Sign-up

ID

VAR-201904-0657


CVE

CVE-2018-16559


TITLE

SIMATIC S7-1500 CPU Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015270

DESCRIPTION

A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. SIMATIC S7-1500 CPU Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The Siemens SIMATIC S7-1500 is a family of modular controllers. A denial of service vulnerability exists in the Siemens SIMATIC S7-1500 CPU. Attackers can exploit these issues to crash the affected application or consume excess memory, denying service to legitimate users

Trust: 2.7

sources: NVD: CVE-2018-16559 // JVNDB: JVNDB-2018-015270 // CNVD: CNVD-2019-00985 // BID: 106788 // IVD: 7d8430cf-463f-11e9-be43-000c29342cb1 // VULHUB: VHN-126930

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 7d8430cf-463f-11e9-be43-000c29342cb1 // CNVD: CNVD-2019-00985

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1500scope:gteversion:2.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500scope:lteversion:1.8.5

Trust: 1.0

vendor:siemensmodel:simatic s7-1500scope:ltversion:2.5

Trust: 1.0

vendor:siemensmodel:simatic s7-1500scope:lteversion:1.85

Trust: 0.8

vendor:siemensmodel:simatic s7-1500scope:ltversion:2.0 thats all 2.5

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 cpuscope:gteversion:v2.0<v2.5

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 cpuscope:lteversion:<=v1.8.5

Trust: 0.6

vendor:simatic s7 1500model: - scope:eqversion:*

Trust: 0.4

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.8.5

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.8.3

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.7

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:2.0

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.6

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:eqversion:1.5.0

Trust: 0.3

vendor:siemensmodel:simatic s7-1500scope:neversion:2.5

Trust: 0.3

sources: IVD: 7d8430cf-463f-11e9-be43-000c29342cb1 // CNVD: CNVD-2019-00985 // BID: 106788 // JVNDB: JVNDB-2018-015270 // NVD: CVE-2018-16559

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-16559
value: HIGH

Trust: 1.0

NVD: CVE-2018-16559
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-00985
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201901-308
value: HIGH

Trust: 0.6

IVD: 7d8430cf-463f-11e9-be43-000c29342cb1
value: HIGH

Trust: 0.2

VULHUB: VHN-126930
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-16559
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-00985
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d8430cf-463f-11e9-be43-000c29342cb1
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-126930
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-16559
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: IVD: 7d8430cf-463f-11e9-be43-000c29342cb1 // CNVD: CNVD-2019-00985 // VULHUB: VHN-126930 // JVNDB: JVNDB-2018-015270 // CNNVD: CNNVD-201901-308 // NVD: CVE-2018-16559

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-126930 // JVNDB: JVNDB-2018-015270 // NVD: CVE-2018-16559

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-308

TYPE

Input validation error

Trust: 0.8

sources: IVD: 7d8430cf-463f-11e9-be43-000c29342cb1 // CNNVD: CNNVD-201901-308

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015270

PATCH
title:SSA-180635url:https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf
Trust: 0.8
title:Patch for Siemens SIMATIC S7-1500 CPU Denial of Service Vulnerability (CNVD-2019-00985)url:https://www.cnvd.org.cn/patchInfo/show/149561
Trust: 0.6
title:SIMATIC S7-1500 CPU Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88501
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-00985 // 
            
            
            
            JVNDB: JVNDB-2018-015270 // 
            
            
            
            CNNVD: CNNVD-201901-308

EXTERNAL IDS
db:NVDid:CVE-2018-16559
Trust: 3.6
db:SIEMENSid:SSA-180635
Trust: 2.6
db:CNNVDid:CNNVD-201901-308
Trust: 0.9
db:BIDid:106788
Trust: 0.9
db:CNVDid:CNVD-2019-00985
Trust: 0.8
db:ICS CERTid:ICSA-19-036-04
Trust: 0.8
db:JVNDBid:JVNDB-2018-015270
Trust: 0.8
db:IVDid:7D8430CF-463F-11E9-BE43-000C29342CB1
Trust: 0.2
db:VULHUBid:VHN-126930
Trust: 0.1
sources:
            
            
            IVD: 7d8430cf-463f-11e9-be43-000c29342cb1 // 
            
            
            
            CNVD: CNVD-2019-00985 // 
            
            
            
            VULHUB: VHN-126930 // 
            
            
            
            BID: 106788 // 
            
            
            
            JVNDB: JVNDB-2018-015270 // 
            
            
            
            CNNVD: CNNVD-201901-308 // 
            
            
            
            NVD: CVE-2018-16559

REFERENCES
url:https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf
Trust: 2.6
url:https://nvd.nist.gov/vuln/detail/cve-2018-16559
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16559
Trust: 0.8
url:https://www.us-cert.gov/ics/advisories/icsa-19-036-04
Trust: 0.8
url:https://vigilance.fr/vulnerability/simatic-s7-1500-denial-of-service-via-http-28198
Trust: 0.6
url:http://www.securityfocus.com/bid/106788
Trust: 0.6
url:http://www.siemens.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2019-00985 // 
            
            
            
            VULHUB: VHN-126930 // 
            
            
            
            BID: 106788 // 
            
            
            
            JVNDB: JVNDB-2018-015270 // 
            
            
            
            CNNVD: CNNVD-201901-308 // 
            
            
            
            NVD: CVE-2018-16559

CREDITS
Ilya Karpov, Druzhinin Evgeny,Georgy Zaytsev, Dmitry Sklyarov, and Maxim Goryachy from PositiveTechnologies
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201901-308

SOURCES
db:IVDid:7d8430cf-463f-11e9-be43-000c29342cb1
db:CNVDid:CNVD-2019-00985
db:VULHUBid:VHN-126930
db:BIDid:106788
db:JVNDBid:JVNDB-2018-015270
db:CNNVDid:CNNVD-201901-308
db:NVDid:CVE-2018-16559

LAST UPDATE DATE
2024-11-23T22:25:57.399000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-00985date:2019-01-10T00:00:00
db:VULHUBid:VHN-126930date:2019-04-18T00:00:00
db:BIDid:106788date:2019-02-06T07:00:00
db:JVNDBid:JVNDB-2018-015270date:2019-07-08T00:00:00
db:CNNVDid:CNNVD-201901-308date:2019-04-19T00:00:00
db:NVDid:CVE-2018-16559date:2024-11-21T03:52:58.857

SOURCES RELEASE DATE
db:IVDid:7d8430cf-463f-11e9-be43-000c29342cb1date:2019-01-10T00:00:00
db:CNVDid:CNVD-2019-00985date:2019-01-10T00:00:00
db:VULHUBid:VHN-126930date:2019-04-17T00:00:00
db:BIDid:106788date:2019-01-08T00:00:00
db:JVNDBid:JVNDB-2018-015270date:2019-05-17T00:00:00
db:CNNVDid:CNNVD-201901-308date:2019-01-10T00:00:00
db:NVDid:CVE-2018-16559date:2019-04-17T14:29:03.323