ID

VAR-201801-1629


CVE

CVE-2018-4836


TITLE

TeleControl Server Basic Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2018-001582

DESCRIPTION

A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations. TeleControl Server Basic Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens TeleControl Server Basic is a remote control system for Siemens equipment from Siemens AG. An attacker can leverage these issues to obtain sensitive information, bypass security restrictions and gain elevated privileges. Failed exploit attempts may result in a denial of service condition

Trust: 2.88

sources: NVD: CVE-2018-4836 // JVNDB: JVNDB-2018-001582 // CNVD: CNVD-2018-02347 // BID: 102904 // BID: 102897 // IVD: e2e32a80-39ab-11e9-ae20-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2e32a80-39ab-11e9-ae20-000c29342cb1 // CNVD: CNVD-2018-02347

AFFECTED PRODUCTS

vendor:siemensmodel:telecontrol server basicscope:ltversion:3.1

Trust: 1.8

vendor:siemensmodel:telecontrol server basicsscope:ltversion:v3.1

Trust: 0.6

vendor:siemensmodel:telecontrol server basic sp2scope:eqversion:3.0

Trust: 0.6

vendor:siemensmodel:telecontrol server basicscope:eqversion:3.0

Trust: 0.6

vendor:siemensmodel:telecontrol server basicscope:neversion:3.1

Trust: 0.6

vendor:telecontrol server basicmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: e2e32a80-39ab-11e9-ae20-000c29342cb1 // CNVD: CNVD-2018-02347 // BID: 102904 // BID: 102897 // JVNDB: JVNDB-2018-001582 // NVD: CVE-2018-4836

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-4836
value: HIGH

Trust: 1.0

NVD: CVE-2018-4836
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-02347
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201801-985
value: HIGH

Trust: 0.6

IVD: e2e32a80-39ab-11e9-ae20-000c29342cb1
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2018-4836
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-02347
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2e32a80-39ab-11e9-ae20-000c29342cb1
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2018-4836
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: e2e32a80-39ab-11e9-ae20-000c29342cb1 // CNVD: CNVD-2018-02347 // JVNDB: JVNDB-2018-001582 // CNNVD: CNNVD-201801-985 // NVD: CVE-2018-4836

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-287

Trust: 1.0

problemtype:CWE-264

Trust: 0.8

sources: JVNDB: JVNDB-2018-001582 // NVD: CVE-2018-4836

THREAT TYPE

network

Trust: 0.6

sources: BID: 102904 // BID: 102897

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201801-985

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-001582

PATCH

title:SSA-651454url:https://cert-portal.siemens.com/productcert/pdf/ssa-651454.pdf

Trust: 0.8

title:Patch for Siemens TeleControl Server Basic Privilege Escalation Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/115111

Trust: 0.6

title:Siemens TeleControl Server Basic Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78098

Trust: 0.6

sources: CNVD: CNVD-2018-02347 // JVNDB: JVNDB-2018-001582 // CNNVD: CNNVD-201801-985

EXTERNAL IDS

db:NVDid:CVE-2018-4836

Trust: 3.8

db:BIDid:102904

Trust: 1.9

db:SIEMENSid:SSA-651454

Trust: 1.9

db:BIDid:102897

Trust: 1.9

db:ICS CERTid:ICSA-18-030-02

Trust: 1.7

db:CNVDid:CNVD-2018-02347

Trust: 0.8

db:CNNVDid:CNNVD-201801-985

Trust: 0.8

db:JVNDBid:JVNDB-2018-001582

Trust: 0.8

db:IVDid:E2E32A80-39AB-11E9-AE20-000C29342CB1

Trust: 0.2

sources: IVD: e2e32a80-39ab-11e9-ae20-000c29342cb1 // CNVD: CNVD-2018-02347 // BID: 102904 // BID: 102897 // JVNDB: JVNDB-2018-001582 // CNNVD: CNNVD-201801-985 // NVD: CVE-2018-4836

REFERENCES

url:https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf

Trust: 1.9

url:https://ics-cert.us-cert.gov/advisories/icsa-18-030-02

Trust: 1.7

url:http://www.securityfocus.com/bid/102897

Trust: 1.6

url:http://www.securityfocus.com/bid/102904

Trust: 1.6

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4836

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4836

Trust: 0.8

url:https://support.industry.siemens.com/cs/ww/en/view/109755199

Trust: 0.6

url:http://www.siemens.com/

Trust: 0.6

sources: CNVD: CNVD-2018-02347 // BID: 102904 // BID: 102897 // JVNDB: JVNDB-2018-001582 // CNNVD: CNNVD-201801-985 // NVD: CVE-2018-4836

CREDITS

The vendor reported this issue.

Trust: 0.6

sources: BID: 102904 // BID: 102897

SOURCES

db:IVDid:e2e32a80-39ab-11e9-ae20-000c29342cb1
db:CNVDid:CNVD-2018-02347
db:BIDid:102904
db:BIDid:102897
db:JVNDBid:JVNDB-2018-001582
db:CNNVDid:CNNVD-201801-985
db:NVDid:CVE-2018-4836

LAST UPDATE DATE

2024-08-14T13:29:09.745000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-02347date:2018-01-31T00:00:00
db:BIDid:102904date:2018-01-30T00:00:00
db:BIDid:102897date:2018-01-25T00:00:00
db:JVNDBid:JVNDB-2018-001582date:2018-04-03T00:00:00
db:CNNVDid:CNNVD-201801-985date:2019-10-17T00:00:00
db:NVDid:CVE-2018-4836date:2019-10-09T23:41:00.453

SOURCES RELEASE DATE

db:IVDid:e2e32a80-39ab-11e9-ae20-000c29342cb1date:2018-01-31T00:00:00
db:CNVDid:CNVD-2018-02347date:2018-01-31T00:00:00
db:BIDid:102904date:2018-01-30T00:00:00
db:BIDid:102897date:2018-01-25T00:00:00
db:JVNDBid:JVNDB-2018-001582date:2018-02-26T00:00:00
db:CNNVDid:CNNVD-201801-985date:2018-01-26T00:00:00
db:NVDid:CVE-2018-4836date:2018-01-25T14:29:00.380