Sign-up

ID

VAR-201904-0656


CVE

CVE-2018-16558


TITLE

Siemens SIMATIC S7-1500 CPU Denial of service vulnerability

Trust: 0.8

sources: IVD: 7d8430d0-463f-11e9-a56d-000c29342cb1 // CNVD: CNVD-2019-00984

DESCRIPTION

A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. SIMATIC S7-1500 CPU Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The Siemens SIMATIC S7-1500 is a family of modular controllers. A denial of service vulnerability exists in the Siemens SIMATIC S7-1500 CPU. Attackers can exploit these issues to crash the affected application or consume excess memory, denying service to legitimate users

Trust: 2.7

sources: NVD: CVE-2018-16558 // JVNDB: JVNDB-2018-015271 // CNVD: CNVD-2019-00984 // BID: 106788 // IVD: 7d8430d0-463f-11e9-a56d-000c29342cb1 // VULHUB: VHN-126929

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 7d8430d0-463f-11e9-a56d-000c29342cb1 // CNVD: CNVD-2019-00984

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1500scope:gteversion:2.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500scope:lteversion:1.8.5

Trust: 1.0

vendor:siemensmodel:simatic s7-1500scope:ltversion:2.5

Trust: 1.0

vendor:siemensmodel:simatic s7-1500scope:lteversion:1.85

Trust: 0.8

vendor:siemensmodel:simatic s7-1500scope:ltversion:2.0 thats all 2.5

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 cpuscope:gteversion:v2.0<v2.5

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 cpuscope:lteversion:<=v1.8.5

Trust: 0.6

vendor:simatic s7 1500model: - scope:eqversion:*

Trust: 0.4

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.8.5

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.8.3

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.7

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:2.0

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.6

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.5.0

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:neversion:2.5

Trust: 0.3

sources: IVD: 7d8430d0-463f-11e9-a56d-000c29342cb1 // CNVD: CNVD-2019-00984 // BID: 106788 // JVNDB: JVNDB-2018-015271 // NVD: CVE-2018-16558

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-16558
value: HIGH

Trust: 1.0

NVD: CVE-2018-16558
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-00984
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201901-307
value: HIGH

Trust: 0.6

IVD: 7d8430d0-463f-11e9-a56d-000c29342cb1
value: HIGH

Trust: 0.2

VULHUB: VHN-126929
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-16558
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-00984
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d8430d0-463f-11e9-a56d-000c29342cb1
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-126929
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-16558
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: IVD: 7d8430d0-463f-11e9-a56d-000c29342cb1 // CNVD: CNVD-2019-00984 // VULHUB: VHN-126929 // JVNDB: JVNDB-2018-015271 // CNNVD: CNNVD-201901-307 // NVD: CVE-2018-16558

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-126929 // JVNDB: JVNDB-2018-015271 // NVD: CVE-2018-16558

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-307

TYPE

Input validation error

Trust: 0.8

sources: IVD: 7d8430d0-463f-11e9-a56d-000c29342cb1 // CNNVD: CNNVD-201901-307

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015271

PATCH
title:SSA-180635url:https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf
Trust: 0.8
title:Patch for Siemens SIMATIC S7-1500 CPU Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/149559
Trust: 0.6
title:SIMATIC S7-1500 CPU Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88502
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-00984 // 
            
            
            
            JVNDB: JVNDB-2018-015271 // 
            
            
            
            CNNVD: CNNVD-201901-307

EXTERNAL IDS
db:NVDid:CVE-2018-16558
Trust: 3.6
db:SIEMENSid:SSA-180635
Trust: 2.6
db:CNNVDid:CNNVD-201901-307
Trust: 0.9
db:BIDid:106788
Trust: 0.9
db:CNVDid:CNVD-2019-00984
Trust: 0.8
db:ICS CERTid:ICSA-19-036-04
Trust: 0.8
db:JVNDBid:JVNDB-2018-015271
Trust: 0.8
db:IVDid:7D8430D0-463F-11E9-A56D-000C29342CB1
Trust: 0.2
db:VULHUBid:VHN-126929
Trust: 0.1
sources:
            
            
            IVD: 7d8430d0-463f-11e9-a56d-000c29342cb1 // 
            
            
            
            CNVD: CNVD-2019-00984 // 
            
            
            
            VULHUB: VHN-126929 // 
            
            
            
            BID: 106788 // 
            
            
            
            JVNDB: JVNDB-2018-015271 // 
            
            
            
            CNNVD: CNNVD-201901-307 // 
            
            
            
            NVD: CVE-2018-16558

REFERENCES
url:https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf
Trust: 2.6
url:https://nvd.nist.gov/vuln/detail/cve-2018-16558
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16558
Trust: 0.8
url:https://www.us-cert.gov/ics/advisories/icsa-19-036-04
Trust: 0.8
url:https://vigilance.fr/vulnerability/simatic-s7-1500-denial-of-service-via-http-28198
Trust: 0.6
url:http://www.securityfocus.com/bid/106788
Trust: 0.6
url:http://www.siemens.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2019-00984 // 
            
            
            
            VULHUB: VHN-126929 // 
            
            
            
            BID: 106788 // 
            
            
            
            JVNDB: JVNDB-2018-015271 // 
            
            
            
            CNNVD: CNNVD-201901-307 // 
            
            
            
            NVD: CVE-2018-16558

CREDITS
Ilya Karpov, Druzhinin Evgeny,Georgy Zaytsev, Dmitry Sklyarov, and Maxim Goryachy from PositiveTechnologies
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201901-307

SOURCES
db:IVDid:7d8430d0-463f-11e9-a56d-000c29342cb1
db:CNVDid:CNVD-2019-00984
db:VULHUBid:VHN-126929
db:BIDid:106788
db:JVNDBid:JVNDB-2018-015271
db:CNNVDid:CNNVD-201901-307
db:NVDid:CVE-2018-16558

LAST UPDATE DATE
2024-11-23T22:25:57.440000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-00984date:2019-01-10T00:00:00
db:VULHUBid:VHN-126929date:2019-04-18T00:00:00
db:BIDid:106788date:2019-02-06T07:00:00
db:JVNDBid:JVNDB-2018-015271date:2019-07-08T00:00:00
db:CNNVDid:CNNVD-201901-307date:2019-04-19T00:00:00
db:NVDid:CVE-2018-16558date:2024-11-21T03:52:58.733

SOURCES RELEASE DATE
db:IVDid:7d8430d0-463f-11e9-a56d-000c29342cb1date:2019-01-10T00:00:00
db:CNVDid:CNVD-2019-00984date:2019-01-10T00:00:00
db:VULHUBid:VHN-126929date:2019-04-17T00:00:00
db:BIDid:106788date:2019-01-08T00:00:00
db:JVNDBid:JVNDB-2018-015271date:2019-05-17T00:00:00
db:CNNVDid:CNNVD-201901-307date:2019-01-10T00:00:00
db:NVDid:CVE-2018-16558date:2019-04-17T14:29:03.293