CVE-2018-4840

Published: Mar 8, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). The device engineering mechanism allows an unauthenticated remote user to upload a modified device configuration overwriting access authorization passwords.

Affected (9)

Products: Siemens: Siprotec Compact 7sj80 Firmware, Siprotec Compact 7sk80 Firmware, Siprotec 4 7sj66 Firmware, Digsi 4, En100 Ethernet Module Iec 104 Firmware, En100 Ethernet Module Dnp3 Firmware, En100 Ethernet Module Modbus Tcp Firmware, En100 Ethernet Module Profinet Io Firmware, En100 Ethernet Module Iec 61850 Firmware

Siemens

9 products

Siprotec Compact 7sj80 Firmware

Siprotec Compact 7sk80 Firmware

Siprotec 4 7sj66 Firmware

Digsi 4

En100 Ethernet Module Iec 104 Firmware

En100 Ethernet Module Dnp3 Firmware

En100 Ethernet Module Modbus Tcp Firmware

En100 Ethernet Module Profinet Io Firmware

En100 Ethernet Module Iec 61850 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Siprotec Compact 7sj80 Firmware	Before 4.77

Running on/with	Platform Versions
Siemens Siprotec Compact 7sj80	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Siprotec Compact 7sk80 Firmware	Before 4.77

Running on/with	Platform Versions
Siemens Siprotec Compact 7sk80	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Siprotec 4 7sj66 Firmware	Before 4.30

Running on/with	Platform Versions
Siemens Siprotec 4 7sj66	All versions

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Siemens Digsi 4	Before 4.92

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens En100 Ethernet Module Iec 104 Firmware	All versions

Running on/with	Platform Versions
Siemens En100 Ethernet Module Iec 104	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens En100 Ethernet Module Dnp3 Firmware	All versions

Running on/with	Platform Versions
Siemens En100 Ethernet Module Dnp3	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens En100 Ethernet Module Modbus Tcp Firmware	All versions

Running on/with	Platform Versions
Siemens En100 Ethernet Module Modbus Tcp	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens En100 Ethernet Module Profinet Io Firmware	All versions

Running on/with	Platform Versions
Siemens En100 Ethernet Module Profinet Io	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens En100 Ethernet Module Iec 61850 Firmware	Before 4.30

Running on/with	Platform Versions
Siemens En100 Ethernet Module Iec 61850	All versions

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (3)

https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf

Source: productcert@siemens.com

PatchVendor Advisory

https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01

Source: nvd@nist.gov

Third Party AdvisoryUS Government Resource

https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.