ID

VAR-201810-0793


CVE

CVE-2018-13805


TITLE

plural Siemens SIMATIC Product depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013472

DESCRIPTION

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (All versions >= V2.0 and < V2.1.6), SIMATIC S7-1500 Software Controller (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 incl. F (All versions >= V2.0 and < V2.5). An attacker can cause a denial-of-service condition on the network stack by sending a large number of specially crafted packets to the PLC. The PLC will lose its ability to communicate over the network. This vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no privileges and no user interaction. An attacker could use this vulnerability to compromise availability of the network connectivity. At the time of advisory publication no public exploitation of this vulnerability was known. F Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The SIEMENS SIMATIC S7-1500 CPU family is designed for discrete and continuous control in industrial environments such as manufacturing, the global food and beverage and chemical industries. SIEMENS SIMATIC ET 200SP Open is a version of the PC-based SIMATIC S7-1500 controller, including optional visualization and central I/O in compact devices. Multiple Siemens SIMATIC Products are prone to a denial-of-service vulnerability. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. The following products and versions are vulnerable: Simatic S7-1500 (incl

Trust: 2.61

sources: NVD: CVE-2018-13805 // JVNDB: JVNDB-2018-013472 // CNVD: CNVD-2018-20534 // BID: 105712 // IVD: e2fca5f0-39ab-11e9-b0fb-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2fca5f0-39ab-11e9-b0fb-000c29342cb1 // CNVD: CNVD-2018-20534

AFFECTED PRODUCTS

vendor:siemensmodel:simatic et 200spscope:gteversion:2.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500scope:gteversion:2.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500fscope:gteversion:2.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500scope:ltversion:2.5

Trust: 1.0

vendor:siemensmodel:simatic s7-1500fscope:ltversion:2.5

Trust: 1.0

vendor:siemensmodel:simatic et 200spscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500fscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200sp openscope:gteversion:v2.0<v2.5

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 software controllerscope:gteversion:v2.0<v2.0

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 cpu familyscope:gteversion:v2.0<v2.5

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 software controllerscope:eqversion:2.0

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:2.0

Trust: 0.3

vendor:siemensmodel:simatic et 200sp open controllerscope:eqversion:2.0

Trust: 0.3

vendor:siemensmodel:simatic s7-1500 software controllerscope:neversion:2.5

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:neversion:2.5

Trust: 0.3

vendor:simatic et 200spmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1500model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1500fmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: e2fca5f0-39ab-11e9-b0fb-000c29342cb1 // CNVD: CNVD-2018-20534 // BID: 105712 // JVNDB: JVNDB-2018-013472 // NVD: CVE-2018-13805

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-13805
value: HIGH

Trust: 1.0

NVD: CVE-2018-13805
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-20534
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201810-509
value: HIGH

Trust: 0.6

IVD: e2fca5f0-39ab-11e9-b0fb-000c29342cb1
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2018-13805
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-20534
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2fca5f0-39ab-11e9-b0fb-000c29342cb1
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2018-13805
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: IVD: e2fca5f0-39ab-11e9-b0fb-000c29342cb1 // CNVD: CNVD-2018-20534 // JVNDB: JVNDB-2018-013472 // CNNVD: CNNVD-201810-509 // NVD: CVE-2018-13805

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.8

sources: JVNDB: JVNDB-2018-013472 // NVD: CVE-2018-13805

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-509

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201810-509

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013472

PATCH

title:SSA-347726url:https://cert-portal.siemens.com/productcert/pdf/ssa-347726.pdf

Trust: 0.8

title:SIEMENS SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200SP Open denial of service vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/141765

Trust: 0.6

title:SIMATIC Repair measures for device security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86140

Trust: 0.6

sources: CNVD: CNVD-2018-20534 // JVNDB: JVNDB-2018-013472 // CNNVD: CNNVD-201810-509

EXTERNAL IDS

db:NVDid:CVE-2018-13805

Trust: 3.5

db:SIEMENSid:SSA-347726

Trust: 2.2

db:ICS CERTid:ICSA-18-282-05

Trust: 1.1

db:CNVDid:CNVD-2018-20534

Trust: 0.8

db:CNNVDid:CNNVD-201810-509

Trust: 0.8

db:JVNDBid:JVNDB-2018-013472

Trust: 0.8

db:BIDid:105712

Trust: 0.3

db:IVDid:E2FCA5F0-39AB-11E9-B0FB-000C29342CB1

Trust: 0.2

sources: IVD: e2fca5f0-39ab-11e9-b0fb-000c29342cb1 // CNVD: CNVD-2018-20534 // BID: 105712 // JVNDB: JVNDB-2018-013472 // CNNVD: CNNVD-201810-509 // NVD: CVE-2018-13805

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-347726.pdf

Trust: 2.2

url:https://ics-cert.us-cert.gov/advisories/icsa-18-282-05

Trust: 1.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13805

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-13805

Trust: 0.8

url:http://www.siemens.com/

Trust: 0.3

sources: CNVD: CNVD-2018-20534 // BID: 105712 // JVNDB: JVNDB-2018-013472 // CNNVD: CNNVD-201810-509 // NVD: CVE-2018-13805

CREDITS

Marcin Dudek, Jacek Gajewski, Kinga Staszkiewicz, Jakub Suchorab, and Joanna Walkiewicz from National Centre for Nuclear Research Poland

Trust: 0.3

sources: BID: 105712

SOURCES

db:IVDid:e2fca5f0-39ab-11e9-b0fb-000c29342cb1
db:CNVDid:CNVD-2018-20534
db:BIDid:105712
db:JVNDBid:JVNDB-2018-013472
db:CNNVDid:CNNVD-201810-509
db:NVDid:CVE-2018-13805

LAST UPDATE DATE

2024-08-14T14:19:46.803000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-20534date:2018-10-10T00:00:00
db:BIDid:105712date:2018-10-09T00:00:00
db:JVNDBid:JVNDB-2018-013472date:2019-02-21T00:00:00
db:CNNVDid:CNNVD-201810-509date:2019-04-01T00:00:00
db:NVDid:CVE-2018-13805date:2019-03-21T19:29:00.410

SOURCES RELEASE DATE

db:IVDid:e2fca5f0-39ab-11e9-b0fb-000c29342cb1date:2018-10-10T00:00:00
db:CNVDid:CNVD-2018-20534date:2018-10-10T00:00:00
db:BIDid:105712date:2018-10-09T00:00:00
db:JVNDBid:JVNDB-2018-013472date:2019-02-21T00:00:00
db:CNNVDid:CNNVD-201810-509date:2018-10-11T00:00:00
db:NVDid:CVE-2018-13805date:2018-10-10T17:29:04.170