8.8 - CVE-2018-4833

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	CVE-2018-4833	First vendor Publication	2018-06-14
Vendor	Cve	Last vendor Modification	2020-12-14

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score	8.8
Base Score	8.8	Environmental Score	8.8
impact SubScore	5.9	Temporal Score	8.8
Exploitabality Sub Score	2.8

Attack Vector	Adjacent	Attack Complexity	Low
Privileges Required	None	User Interaction	None
Scope	Unchanged	Confidentiality Impact	High
Integrity Impact	High	Availability Impact	High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	5.8	Attack Range	Adjacent network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	6.5	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.6), SCALANCE X-300 switch family (incl. SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X408 (All versions < V4.1.3), SCALANCE X414 (All versions), SIMATIC RF182C (All versions). Unprivileged remote attackers located in the same local network segment (OSI Layer 2) could gain remote code execution on the affected products by sending a specially crafted DHCP response to a client's DHCP request.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4833

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-122	Heap-based Buffer Overflow (CWE/SANS Top 25)

CPE : Common Platform Enumeration

Type	Description	Count
Os	Siemens Rfid 181-Eip Firmware cpe:2.3:o:siemens:rfid_181-eip_firmware:-:::::::*	1
Os	Siemens Ruggedcom Wimax Firmware cpe:2.3:o:siemens:ruggedcom_wimax_firmware:4.5:::::::* cpe:2.3:o:siemens:ruggedcom_wimax_firmware:4.4:::::::*	2
Os	Siemens Scalance X200 Firmware cpe:2.3:o:siemens:scalance_x200_firmware:::::::: cpe:2.3:o:siemens:scalance_x200_firmware:-:::::::*	2
Os	Siemens Scalance X200Irt Firmware cpe:2.3:o:siemens:scalance_x200irt_firmware:5.1.0:::::::* cpe:2.3:o:siemens:scalance_x200irt_firmware:5.0.0:::::::* cpe:2.3:o:siemens:scalance_x200irt_firmware::::::::	3
Os	Siemens Scalance X204Rna Firmware cpe:2.3:o:siemens:scalance_x204rna_firmware:-:::::::*	1
Os	Siemens Scalance X300 Firmware cpe:2.3:o:siemens:scalance_x300_firmware:-:::::::*	1
Os	Siemens Scalance X408 Firmware cpe:2.3:o:siemens:scalance_x408_firmware:-:::::::*	1
Os	Siemens Scalance X414 Firmware cpe:2.3:o:siemens:scalance_x414_firmware:-:::::::*	1
Os	Siemens Simatic Rf182C Firmware cpe:2.3:o:siemens:simatic_rf182c_firmware:-:::::::*	1

Sources (Detail)

Source	Url
MISC	https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-03-26 12:26:40	Multiple Updates
2020-12-15 05:22:43	Multiple Updates
2020-05-23 02:16:27	Multiple Updates
2020-05-23 01:14:18	Multiple Updates
2019-10-10 09:20:40	Multiple Updates
2019-10-10 05:20:41	Multiple Updates
2019-06-12 21:19:20	Multiple Updates
2018-08-14 00:19:36	Multiple Updates
2018-07-04 12:02:57	Multiple Updates
2018-06-20 09:19:27	Multiple Updates
2018-06-14 21:19:36	First insertion

Type	Count
CWE ID(s)	1
CPE ID(s)	13
Sources(s)	1

8.8 - CVE-2018-4833

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Sources (Detail)

Alert History

Global Informations

Open Standards

COMPANY

STANDARDS

RECENT POSTS

MENU