Sign-up

ID

VAR-201809-1104


CVE

CVE-2018-3616


TITLE

Intel Active Management Technology Cryptographic vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-010878

DESCRIPTION

Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. Intel Active Management Technology Contains a cryptographic vulnerability.Information may be obtained. Multiple Siemens Products are prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. A denial-of-service vulnerability 3. A side channel attack information disclosure vulnerability Attackers can exploit these issues to execute arbitrary code within the context of an affected device or obtain sensitive information or cause a denial-of-service condition. The following Siemens products are affected: SIMATIC FieldPG M5 All versions prior to 22.01.06, SIMATIC IPC427E All versions prior to 21.01.09, SIMATIC IPC477E All versions prior to 21.01.09, SIMATIC IPC547E All versions prior to R1.30.0, SIMATIC IPC547G All versions prior to R1.23.0, SIMATIC IPC627D All versions prior to 19.02.11, SIMATIC IPC647D All versions prior to 19.01.14, SIMATIC IPC677D All versions prior to 19.02.11, SIMATIC IPC827D All versions prior to 19.02.11, SIMATIC IPC847D All versions prior to 19.01.14, and SIMATIC ITP1000 All versions prior to 23.01.04. A security vulnerability exists in the TLS implementation in versions prior to Intel AMT 12.0.5

Trust: 1.98

sources: NVD: CVE-2018-3616 // JVNDB: JVNDB-2018-010878 // BID: 106996 // VULHUB: VHN-133647

AFFECTED PRODUCTS

vendor:intelmodel:active management technologyscope:ltversion:12.0.5

Trust: 1.8

vendor:siemensmodel:simatic field pg m5scope:ltversion:22.01.06

Trust: 1.0

vendor:siemensmodel:simatic itp1000scope:ltversion:23.01.04

Trust: 1.0

vendor:intelmodel:manageability enginescope:gteversion:9.0.0.0

Trust: 1.0

vendor:siemensmodel:simatic pc547gscope:ltversion:r1.23.0

Trust: 1.0

vendor:intelmodel:converged security management enginescope:gteversion:11.0.0

Trust: 1.0

vendor:siemensmodel:simatic ipc627dscope:ltversion:19.02.11

Trust: 1.0

vendor:siemensmodel:simatic ipc827dscope:ltversion:19.02.11

Trust: 1.0

vendor:intelmodel:manageability enginescope:ltversion:11.0

Trust: 1.0

vendor:intelmodel:converged security management enginescope:ltversion:12.0.5

Trust: 1.0

vendor:siemensmodel:simatic ipc427escope:ltversion:21.01.09

Trust: 1.0

vendor:siemensmodel:simatic ipc677dscope:ltversion:19.02.11

Trust: 1.0

vendor:siemensmodel:simatic ipc477escope:ltversion:21.01.09

Trust: 1.0

vendor:siemensmodel:simatic ipc547escope:ltversion:r1.30.0

Trust: 1.0

vendor:siemensmodel:simatic ipc847dscope:ltversion:19.01.14

Trust: 1.0

vendor:siemensmodel:simatic ipc647dscope:ltversion:19.01.14

Trust: 1.0

vendor:intelmodel:active management technologyscope:eqversion:11.2

Trust: 0.6

vendor:siemensmodel:simatic itp1000scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic ipc847dscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic ipc827dscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic ipc677dscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic ipc647dscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic ipc627dscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic ipc547gscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic ipc547escope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic ipc477escope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic ipc427escope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic fieldpg m5scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic ipc847dscope:neversion:v19.01.14

