Uncaught exception in Siemens products - CVE-2018-11466
Published: December 12, 2018
Vulnerability identifier: #VU16513
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2018-11466
CWE-ID: CWE-248
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Siemens
Affected software:
SINUMERIK 808D
SINUMERIK 840D
SINUMERIK 828D
SINUMERIK 808D
SINUMERIK 840D
SINUMERIK 828D
Detailed vulnerability description
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The vulnerability exists due to uncaught exception. A remote unauthenticated attacker can send specially crafted network packets to Port 102/TCP (ISO-TSAP), cause a denial-of-service condition of the integrated software firewall or execute code in the context of the software firewall.
How to mitigate CVE-2018-11466
Update SINUMERIK 828D to version 4.7 SP6 HF1.
Update SINUMERIK 840D to version 4.7 SP6 HF5 or 4.8 SP3.
Update SINUMERIK 840D to version 4.7 SP6 HF5 or 4.8 SP3.