cnvd - cnvd-2018-05196

cnvd-2018-05196

Vulnerability from cnvd

Title: 多款Siemens产品存在未明漏洞

Description:

Siemens DIGSI等都是德国西门子（Siemens）公司的产品。Siemens DIGSI是一款微机保护装置的配置操作软件。EN100 Ethernet module IEC 61850 variant是一款以太网模块产品。

多款Siemens产品中存在安全漏洞。攻击者可利用该漏洞重新构建访问授权密码。

Severity: 低

Patch Name: 多款Siemens产品存在未明漏洞的补丁

Patch Description:

多款Siemens产品中存在安全漏洞。攻击者可利用该漏洞重新构建访问授权密码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf

Reference: https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01

Impacted products

Name
['Siemens DIGSI <4 4.92', 'Siemens EN100 Ethernet module IEC 61850 variant <4.30', 'Siemens EN100 Ethernet module PROFINET IO variant', 'Siemens EN100 Ethernet module Modbus TCP variant', 'Siemens EN100 Ethernet module DNP3 variant', 'Siemens EN100 Ethernet module IEC 104 variant', 'Siemens SIPROTEC Compact 7SK80 <4.77', 'Siemens SIPROTEC Compact 7SJ66 <4.30', 'Siemens SIPROTEC Compact 7SJ80 <4.77']

Name

['Siemens DIGSI <4 4.92', 'Siemens EN100 Ethernet module IEC 61850 variant <4.30', 'Siemens EN100 Ethernet module PROFINET IO variant', 'Siemens EN100 Ethernet module Modbus TCP variant', 'Siemens EN100 Ethernet module DNP3 variant', 'Siemens EN100 Ethernet module IEC 104 variant', 'Siemens SIPROTEC Compact 7SK80 <4.77', 'Siemens SIPROTEC Compact 7SJ66 <4.30', 'Siemens SIPROTEC Compact 7SJ80 <4.77']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-4839"
    }
  },
  "description": "Siemens DIGSI\u7b49\u90fd\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Siemens DIGSI\u662f\u4e00\u6b3e\u5fae\u673a\u4fdd\u62a4\u88c5\u7f6e\u7684\u914d\u7f6e\u64cd\u4f5c\u8f6f\u4ef6\u3002EN100 Ethernet module IEC 61850 variant\u662f\u4e00\u6b3e\u4ee5\u592a\u7f51\u6a21\u5757\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eSiemens\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u91cd\u65b0\u6784\u5efa\u8bbf\u95ee\u6388\u6743\u5bc6\u7801\u3002",
  "discovererName": "Ilya Karpov\u548cDmitry Sklyarov",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a \r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-05196",
  "openTime": "2018-03-13",
  "patchDescription": "Siemens DIGSI\u7b49\u90fd\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Siemens DIGSI\u662f\u4e00\u6b3e\u5fae\u673a\u4fdd\u62a4\u88c5\u7f6e\u7684\u914d\u7f6e\u64cd\u4f5c\u8f6f\u4ef6\u3002EN100 Ethernet module IEC 61850 variant\u662f\u4e00\u6b3e\u4ee5\u592a\u7f51\u6a21\u5757\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eSiemens\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u91cd\u65b0\u6784\u5efa\u8bbf\u95ee\u6388\u6743\u5bc6\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eSiemens\u4ea7\u54c1\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens DIGSI \u003c4 4.92",
      "Siemens EN100 Ethernet module IEC 61850 variant \u003c4.30",
      "Siemens EN100 Ethernet module PROFINET IO variant",
      "Siemens EN100 Ethernet module Modbus TCP variant",
      "Siemens EN100 Ethernet module DNP3 variant",
      "Siemens EN100 Ethernet module IEC 104 variant",
      "Siemens SIPROTEC Compact 7SK80 \u003c4.77",
      "Siemens SIPROTEC Compact 7SJ66 \u003c4.30",
      "Siemens SIPROTEC Compact 7SJ80 \u003c4.77"
    ]
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01",
  "serverity": "\u4f4e",
  "submitTime": "2018-03-09",
  "title": "\u591a\u6b3eSiemens\u4ea7\u54c1\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}

CVE-2018-4839 (GCVE-0-2018-4839)

Vulnerability from cvelistv5

Published

2018-03-08 17:00

Modified

2024-08-05 05:18

Severity ?

