VAR-201809-0290
Vulnerability from variot - Updated: 2023-12-18 12:01A vulnerability has been identified in SIEMENS TD Keypad Designer (All versions). A DLL hijacking vulnerability exists in all versions of SIEMENS TD Keypad Designer which could allow an attacker to execute code with the permission of the user running TD Designer. The attacker must have write access to the directory containing the TD project file in order to exploit the vulnerability. A legitimate user with higher privileges than the attacker must open the TD project in order for this vulnerability to be exploited. At the time of advisory publication no public exploitation of this security vulnerability was known. SIEMENS TD Keypad Designer Contains an uncontrolled search path element vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0290",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "td keypad designer",
"scope": null,
"trust": 2.0,
"vendor": "siemens",
"version": null
},
{
"model": "td keypad designer",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "td keypad designer",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "td keypad designer",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c"
},
{
"db": "CNVD",
"id": "CNVD-2020-02200"
},
{
"db": "BID",
"id": "108564"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010723"
},
{
"db": "NVD",
"id": "CVE-2018-13806"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-574"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:td_keypad_designer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-13806"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "108564"
}
],
"trust": 0.3
},
"cve": "CVE-2018-13806",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-13806",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2020-02200",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-13806",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-13806",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2020-02200",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-574",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c"
},
{
"db": "CNVD",
"id": "CNVD-2020-02200"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010723"
},
{
"db": "NVD",
"id": "CVE-2018-13806"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-574"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIEMENS TD Keypad Designer (All versions). A DLL hijacking vulnerability exists in all versions of SIEMENS TD Keypad Designer which could allow an attacker to execute code with the permission of the user running TD Designer. The attacker must have write access to the directory containing the TD project file in order to exploit the vulnerability. A legitimate user with higher privileges than the attacker must open the TD project in order for this vulnerability to be exploited. At the time of advisory publication no public exploitation of this security vulnerability was known. SIEMENS TD Keypad Designer Contains an uncontrolled search path element vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-13806"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010723"
},
{
"db": "CNVD",
"id": "CNVD-2020-02200"
},
{
"db": "BID",
"id": "108564"
},
{
"db": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-13806",
"trust": 3.5
},
{
"db": "SIEMENS",
"id": "SSA-198330",
"trust": 1.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-254-03",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2020-02200",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-574",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010723",
"trust": 0.8
},
{
"db": "BID",
"id": "108564",
"trust": 0.3
},
{
"db": "IVD",
"id": "BA63C8D0-EC8F-4076-8C51-FBFA5407409C",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c"
},
{
"db": "CNVD",
"id": "CNVD-2020-02200"
},
{
"db": "BID",
"id": "108564"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010723"
},
{
"db": "NVD",
"id": "CVE-2018-13806"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-574"
}
]
},
"id": "VAR-201809-0290",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c"
},
{
"db": "CNVD",
"id": "CNVD-2020-02200"
}
],
"trust": 1.4666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c"
},
{
"db": "CNVD",
"id": "CNVD-2020-02200"
}
]
},
"last_update_date": "2023-12-18T12:01:19Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-198330",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-198330.pdf"
},
{
"title": "Patch for Siemens TD Keypad Designer DLL Hijacking Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/197069"
},
{
"title": "Siemens TD Keypad Designer Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=84841"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02200"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010723"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-574"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010723"
},
{
"db": "NVD",
"id": "CVE-2018-13806"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-198330.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-13806"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-254-03"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13806"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02200"
},
{
"db": "BID",
"id": "108564"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010723"
},
{
"db": "NVD",
"id": "CVE-2018-13806"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-574"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c"
},
{
"db": "CNVD",
"id": "CNVD-2020-02200"
},
{
"db": "BID",
"id": "108564"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010723"
},
{
"db": "NVD",
"id": "CVE-2018-13806"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-574"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-14T00:00:00",
"db": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c"
},
{
"date": "2020-01-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-02200"
},
{
"date": "2018-09-11T00:00:00",
"db": "BID",
"id": "108564"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010723"
},
{
"date": "2018-09-12T13:29:01.047000",
"db": "NVD",
"id": "CVE-2018-13806"
},
{
"date": "2018-09-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-574"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-02200"
},
{
"date": "2018-09-11T00:00:00",
"db": "BID",
"id": "108564"
},
{
"date": "2019-01-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010723"
},
{
"date": "2019-10-09T23:34:32.840000",
"db": "NVD",
"id": "CVE-2018-13806"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-574"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108564"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-574"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens TD Keypad Designer DLL Hijacking vulnerability",
"sources": [
{
"db": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c"
},
{
"db": "CNVD",
"id": "CNVD-2020-02200"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "ba63c8d0-ec8f-4076-8c51-fbfa5407409c"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-574"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…