Security restrictions bypass in Siemens products - CVE-2018-4839
Published: March 9, 2018
Vulnerability identifier: #VU10886
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-4839
CWE-ID: CWE-326
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Siemens
Affected software:
Siprotec Compact
SIPROTEC 4
SIPROTEC Compact 7SK80
SIPROTEC Compact 7SJ80
SIPROTEC 4 7SJ66
EN100 Ethernet module IEC 104 variant
EN100 Ethernet module DNP3 TCP variant
EN100 Ethernet module Modbus TCP variant
EN100 Ethernet module PROFINET IO variant
EN100 Ethernet module IEC 61850 variant
DIGSI 4
Siprotec Compact
SIPROTEC 4
SIPROTEC Compact 7SK80
SIPROTEC Compact 7SJ80
SIPROTEC 4 7SJ66
EN100 Ethernet module IEC 104 variant
EN100 Ethernet module DNP3 TCP variant
EN100 Ethernet module Modbus TCP variant
EN100 Ethernet module PROFINET IO variant
EN100 Ethernet module IEC 61850 variant
DIGSI 4
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to inadequate encryption strength. A remote attacker with local access to the engineering system or in a privileged network position can capture certain network traffic, and possibly reconstruct access authorization passwords.
The weakness exists due to inadequate encryption strength. A remote attacker with local access to the engineering system or in a privileged network position can capture certain network traffic, and possibly reconstruct access authorization passwords.
How to mitigate CVE-2018-4839
Install update from vendor's website.