#VU16513 Uncaught exception in Siemens products - CVE-2018-11466
Published: December 12, 2018
Vulnerability identifier: #VU16513
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2018-11466
CWE-ID: CWE-248
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
SINUMERIK 808D
SINUMERIK 840D
SINUMERIK 828D
SINUMERIK 808D
SINUMERIK 840D
SINUMERIK 828D
Software vendor:
Siemens
Siemens
Description
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The vulnerability exists due to uncaught exception. A remote unauthenticated attacker can send specially crafted network packets to Port 102/TCP (ISO-TSAP), cause a denial-of-service condition of the integrated software firewall or execute code in the context of the software firewall.
Remediation
Update SINUMERIK 828D to version 4.7 SP6 HF1.
Update SINUMERIK 840D to version 4.7 SP6 HF5 or 4.8 SP3.
Update SINUMERIK 840D to version 4.7 SP6 HF5 or 4.8 SP3.