Trust: 0.3

vendor:siemensmodel:simatic ipc827dscope:neversion:v19.02.11

Trust: 0.3

vendor:siemensmodel:simatic ipc677dscope:neversion:v19.01.11

Trust: 0.3

vendor:siemensmodel:simatic ipc647dscope:neversion:v19.01.14

Trust: 0.3

vendor:siemensmodel:simatic ipc627dscope:neversion:v19.02.11

Trust: 0.3

vendor:siemensmodel:simatic ipc547g r1.23.0scope:neversion: -

Trust: 0.3

vendor:siemensmodel:simatic ipc547e r1.30.0scope:neversion: -

Trust: 0.3

vendor:siemensmodel:simatic ipc477escope:neversion:v21.01.09

Trust: 0.3

vendor:siemensmodel:simatic ipc427escope:neversion:v21.01.09

Trust: 0.3

vendor:siemensmodel:simatic fieldpg m5scope:neversion:v22.01.06

Trust: 0.3

sources: BID: 106996 // JVNDB: JVNDB-2018-010878 // CNNVD: CNNVD-201809-608 // NVD: CVE-2018-3616

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-3616
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-3616
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201809-608
value: MEDIUM

Trust: 0.6

VULHUB: VHN-133647
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-3616
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-133647
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-3616
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2018-3616
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-133647 // JVNDB: JVNDB-2018-010878 // CNNVD: CNNVD-201809-608 // NVD: CVE-2018-3616

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-310

Trust: 0.9

sources: VULHUB: VHN-133647 // JVNDB: JVNDB-2018-010878 // NVD: CVE-2018-3616

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201809-608

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201809-608

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-010878

PATCH
title:INTEL-SA-00141url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html
Trust: 0.8
title:Intel Active Management Technology Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84867
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-010878 // 
            
            
            
            CNNVD: CNNVD-201809-608

EXTERNAL IDS
db:NVDid:CVE-2018-3616
Trust: 2.8
db:ICS CERTid:ICSA-19-043-05
Trust: 2.8
db:BIDid:106996
Trust: 2.0
db:SIEMENSid:SSA-377318
Trust: 1.7
db:JVNDBid:JVNDB-2018-010878
Trust: 0.8
db:CNNVDid:CNNVD-201809-608
Trust: 0.7
db:AUSCERTid:ESB-2019.0444
Trust: 0.6
db:VULHUBid:VHN-133647
Trust: 0.1
sources:
            
            
            VULHUB: VHN-133647 // 
            
            
            
            BID: 106996 // 
            
            
            
            JVNDB: JVNDB-2018-010878 // 
            
            
            
            CNNVD: CNNVD-201809-608 // 
            
            
            
            NVD: CVE-2018-3616

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-19-043-05
Trust: 3.4
url:http://www.securityfocus.com/bid/106996
Trust: 2.9
url:https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf
Trust: 1.7
url:https://security.netapp.com/advisory/ntap-20180924-0003/
Trust: 1.7
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html
Trust: 1.7
url:https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbhf03876en_us
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3616
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-3616
Trust: 0.8
url:https://www.auscert.org.au/bulletins/75474
Trust: 0.6
url:http://subscriber.communications.siemens.com/
Trust: 0.3
url:https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbhf03876en_us
Trust: 0.1
sources:
            
            
            VULHUB: VHN-133647 // 
            
            
            
            BID: 106996 // 
            
            
            
            JVNDB: JVNDB-2018-010878 // 
            
            
            
            CNNVD: CNNVD-201809-608 // 
            
            
            
            NVD: CVE-2018-3616

CREDITS
The vendor reported this issue.,Siemens reported these vulnerabilities to NCCIC.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201809-608

SOURCES
db:VULHUBid:VHN-133647
db:BIDid:106996
db:JVNDBid:JVNDB-2018-010878
db:CNNVDid:CNNVD-201809-608
db:NVDid:CVE-2018-3616

LAST UPDATE DATE
2024-08-14T14:04:48.085000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-133647date:2019-10-03T00:00:00
db:BIDid:106996date:2019-02-12T00:00:00
db:JVNDBid:JVNDB-2018-010878date:2019-02-13T00:00:00
db:CNNVDid:CNNVD-201809-608date:2019-10-23T00:00:00
db:NVDid:CVE-2018-3616date:2023-08-17T17:43:53.193

SOURCES RELEASE DATE
db:VULHUBid:VHN-133647date:2018-09-12T00:00:00
db:BIDid:106996date:2019-02-12T00:00:00
db:JVNDBid:JVNDB-2018-010878date:2018-12-27T00:00:00
db:CNNVDid:CNNVD-201809-608date:2018-09-13T00:00:00
db:NVDid:CVE-2018-3616date:2018-09-12T19:29:02.403