Siemens SINUMERIK Controllers Multiple Security Vulnerabilities
BID:106185
CVE-2018-11457 | CVE-2018-11458 | CVE-2018-11459 | CVE-2018-11460 | CVE-2018-11461 | CVE-2018-11462 | CVE-2018-11463 | CVE-2018-11464 | CVE-2018-11465 | CVE-2018-11466 |Info
Siemens SINUMERIK Controllers Multiple Security Vulnerabilities
| Bugtraq ID: | 106185 |
| Class: | Unknown |
| CVE: |
CVE-2018-11457 CVE-2018-11458 CVE-2018-11459 CVE-2018-11460 CVE-2018-11461 CVE-2018-11462 CVE-2018-11463 CVE-2018-11464 CVE-2018-11465 CVE-2018-11466 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Dec 11 2018 12:00AM |
| Updated: | Dec 11 2018 12:00AM |
| Credit: | Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab. |
| Vulnerable: |
Siemens SINUMERIK 840D sl 4.8 Siemens SINUMERIK 840D sl 4.7 Siemens SINUMERIK 828D 4.7 Siemens SINUMERIK 808D 4.8 Siemens SINUMERIK 808D 4.7 |
| Not Vulnerable: |
Siemens SINUMERIK 840D sl 4.8 SP3 Siemens SINUMERIK 840D sl 4.7 SP6 HF5 Siemens SINUMERIK 828D 4.7 SP6 HF1 |
Discussion
Siemens SINUMERIK Controllers Multiple Security Vulnerabilities
Siemens SINUMERIK Controllers is prone to the following security vulnerabilities:
1. A heap based buffer-overflow vulnerability.
2. An integer overflow vulnerability.
3. A security bypass vulnerability.
4. An arbitrary code execution vulnerability.
5. Multiple privilege escalation vulnerabilities.
6. A stack based buffer-overflow vulnerability.
7. A buffer-overflow vulnerability.
8. Multiple denial-of-service vulnerabilities
Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition.
The following products are vulnerable:
SINUMERIK 808D v4.7 all versions
SINUMERIK 808D v4.8 all versions
SINUMERIK 828D v4.7 versions prior to v4.7 SP6 HF1
SINUMERIK 840D sl v4.7 versions prior to v4.7 SP6 HF5, and
SINUMERIK 840D sl v4.8 versions prior to v4.8 SP3
Siemens SINUMERIK Controllers is prone to the following security vulnerabilities:
1. A heap based buffer-overflow vulnerability.
2. An integer overflow vulnerability.
3. A security bypass vulnerability.
4. An arbitrary code execution vulnerability.
5. Multiple privilege escalation vulnerabilities.
6. A stack based buffer-overflow vulnerability.
7. A buffer-overflow vulnerability.
8. Multiple denial-of-service vulnerabilities
Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition.
The following products are vulnerable:
SINUMERIK 808D v4.7 all versions
SINUMERIK 808D v4.8 all versions
SINUMERIK 828D v4.7 versions prior to v4.7 SP6 HF1
SINUMERIK 840D sl v4.7 versions prior to v4.7 SP6 HF5, and
SINUMERIK 840D sl v4.8 versions prior to v4.8 SP3
Exploit / POC
Siemens SINUMERIK Controllers Multiple Security Vulnerabilities
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Siemens SINUMERIK Controllers Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Siemens SINUMERIK Controllers Multiple Security Vulnerabilities
References:
References:
- Siemens Homepage (Siemens)
- Siemens SINUMERIK Controllers Software (Siemens)
- Siemens SINUMERIK Controllers (ICS-CERT)
- SSA-170881: Vulnerabilities in SINUMERIK Controllers (Siemens)