CVE-2018-4833

A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.6), SCALANCE X-300 switch family (incl. SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X408 (All versions < V4.1.3), SCALANCE X414 (All versions), SIMATIC RF182C (All versions). Unprivileged remote attackers located in the same local network segment (OSI Layer 2) could gain remote code execution on the affected products by sending a specially crafted DHCP response to a client's DHCP request.

CVSS v3 8.8 HIGH
CVSS v2.0 5.8 MEDIUM

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 2.8 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

5.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 6.5 / Impact : 6.4

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf	Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:siemens:rfid_181-eip_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:rfid_181-eip:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

OR	cpe:2.3:o:siemens:ruggedcom_wimax_firmware:4.4:::::::*
	cpe:2.3:o:siemens:ruggedcom_wimax_firmware:4.5:::::::*

cpe:2.3:h:siemens:ruggedcom_wimax:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:scalance_x200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:siemens:scalance_x200irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x200irt:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:scalance_x204rna_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204rna:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:siemens:scalance_x300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:scalance_x408_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:siemens:scalance_x414_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:siemens:simatic_rf182c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:07

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf - Vendor Advisory~~	() https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf - Vendor Advisory

Information

Published : 2018-06-14 16:29

Updated : 2024-11-21 04:07

NVD link : CVE-2018-4833

Mitre link : CVE-2018-4833

CVE.ORG link : CVE-2018-4833

JSON object : View

Products Affected

siemens

simatic_rf182c_firmware
simatic_rf182c
scalance_x414_firmware
rfid_181-eip
rfid_181-eip_firmware
scalance_x204rna_firmware
scalance_x300
scalance_x408
scalance_x204rna
scalance_x200irt
scalance_x200irt_firmware
ruggedcom_wimax
scalance_x300_firmware
scalance_x408_firmware
ruggedcom_wimax_firmware
scalance_x200
scalance_x200_firmware
scalance_x414

CWE

CWE-122

Heap-based Buffer Overflow

CWE-20

Improper Input Validation

8.8 /10