Improper access control in SIMATIC WinCC OA UI for Android and SIMATIC WinCC OA UI for IOS - CVE-2018-4844
Published: March 26, 2018 / Updated: March 26, 2018
Vulnerability identifier: #VU11259
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-4844
CWE-ID: CWE-284
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Siemens
Affected software:
SIMATIC WinCC OA UI for Android
SIMATIC WinCC OA UI for IOS
SIMATIC WinCC OA UI for Android
SIMATIC WinCC OA UI for IOS
Detailed vulnerability description
The vulnerability allows an adjacent attacker to bypass security restrictions on the target system.
The weakness exists due to insufficient limitation of CONTROL script capabilities. An adjacent attacker can trick the victim into connecting to a malicious WinCC OA server and read and write data from and to the app’s project cache folder.
The weakness exists due to insufficient limitation of CONTROL script capabilities. An adjacent attacker can trick the victim into connecting to a malicious WinCC OA server and read and write data from and to the app’s project cache folder.
How to mitigate CVE-2018-4844
Update to version 3.15.10.