CVE-2018-4840

Published Mar 8, 2018

Last updated 3 days ago

CVSS high 7.5

Overview

Description: A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). The device engineering mechanism allows an unauthenticated remote user to upload a modified device configuration overwriting access authorization passwords.
Source: productcert@siemens.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

productcert@siemens.com: CWE-306
nvd@nist.gov: CWE-306

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:siprotec_compact_7sj80_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA01070B-B71D-4432-A39F-91F9AF699985",
            "versionEndExcluding": "4.77"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:siprotec_compact_7sj80:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "474DE009-D90F-47D1-912B-765EF1C84AF5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:siprotec_compact_7sk80_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9053816-0F6F-4647-AAD4-E665711823EB",
            "versionEndExcluding": "4.77"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:siprotec_compact_7sk80:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EE4B76D9-5208-4766-8E3F-D8911BDC3A78"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:siprotec_4_7sj66_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D44664B0-13FF-449F-A329-2F267C0A29C0",
            "versionEndExcluding": "4.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:siprotec_4_7sj66:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "53D3E04F-7181-488A-AAEF-E846C3DC9BCB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:digsi_4:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69174713-D30C-41BE-8192-E3A766E68E9F",
            "versionEndExcluding": "4.92"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:en100_ethernet_module_iec_104_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "300FAA93-3BBB-4848-AFA5-97DE57053E5E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:en100_ethernet_module_iec_104:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "75FDB347-4ED5-4A36-A9CA-B2A461A92572"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:en100_ethernet_module_dnp3_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15E8060A-2897-4E2E-9441-5687D923C642"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:en100_ethernet_module_dnp3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6E733162-1D6E-4CF7-9CB2-007C8CA8B6B4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:en100_ethernet_module_modbus_tcp_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71DCD4E3-9BA4-44CE-BFCC-6659258FCE31"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:en100_ethernet_module_modbus_tcp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "48118739-31B9-4600-8856-D7E9870479E7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:en100_ethernet_module_profinet_io_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C2FA062-EBFE-457F-988E-60A9317212A4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:en100_ethernet_module_profinet_io:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "11199473-60BF-42AB-B6F0-BEF9663C67B7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:en100_ethernet_module_iec_61850_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42ABCFB1-0D86-47DB-8257-370B70E1C969",
            "versionEndExcluding": "4.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:en100_ethernet_module_iec_61850:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3C5EC8F7-6CD2-461B-9D06-2D9F4D083A98"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References