIMATIC S7-400 CPU and SIMATIC S7-400H CPU Contains a data processing vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The products in the Siemens SIMATIC S7-400 CPU family have been designed for process control in industrial environments. There is a denial of service vulnerability in the Siemens SIMATIC S7-400. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. F) and SIMATIC S7-400H CPU. The vulnerability is caused by the fact that the program does not correctly verify the S7 communication data package. The following products and versions are affected: Siemens SIMATIC S7-400 4.0 and earlier, SIMATIC S7-400 (incl

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201805-1131",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic s7-400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "simatic s7-400",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "simatic s7-400h",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic s7-400",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400h",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400 cpu hardware",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=4.0"
      },
      {
        "model": "simatic s7-400 cpu hardware",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=5.0"
      },
      {
        "model": "simatic s7-400h cpu hardware",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=4.5"
      },
      {
        "model": "simatic s7-400h",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic s7-400",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic s7 400",
        "version": "*"
      },
      {
        "model": "simatic s7-400h cpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-400 cpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic s7-400 cpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "simatic s7-400h cpu",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic s7-400 cpu",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400h",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2ef386e-39ab-11e9-afb5-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      },
      {
        "db": "BID",
        "id": "104217"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4850"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-471"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "4.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-400_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "5.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-400h_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "4.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-400h:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-4850"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "104217"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-4850",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-4850",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-09542",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "e2ef386e-39ab-11e9-afb5-000c29342cb1",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-134881",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-4850",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-4850",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-09542",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201805-471",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2ef386e-39ab-11e9-afb5-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-134881",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2ef386e-39ab-11e9-afb5-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134881"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4850"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-471"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart. SIEMENS SIMATIC S7-400 CPU and SIMATIC S7-400H CPU Contains a data processing vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The products in the Siemens SIMATIC S7-400 CPU family have been designed for process control in industrial environments. There is a denial of service vulnerability in the Siemens SIMATIC S7-400. \nRemote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. F) and SIMATIC S7-400H CPU. The vulnerability is caused by the fact that the program does not correctly verify the S7 communication data package. The following products and versions are affected: Siemens SIMATIC S7-400 4.0 and earlier, SIMATIC S7-400 (incl",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-4850"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      },
      {
        "db": "BID",
        "id": "104217"
      },
      {
        "db": "IVD",
        "id": "e2ef386e-39ab-11e9-afb5-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134881"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-4850",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-914382",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "104217",
        "trust": 2.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-137-03",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-09542",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-471",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005158",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E2EF386E-39AB-11E9-AFB5-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-98957",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-134881",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2ef386e-39ab-11e9-afb5-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134881"
      },
      {
        "db": "BID",
        "id": "104217"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4850"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-471"
      }
    ]
  },
  "id": "VAR-201805-1131",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2ef386e-39ab-11e9-afb5-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134881"
      }
    ],
    "trust": 1.6911931875000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2ef386e-39ab-11e9-afb5-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:08:26.027000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Siemens ProductCERT and Siemens CERT",
        "trust": 0.8,
        "url": "https://www.siemens.com/global/en/home/products/services/cert.html#securitypublications"
      },
      {
        "title": "SSA-914382 : Denial-of-Service Vulnerability in SIMATIC S7-400",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
      },
      {
        "title": "Siemens SIMATIC S7-400 refuses service patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/129167"
      },
      {
        "title": "Siemens SIMATIC S7-400  and SIMATIC S7-400H Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83420"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-471"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-19",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-134881"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4850"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/104217"
      },
      {
        "trust": 1.7,
        "url": "https://www.siemens.com/global/en/home/products/services/cert.html#securitypublications"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-137-03"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4850"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4850"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134881"
      },
      {
        "db": "BID",
        "id": "104217"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4850"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-471"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2ef386e-39ab-11e9-afb5-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134881"
      },
      {
        "db": "BID",
        "id": "104217"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4850"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-471"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-05-16T00:00:00",
        "db": "IVD",
        "id": "e2ef386e-39ab-11e9-afb5-000c29342cb1"
      },
      {
        "date": "2018-05-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      },
      {
        "date": "2018-05-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-134881"
      },
      {
        "date": "2018-05-15T00:00:00",
        "db": "BID",
        "id": "104217"
      },
      {
        "date": "2018-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      },
      {
        "date": "2018-05-16T17:29:00.387000",
        "db": "NVD",
        "id": "CVE-2018-4850"
      },
      {
        "date": "2018-05-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201805-471"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-05-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-09542"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-134881"
      },
      {
        "date": "2018-05-15T00:00:00",
        "db": "BID",
        "id": "104217"
      },
      {
        "date": "2018-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      },
      {
        "date": "2019-10-09T23:41:02.360000",
        "db": "NVD",
        "id": "CVE-2018-4850"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201805-471"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-471"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIEMENS SIMATIC S7-400 CPU and  SIMATIC S7-400H CPU Vulnerable to data processing",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005158"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-471"
      }
    ],
    "trust": 0.6
  }
}

ghsa-9c5r-829c-7rjc

Vulnerability from github

Published

2022-05-13 01:32

Modified

2022-05-13 01:32

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-4850"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-16T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions \u003c V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.",
  "id": "GHSA-9c5r-829c-7rjc",
  "modified": "2022-05-13T01:32:14Z",
  "published": "2022-05-13T01:32:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4850"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.siemens.com/global/en/home/products/services/cert.html#SecurityPublications"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104217"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-4850

Vulnerability from cvelistv5

gsd-2018-4850

Vulnerability from gsd

CVE-2018-4850

Vulnerability from fkie_nvd

icsa-18-137-03

Vulnerability from csaf_cisa

ICSA-18-137-03

Vulnerability from csaf_cisa

var-201805-1131

Vulnerability from variot

ghsa-9c5r-829c-7rjc

Vulnerability from github

Tags

Sightings

Nomenclature