Main Vulnerability Database Vulnerabilities #VU16513

#VU16513 Uncaught exception in Siemens products - CVE-2018-11466

Published: December 12, 2018

Vulnerability identifier: #VU16513

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2018-11466

CWE-ID: CWE-248

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
SINUMERIK 808D
SINUMERIK 840D
SINUMERIK 828D

Software vendor:
Siemens

Description

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The vulnerability exists due to uncaught exception. A remote unauthenticated attacker can send specially crafted network packets to Port 102/TCP (ISO-TSAP), cause a denial-of-service condition of the integrated software firewall or execute code in the context of the software firewall.

Remediation

Update SINUMERIK 828D to version 4.7 SP6 HF1.
Update SINUMERIK 840D to version 4.7 SP6 HF5 or 4.8 SP3.

External links

https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf