cvelistv5 - cve-2018-13801

CVE-2018-13801 (GCVE-0-2018-13801)

Vulnerability from cvelistv5

Published

2018-10-10 17:00

Modified

2024-09-16 22:10

Severity ?

CWE

CWE-264 - Permissions, Privileges, and Access Controls

Summary

A vulnerability has been identified in ROX II (All versions < V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system.

References

URL

Tags

	https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/105545	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Siemens AG	ROX II	Version: All versions < V2.12.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:14:47.229Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf"
          },
          {
            "name": "105545",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105545"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ROX II",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.12.1"
            }
          ]
        }
      ],
      "datePublic": "2018-10-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in ROX II (All versions \u003c V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264: Permissions, Privileges, and Access Controls",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T09:57:01.000Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf"
        },
        {
          "name": "105545",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105545"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "DATE_PUBLIC": "2018-10-09T00:00:00",
          "ID": "CVE-2018-13801",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ROX II",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.12.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in ROX II (All versions \u003c V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-264: Permissions, Privileges, and Access Controls"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf"
            },
            {
              "name": "105545",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105545"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-13801",
    "datePublished": "2018-10-10T17:00:00.000Z",
    "dateReserved": "2018-07-10T00:00:00.000Z",
    "dateUpdated": "2024-09-16T22:10:15.826Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2018-AVI-476

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans SCADA les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC IPC627C toutes versions
Siemens	N/A	SIMATIC IPC847C toutes versions
Siemens	N/A	SIMATIC IPC227E toutes versions
Siemens	N/A	SIMATIC ITP1000 toutes versions
Siemens	N/A	SINUMERIK Panels wtih integrated TCU toutes versions
Siemens	N/A	SIMATIC S7-1200 CPU versions antérieures à 4.2.3 exclue
Siemens	N/A	SIMATIC IPC427D versions de BIOS antérieures à 17.0x.14 exclue
Siemens	N/A	SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP (MLFB: 6ES7518-4FX00-1AC0) toutes versions
Siemens	N/A	SIMATIC S7-1500 Software Controller versions comprises entre à 2.0 inclue et 2.5 exclue
Siemens	N/A	SIMATIC ET 200 SP Open Controller toutes versions
Siemens	N/A	SIMATIC Field PG M5 versions de BIOS antérieures à 22.01.06 exclue
Siemens	N/A	SIMATIC IPC477D versions de BIOS antérieures à 17.0x.14 exclue
Siemens	N/A	SIMATIC IPC827D toutes versions
Siemens	N/A	SIMATIC ET 200SP Open Controller versions supérieures à 2.0 inclue
Siemens	N/A	SCALANCE W1750D versions antérieures à 8.3.0.1 exclue
Siemens	N/A	SIMATIC IPC477E Pro versions de BIOS antérieures à 21.01.09 exclue
Siemens	N/A	SIMATIC ET 200 SP Open Controller (F) toutes versions
Siemens	N/A	SINUMERIK 840 D sl (NCU720.3B, NCU730.3B, NCU720.3, NCU730.3) toutes versions
Siemens	N/A	SIMATIC IPC427E versions de BIOS antérieures à 21.01.09 exclue
Siemens	N/A	SIMATIC S7-1500 (incl. F) versions comprises entre 2.0 inclus et 2.5 exclue
Siemens	N/A	SIMATIC IPC3000 SMART V2 toutes versions
Siemens	N/A	SIMATIC IPC277E toutes versions
Siemens	N/A	SIMATIC IPC347E toutes versions
Siemens	N/A	RUGGEDCOM RX1400 VPE toutes versions
Siemens	N/A	SIMATIC IPC647C toutes versions
Siemens	N/A	SIMATIC IPC647D toutes versions
Siemens	N/A	SIMATIC IPC627D toutes versions
Siemens	N/A	SIMOTION P320-4S toutes versions
Siemens	N/A	SIMATIC IPC827C toutes versions
Siemens	N/A	SIMOTION P320-4E toutes versions
Siemens	N/A	SIMATIC IPC547E toutes versions
Siemens	N/A	SIMATIC IPC677D toutes versions
Siemens	N/A	SINUMERIK PCU 50.5 toutes versions
Siemens	N/A	SIMATIC IPC477E versions de BIOS antérieures à 21.01.09 exclue
Siemens	N/A	SIMATIC IPC327E toutes versions
Siemens	N/A	SIMATIC IPC677C toutes versions
Siemens	N/A	SINUMERIK TCU 30.3 toutes versions
Siemens	N/A	SIMATIC IPC547G toutes versions
Siemens	N/A	SIMATIC Field PG M4 versions de BIOS antérieures à 18.01.09 exclue
Siemens	N/A	SIMATIC S7-1500 Software Controller toutes versions
Siemens	N/A	ROX II versions antérieures à 2.12.1 exclue
Siemens	N/A	SIMATIC IPC477C toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0) toutes versions
Siemens	N/A	SIMATIC IPC377E toutes versions
Siemens	N/A	SIMATIC IPC847D toutes versions
Siemens	N/A	SIMATIC IPC427C toutes versions
Siemens	N/A	RUGGEDCOM APE toutes versions

References

Title

Publication Time

Tags

Bulletin de sécurité SCADA Siemens ssa-507847 du 9 octobre 2018	None	vendor-advisory
Bulletin de sécurité SCADA Siemens ssa-254686 du 9 octobre 2018	None	vendor-advisory
Bulletin de sécurité SCADA Siemens ssa-347726 du 9 octobre 2018	None	vendor-advisory
Bulletin de sécurité SCADA Siemens ssa-493830 du 9 octobre 2018	None	vendor-advisory
Bulletin de sécurité SCADA Siemens ssa-464260 du 9 octobre 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC IPC627C toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC847C toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC227E toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ITP1000 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK Panels wtih integrated TCU toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1200 CPU versions ant\u00e9rieures \u00e0 4.2.3 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC427D versions de BIOS ant\u00e9rieures \u00e0 17.0x.14 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP (MLFB: 6ES7518-4FX00-1AC0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 Software Controller versions comprises entre \u00e0 2.0 inclue et 2.5 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ET 200 SP Open Controller toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Field PG M5 versions de BIOS ant\u00e9rieures \u00e0 22.01.06 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC477D versions de BIOS ant\u00e9rieures \u00e0 17.0x.14 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC827D toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ET 200SP Open Controller versions sup\u00e9rieures \u00e0 2.0 inclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE W1750D versions ant\u00e9rieures \u00e0 8.3.0.1 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC477E Pro versions de BIOS ant\u00e9rieures \u00e0 21.01.09 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ET 200 SP Open Controller (F) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK 840 D sl (NCU720.3B, NCU730.3B, NCU720.3, NCU730.3) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC427E versions de BIOS ant\u00e9rieures \u00e0 21.01.09 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 (incl. F) versions comprises entre 2.0 inclus et 2.5 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC3000 SMART V2 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC277E toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC347E toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RX1400 VPE toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC647C toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC647D toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC627D toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMOTION P320-4S toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC827C toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMOTION P320-4E toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC547E toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC677D toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK PCU 50.5 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC477E versions de BIOS ant\u00e9rieures \u00e0 21.01.09 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC327E toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC677C toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK TCU 30.3 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC547G toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Field PG M4 versions de BIOS ant\u00e9rieures \u00e0 18.01.09 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 Software Controller toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "ROX II versions ant\u00e9rieures \u00e0 2.12.1 exclue",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC477C toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC377E toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC847D toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC427C toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM APE toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-13099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13099"
    },
    {
      "name": "CVE-2018-13800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13800"
    },
    {
      "name": "CVE-2018-13805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13805"
    },
    {
      "name": "CVE-2018-3620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
    },
    {
      "name": "CVE-2018-13801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13801"
    },
    {
      "name": "CVE-2018-3646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3646"
    },
    {
      "name": "CVE-2018-3615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3615"
    }
  ],
  "initial_release_date": "2018-10-09T00:00:00",
  "last_revision_date": "2018-10-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2018-AVI-476",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-10-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans SCADA les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans SCADA Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-507847 du 9 octobre 2018",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-507847.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-254686 du 9 octobre 2018",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-347726 du 9 octobre 2018",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-347726.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-493830 du 9 octobre 2018",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-464260 du 9 octobre 2018",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-13801 (GCVE-0-2018-13801)

Vulnerability from cvelistv5

CERTFR-2018-AVI-476

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature