CVE-2018-13813

Published: Dec 13, 2018Modified: Nov 21, 2024

8.1

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Affected (13)

Products: Siemens: Simatic Hmi Comfort Panels Firmware, Simatic Hmi Comfort Outdoor Panels Firmware, Simatic Hmi Ktp Mobile Panels Ktp400f Firmware, Simatic Hmi Ktp Mobile Panels Ktp700 Firmware, Simatic Hmi Ktp Mobile Panels Ktp700f Firmware, Simatic Hmi Ktp Mobile Panels Ktp900 Firmware, Simatic Hmi Ktp Mobile Panels Ktp900f Firmware, Simatic Wincc (tia Portal), Simatic Wincc Runtime, Simatic Hmi Tp Firmware, Simatic Hmi Mp Firmware, Simatic Hmi Op Firmware

Siemens

12 products

Simatic Hmi Comfort Panels Firmware

Simatic Hmi Comfort Outdoor Panels Firmware

Simatic Hmi Ktp Mobile Panels Ktp400f Firmware

Simatic Hmi Ktp Mobile Panels Ktp700 Firmware

Simatic Hmi Ktp Mobile Panels Ktp700f Firmware

Simatic Hmi Ktp Mobile Panels Ktp900 Firmware

Simatic Hmi Ktp Mobile Panels Ktp900f Firmware

Simatic Wincc (tia Portal)

Simatic Wincc Runtime

Simatic Hmi Tp Firmware

Simatic Hmi Mp Firmware

Simatic Hmi Op Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Comfort Panels Firmware	Up to 15.0

Running on/with	Platform Versions
Siemens Simatic Hmi Comfort Panels	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Comfort Outdoor Panels Firmware	Up to 15.0

Running on/with	Platform Versions
Siemens Simatic Hmi Comfort Outdoor Panels	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Up to 15.0

Running on/with	Platform Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Up to 15.0

Running on/with	Platform Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp700	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Up to 15.0

Running on/with	Platform Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Up to 15.0

Running on/with	Platform Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp900	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Up to 15.0

Running on/with	Platform Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f	All versions

Configuration H

3 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Wincc (tia Portal)	Up to 15.0
Siemens Simatic Wincc Runtime	Up to 15.0
Siemens Simatic Wincc Runtime	Up to 15.0

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Tp Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Hmi Tp	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Mp Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Hmi Mp	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Op Firmware	All versions

Running on/with	Platform Versions
Siemens Simatic Hmi Op	All versions

Related CWEs

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

References (4)

http://www.securityfocus.com/bid/105922

Source: productcert@siemens.com

Third Party AdvisoryVDB Entry

https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf

Source: productcert@siemens.com

Vendor Advisory

http://www.securityfocus.com/bid/105922

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.