Main Vulnerability Database SB2018032603

SB2018032603 - Security restrictions bypass in SIMATIC WinCC OA UI

Published: March 26, 2018

Security Bulletin ID SB2018032603

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper access control (CVE-ID: CVE-2018-4844)

The vulnerability allows an adjacent attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient limitation of CONTROL script capabilities. An adjacent attacker can trick the victim into connecting to a malicious WinCC OA server and read and write data from and to the app’s project cache folder.

Remediation

Install update from vendor's website.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-822928.pdf