CWE

CWE-326 - Inadequate Encryption Strength

Summary

A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions < V4.70), SIPROTEC 4 7SJ61 (All versions < V4.96), SIPROTEC 4 7SJ62 (All versions < V4.96), SIPROTEC 4 7SJ64 (All versions < V4.96), SIPROTEC 4 7SJ66 (All versions < V4.30), SIPROTEC Compact 7SJ80 (All versions < V4.77), SIPROTEC Compact 7SK80 (All versions < V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Siemens

DIGSI 4

Version: All versions < V4.92

Siemens	EN100 Ethernet module DNP3 variant	Version: All versions < V1.05.00
Siemens	EN100 Ethernet module IEC 104 variant	Version: All versions
Siemens	EN100 Ethernet module IEC 61850 variant	Version: All versions < V4.30
Siemens	EN100 Ethernet module Modbus TCP variant	Version: All versions
Siemens	EN100 Ethernet module PROFINET IO variant	Version: All versions
Siemens	Other SIPROTEC 4 relays	Version: All versions
Siemens	Other SIPROTEC Compact relays	Version: All versions
Siemens	SIPROTEC 4 7SD80	Version: All versions < V4.70
Siemens	SIPROTEC 4 7SJ61	Version: All versions < V4.96
Siemens	SIPROTEC 4 7SJ62	Version: All versions < V4.96
Siemens	SIPROTEC 4 7SJ64	Version: All versions < V4.96
Siemens	SIPROTEC 4 7SJ66	Version: All versions < V4.30
Siemens	SIPROTEC Compact 7SJ80	Version: All versions < V4.77
Siemens	SIPROTEC Compact 7SK80	Version: All versions < V4.77

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:18:26.659Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DIGSI 4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.92"
            }
          ]
        },
        {
          "product": "EN100 Ethernet module DNP3 variant",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.05.00"
            }
          ]
        },
        {
          "product": "EN100 Ethernet module IEC 104 variant",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "EN100 Ethernet module IEC 61850 variant",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.30"
            }
          ]
        },
        {
          "product": "EN100 Ethernet module Modbus TCP variant",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "EN100 Ethernet module PROFINET IO variant",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "Other SIPROTEC 4 relays",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "Other SIPROTEC Compact relays",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIPROTEC 4 7SD80",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.70"
            }
          ]
        },
        {
          "product": "SIPROTEC 4 7SJ61",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.96"
            }
          ]
        },
        {
          "product": "SIPROTEC 4 7SJ62",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.96"
            }
          ]
        },
        {
          "product": "SIPROTEC 4 7SJ64",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.96"
            }
          ]
        },
        {
          "product": "SIPROTEC 4 7SJ66",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.30"
            }
          ]
        },
        {
          "product": "SIPROTEC Compact 7SJ80",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.77"
            }
          ]
        },
        {
          "product": "SIPROTEC Compact 7SK80",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.77"
            }
          ]
        }
      ],
      "datePublic": "2018-03-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in DIGSI 4 (All versions \u003c V4.92), EN100 Ethernet module DNP3 variant (All versions \u003c V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions \u003c V4.70), SIPROTEC 4 7SJ61 (All versions \u003c V4.96), SIPROTEC 4 7SJ62 (All versions \u003c V4.96), SIPROTEC 4 7SJ64 (All versions \u003c V4.96), SIPROTEC 4 7SJ66 (All versions \u003c V4.30), SIPROTEC Compact 7SJ80 (All versions \u003c V4.77), SIPROTEC Compact 7SK80 (All versions \u003c V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-326",
              "description": "CWE-326: Inadequate Encryption Strength",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-13T11:02:46",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2018-4839",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DIGSI 4",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.92"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "EN100 Ethernet module DNP3 variant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V1.05.00"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "EN100 Ethernet module IEC 104 variant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "EN100 Ethernet module IEC 61850 variant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.30"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "EN100 Ethernet module Modbus TCP variant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "EN100 Ethernet module PROFINET IO variant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Other SIPROTEC 4 relays",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Other SIPROTEC Compact relays",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIPROTEC 4 7SD80",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.70"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIPROTEC 4 7SJ61",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.96"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIPROTEC 4 7SJ62",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.96"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIPROTEC 4 7SJ64",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.96"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIPROTEC 4 7SJ66",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.30"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIPROTEC Compact 7SJ80",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.77"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIPROTEC Compact 7SK80",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.77"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in DIGSI 4 (All versions \u003c V4.92), EN100 Ethernet module DNP3 variant (All versions \u003c V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions \u003c V4.70), SIPROTEC 4 7SJ61 (All versions \u003c V4.96), SIPROTEC 4 7SJ62 (All versions \u003c V4.96), SIPROTEC 4 7SJ64 (All versions \u003c V4.96), SIPROTEC 4 7SJ66 (All versions \u003c V4.30), SIPROTEC Compact 7SJ80 (All versions \u003c V4.77), SIPROTEC Compact 7SK80 (All versions \u003c V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-326: Inadequate Encryption Strength"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-4839",
    "datePublished": "2018-03-08T17:00:00",
    "dateReserved": "2018-01-02T00:00:00",
    "dateUpdated": "2024-08-05T05:18:26.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted